12.0

ManualsBrandsSymantec ManualsApplicationsEndpoint Protection

131

132

133

134

135

136

137

138

139

140

Table Of Contents

Implementation Guide for Symantec™ Endpoint Protection Small Business Edition
Technical Support
Contents
1. Introducing Symantec Endpoint Protection Small Business Edition
- About Symantec Endpoint Protection Small Business Edition
- About the types of protection
- Single console management
- How you are protected out-of-the-box
- Key features of Symantec Endpoint Protection Small Business Edition
- Components of Symantec Endpoint Protection Small Business Edition
- Where to get more information about Symantec Endpoint Protection Small Business Edition
  - Technical Support resources
2. Planning the installation
- Planning the installation
- Network architecture considerations
- Guidelines for managing portable computers
- About trialware
- Product license requirements
- System requirements
- Preparing your computers for installation
3. Installing Symantec Protection Center
- Installing Symantec Protection Center
- About the installation wizards
- About the Symantec Protection Center installation settings
- Installing the server and the console
  - Configuring the server
  - Creating the database
- What to do after you install Symantec Protection Center
- Uninstalling Symantec Protection Center
4. Preparing for client installation
- Preparing for client installation
- Configuring firewalls for remote deployment
- Preparing computers for remote deployment
5. Installing the Symantec Endpoint Protection Small Business Edition client
- Installing the Symantec Endpoint Protection Small Business Edition client
  - About managed and unmanaged computers
- About the client installation settings
- About deploying clients
- About reinstalling client protection
- Installing an unmanaged computer
- Uninstalling the client
6. Migrating to Symantec Endpoint Protection Small Business Edition
- About migrating to Symantec Endpoint Protection Small Business Edition
- Migrating legacy installations
  - About migrating computer groups
  - Migrating group settings and policy settings
- Upgrading Symantec Endpoint Protection Small Business Edition
7. Starting the Symantec Protection Center console
- About starting the Symantec Protection Center console
- About the console
- Logging on to the console
- Logging on to a remote console
- Resetting a forgotten password
- What you can do from the console
- Configuring console preferences
8. Monitoring endpoint protection
- About monitoring endpoint protection
- Viewing the Daily Status Report
- Viewing the Weekly Status Report
- Viewing system protection
- Viewing virus and risk activity
- Viewing client inventory
- Finding unscanned computers
- Finding offline computers
- Viewing risks
- Viewing attack targets and sources
- About events and event logs
9. Managing security policies and computer groups
- About managing security policies and computer groups
- About computer groups
- About the security policies
- How policies are assigned to groups
- How computers get policy updates
- Assigning a policy to a group
- Testing a security policy
10. Managing content updates from LiveUpdate
- About managing content updates from LiveUpdate
- About LiveUpdate
- How clients receive content updates
- About the default LiveUpdate schedules
  - Configuring LiveUpdate for the server
  - Enabling LiveUpdate for clients
- Checking LiveUpdate server activity
- Viewing LiveUpdate downloads
- Manually downloading content updates to Symantec Protection Center
11. Managing notifications
- About managing notifications
- How notifications work
- About the default notifications
- Viewing notifications
- Creating a notification
- Creating a notification filter
12. Managing product licenses
- About managing product licenses
- About licenses
- About the Symantec Licensing Portal
  - Creating a Symantec Licensing Portal account
- Checking license status
- About purchasing a license
- Registering a serial number
- Importing a license
- About upgrading trialware
- About renewing a license
- Downloading a license file
- Backing up your license files
13. Managing protection scans
- About managing protection scans
- How protection scans work
  - About the types of protection scans
- About the default protection scan settings
- Enabling File System Auto-Protect
- Scheduling an administrator-defined scan
  - Scheduling a startup scan
  - Scheduling a triggered scan
- Scanning computers
- Updating virus definitions on computers
- About managing quarantined files
- Enabling or disabling TruScan proactive threat scans
- About adjusting the protection scans
- About exceptions
  - Configuring an exception
14. Managing firewall protection
- About managing firewall protection
- How the firewall works
- About the default firewall protection
- Enabling firewall protection
- Adjusting the firewall security level
- Configuring a firewall notification
- About adjusting firewall protection
15. Managing intrusion prevention protection
- About managing Intrusion Prevention protection
- How Intrusion Prevention protection works
- About the default Intrusion Prevention settings
- Enabling Intrusion Prevention
- Blocking an attacking computer
- Specifying Intrusion Prevention exceptions
16. Managing administrator accounts
- About managing administrator accounts
- About administrator accounts
- Creating an administrator account
- Editing an administrator account
- Enabling forgotten passwords
17. Managing disaster recovery
- Managing disaster recovery
- About preparing for disaster recovery
- Backing up the database
- Moving the server
- Reinstalling Symantec Protection Center
- Restoring the database
- Loading a disaster recovery file
A. Maintaining and troubleshooting Symantec Endpoint Protection Small Business Edition
- Restarting client computers
- Finding managed computers
- Converting an unmanaged computer
- Finding the server host name and IP address
- Modifying email server settings
- Modifying the server installation settings
- Investigating client problems
- Troubleshooting Symantec Protection Center communication problems
- Troubleshooting content update problems
- Providing information for Symantec Support
B. Managing mobile clients and remote clients
- About mobile clients and remote clients
- About setting up groups for remote clients
- About strengthening your security policies for remote clients
- About client notifications
- About monitoring remote clients
Index

To enable Intrusion Prevention

In the console, click Policies.

On the Policies page, select the Intrusion Prevention Policy, and then

right-click Edit.

In the policy, click Settings.

In the policy, click Enable Intrusion Prevention.

Click OK.

Blocking an attacking computer

Intrusion Prevention protection automatically blocks all communication to and

from an attacking computer for a specified period of time. Intrusion prevention

attacks are recorded in the Network Threat Protection Log.

See “Viewing the Network Threat Protection Log” on page 76.

To block an attacking computer

In the console, click Policies.

On the Policies page, select the Intrusion Prevention Policy, and then

right-click Edit.

In the policy, click Settings.

In the policy, specify the following information:

Check this box to block all communication to and from

an attacking computer.

Automatically block an

attacker's IP address

Type the number of seconds to block all communication

to and from an attacking computer.

Number of seconds during

which to block the IP

address

Click OK.

Specifying Intrusion Prevention exceptions

You specify the signatures that have different detection responses.

Managing intrusion prevention protection

Blocking an attacking computer

140