12.0

ManualsBrandsSymantec ManualsApplicationsEndpoint Protection

159

160

161

162

163

164

165

166

167

168

Table Of Contents

Implementation Guide for Symantec™ Endpoint Protection Small Business Edition
Technical Support
Contents
1. Introducing Symantec Endpoint Protection Small Business Edition
- About Symantec Endpoint Protection Small Business Edition
- About the types of protection
- Single console management
- How you are protected out-of-the-box
- Key features of Symantec Endpoint Protection Small Business Edition
- Components of Symantec Endpoint Protection Small Business Edition
- Where to get more information about Symantec Endpoint Protection Small Business Edition
  - Technical Support resources
2. Planning the installation
- Planning the installation
- Network architecture considerations
- Guidelines for managing portable computers
- About trialware
- Product license requirements
- System requirements
- Preparing your computers for installation
3. Installing Symantec Protection Center
- Installing Symantec Protection Center
- About the installation wizards
- About the Symantec Protection Center installation settings
- Installing the server and the console
  - Configuring the server
  - Creating the database
- What to do after you install Symantec Protection Center
- Uninstalling Symantec Protection Center
4. Preparing for client installation
- Preparing for client installation
- Configuring firewalls for remote deployment
- Preparing computers for remote deployment
5. Installing the Symantec Endpoint Protection Small Business Edition client
- Installing the Symantec Endpoint Protection Small Business Edition client
  - About managed and unmanaged computers
- About the client installation settings
- About deploying clients
- About reinstalling client protection
- Installing an unmanaged computer
- Uninstalling the client
6. Migrating to Symantec Endpoint Protection Small Business Edition
- About migrating to Symantec Endpoint Protection Small Business Edition
- Migrating legacy installations
  - About migrating computer groups
  - Migrating group settings and policy settings
- Upgrading Symantec Endpoint Protection Small Business Edition
7. Starting the Symantec Protection Center console
- About starting the Symantec Protection Center console
- About the console
- Logging on to the console
- Logging on to a remote console
- Resetting a forgotten password
- What you can do from the console
- Configuring console preferences
8. Monitoring endpoint protection
- About monitoring endpoint protection
- Viewing the Daily Status Report
- Viewing the Weekly Status Report
- Viewing system protection
- Viewing virus and risk activity
- Viewing client inventory
- Finding unscanned computers
- Finding offline computers
- Viewing risks
- Viewing attack targets and sources
- About events and event logs
9. Managing security policies and computer groups
- About managing security policies and computer groups
- About computer groups
- About the security policies
- How policies are assigned to groups
- How computers get policy updates
- Assigning a policy to a group
- Testing a security policy
10. Managing content updates from LiveUpdate
- About managing content updates from LiveUpdate
- About LiveUpdate
- How clients receive content updates
- About the default LiveUpdate schedules
  - Configuring LiveUpdate for the server
  - Enabling LiveUpdate for clients
- Checking LiveUpdate server activity
- Viewing LiveUpdate downloads
- Manually downloading content updates to Symantec Protection Center
11. Managing notifications
- About managing notifications
- How notifications work
- About the default notifications
- Viewing notifications
- Creating a notification
- Creating a notification filter
12. Managing product licenses
- About managing product licenses
- About licenses
- About the Symantec Licensing Portal
  - Creating a Symantec Licensing Portal account
- Checking license status
- About purchasing a license
- Registering a serial number
- Importing a license
- About upgrading trialware
- About renewing a license
- Downloading a license file
- Backing up your license files
13. Managing protection scans
- About managing protection scans
- How protection scans work
  - About the types of protection scans
- About the default protection scan settings
- Enabling File System Auto-Protect
- Scheduling an administrator-defined scan
  - Scheduling a startup scan
  - Scheduling a triggered scan
- Scanning computers
- Updating virus definitions on computers
- About managing quarantined files
- Enabling or disabling TruScan proactive threat scans
- About adjusting the protection scans
- About exceptions
  - Configuring an exception
14. Managing firewall protection
- About managing firewall protection
- How the firewall works
- About the default firewall protection
- Enabling firewall protection
- Adjusting the firewall security level
- Configuring a firewall notification
- About adjusting firewall protection
15. Managing intrusion prevention protection
- About managing Intrusion Prevention protection
- How Intrusion Prevention protection works
- About the default Intrusion Prevention settings
- Enabling Intrusion Prevention
- Blocking an attacking computer
- Specifying Intrusion Prevention exceptions
16. Managing administrator accounts
- About managing administrator accounts
- About administrator accounts
- Creating an administrator account
- Editing an administrator account
- Enabling forgotten passwords
17. Managing disaster recovery
- Managing disaster recovery
- About preparing for disaster recovery
- Backing up the database
- Moving the server
- Reinstalling Symantec Protection Center
- Restoring the database
- Loading a disaster recovery file
A. Maintaining and troubleshooting Symantec Endpoint Protection Small Business Edition
- Restarting client computers
- Finding managed computers
- Converting an unmanaged computer
- Finding the server host name and IP address
- Modifying email server settings
- Modifying the server installation settings
- Investigating client problems
- Troubleshooting Symantec Protection Center communication problems
- Troubleshooting content update problems
- Providing information for Symantec Support
B. Managing mobile clients and remote clients
- About mobile clients and remote clients
- About setting up groups for remote clients
- About strengthening your security policies for remote clients
- About client notifications
- About monitoring remote clients
Index

For example, virus and spyware, firewall, LiveUpdate, and intrusion protection

each have a separate policy. Only one policy for each type of protection can be

applied to any given group. Therefore, to establish more than one level of

restrictions, separate groups must be created and then assigned the appropriate

protection policies.

The fewer the number of groups that you create, the simpler it is to manage your

security policies.

For information about how to set up groups and policies, see the Implementation

Guide for Symantec Endpoint Protection Small Business Edition.

As a best practice, you should not allow users to turn off the following protections:

■ Auto-Protect

■ TruScan proactive threat scans

■ The firewall rules that you have created

About strengthening your security policies for remote

clients

When you manage remote users, you essentially take some form of one of the

following positions:

■ Leave the default policies in place, so that you do not impede remote users in

the use of their computers.

■ Strengthen your default security policies to provide more protection for your

network, even if it restricts what remote users can do.

In most situations, the best practice is to strengthen your security policies for

remote clients.

About best practices for Firewall Policy settings

A best practice for a Firewall Policy is to assign the strictest security policies to

clients that log on remotely without using a VPN. In addition to the default settings,

to increase security, you can block all local TCP traffic on the NetBios ports 135,

139, and 445.

The following settings are recommended as best practice for the Firewall Policy

for the remote clients where users log on through a VPN:

■ Leave as-is all the rules that block traffic from any Host.

■ Leave as-is the rule that allows VPN traffic from any Host.

161Managing mobile clients and remote clients

About strengthening your security policies for remote clients