12.0
Table Of Contents
- Implementation Guide for Symantec™ Endpoint Protection Small Business Edition
- Technical Support
- Contents
- 1. Introducing Symantec Endpoint Protection Small Business Edition
- About Symantec Endpoint Protection Small Business Edition
- About the types of protection
- Single console management
- How you are protected out-of-the-box
- Key features of Symantec Endpoint Protection Small Business Edition
- Components of Symantec Endpoint Protection Small Business Edition
- Where to get more information about Symantec Endpoint Protection Small Business Edition
- 2. Planning the installation
- 3. Installing Symantec Protection Center
- 4. Preparing for client installation
- 5. Installing the Symantec Endpoint Protection Small Business Edition client
- 6. Migrating to Symantec Endpoint Protection Small Business Edition
- 7. Starting the Symantec Protection Center console
- 8. Monitoring endpoint protection
- About monitoring endpoint protection
- Viewing the Daily Status Report
- Viewing the Weekly Status Report
- Viewing system protection
- Viewing virus and risk activity
- Viewing client inventory
- Finding unscanned computers
- Finding offline computers
- Viewing risks
- Viewing attack targets and sources
- About events and event logs
- 9. Managing security policies and computer groups
- 10. Managing content updates from LiveUpdate
- 11. Managing notifications
- 12. Managing product licenses
- 13. Managing protection scans
- About managing protection scans
- How protection scans work
- About the default protection scan settings
- Enabling File System Auto-Protect
- Scheduling an administrator-defined scan
- Scanning computers
- Updating virus definitions on computers
- About managing quarantined files
- Enabling or disabling TruScan proactive threat scans
- About adjusting the protection scans
- About exceptions
- 14. Managing firewall protection
- 15. Managing intrusion prevention protection
- 16. Managing administrator accounts
- 17. Managing disaster recovery
- A. Maintaining and troubleshooting Symantec Endpoint Protection Small Business Edition
- Restarting client computers
- Finding managed computers
- Converting an unmanaged computer
- Finding the server host name and IP address
- Modifying email server settings
- Modifying the server installation settings
- Investigating client problems
- Troubleshooting Symantec Protection Center communication problems
- Troubleshooting content update problems
- Providing information for Symantec Support
- B. Managing mobile clients and remote clients
- Index
To enable Intrusion Prevention
1
In the console, click Policies.
2
On the Policies page, select the Intrusion Prevention Policy, and then
right-click Edit.
3
In the policy, click Settings.
4
In the policy, click Enable Intrusion Prevention.
5
Click OK.
Blocking an attacking computer
Intrusion Prevention protection automatically blocks all communication to and
from an attacking computer for a specified period of time. Intrusion prevention
attacks are recorded in the Network Threat Protection Log.
See “Viewing the Network Threat Protection Log” on page 76.
To block an attacking computer
1
In the console, click Policies.
2
On the Policies page, select the Intrusion Prevention Policy, and then
right-click Edit.
3
In the policy, click Settings.
4
In the policy, specify the following information:
Check this box to block all communication to and from
an attacking computer.
Automatically block an
attacker's IP address
Type the number of seconds to block all communication
to and from an attacking computer.
Number of seconds during
which to block the IP
address
5
Click OK.
Specifying Intrusion Prevention exceptions
You specify the signatures that have different detection responses.
Managing intrusion prevention protection
Blocking an attacking computer
140