12.0
Table Of Contents
- Implementation Guide for Symantec™ Endpoint Protection Small Business Edition
- Technical Support
- Contents
- 1. Introducing Symantec Endpoint Protection Small Business Edition
- About Symantec Endpoint Protection Small Business Edition
- About the types of protection
- Single console management
- How you are protected out-of-the-box
- Key features of Symantec Endpoint Protection Small Business Edition
- Components of Symantec Endpoint Protection Small Business Edition
- Where to get more information about Symantec Endpoint Protection Small Business Edition
- 2. Planning the installation
- 3. Installing Symantec Protection Center
- 4. Preparing for client installation
- 5. Installing the Symantec Endpoint Protection Small Business Edition client
- 6. Migrating to Symantec Endpoint Protection Small Business Edition
- 7. Starting the Symantec Protection Center console
- 8. Monitoring endpoint protection
- About monitoring endpoint protection
- Viewing the Daily Status Report
- Viewing the Weekly Status Report
- Viewing system protection
- Viewing virus and risk activity
- Viewing client inventory
- Finding unscanned computers
- Finding offline computers
- Viewing risks
- Viewing attack targets and sources
- About events and event logs
- 9. Managing security policies and computer groups
- 10. Managing content updates from LiveUpdate
- 11. Managing notifications
- 12. Managing product licenses
- 13. Managing protection scans
- About managing protection scans
- How protection scans work
- About the default protection scan settings
- Enabling File System Auto-Protect
- Scheduling an administrator-defined scan
- Scanning computers
- Updating virus definitions on computers
- About managing quarantined files
- Enabling or disabling TruScan proactive threat scans
- About adjusting the protection scans
- About exceptions
- 14. Managing firewall protection
- 15. Managing intrusion prevention protection
- 16. Managing administrator accounts
- 17. Managing disaster recovery
- A. Maintaining and troubleshooting Symantec Endpoint Protection Small Business Edition
- Restarting client computers
- Finding managed computers
- Converting an unmanaged computer
- Finding the server host name and IP address
- Modifying email server settings
- Modifying the server installation settings
- Investigating client problems
- Troubleshooting Symantec Protection Center communication problems
- Troubleshooting content update problems
- Providing information for Symantec Support
- B. Managing mobile clients and remote clients
- Index
For example, virus and spyware, firewall, LiveUpdate, and intrusion protection
each have a separate policy. Only one policy for each type of protection can be
applied to any given group. Therefore, to establish more than one level of
restrictions, separate groups must be created and then assigned the appropriate
protection policies.
The fewer the number of groups that you create, the simpler it is to manage your
security policies.
For information about how to set up groups and policies, see the Implementation
Guide for Symantec Endpoint Protection Small Business Edition.
As a best practice, you should not allow users to turn off the following protections:
■ Auto-Protect
■ TruScan proactive threat scans
■ The firewall rules that you have created
About strengthening your security policies for remote
clients
When you manage remote users, you essentially take some form of one of the
following positions:
■ Leave the default policies in place, so that you do not impede remote users in
the use of their computers.
■ Strengthen your default security policies to provide more protection for your
network, even if it restricts what remote users can do.
In most situations, the best practice is to strengthen your security policies for
remote clients.
About best practices for Firewall Policy settings
A best practice for a Firewall Policy is to assign the strictest security policies to
clients that log on remotely without using a VPN. In addition to the default settings,
to increase security, you can block all local TCP traffic on the NetBios ports 135,
139, and 445.
The following settings are recommended as best practice for the Firewall Policy
for the remote clients where users log on through a VPN:
■ Leave as-is all the rules that block traffic from any Host.
■ Leave as-is the rule that allows VPN traffic from any Host.
161Managing mobile clients and remote clients
About strengthening your security policies for remote clients