12.0

ManualsBrandsSymantec ManualsApplicationsEndpoint Protection

Table Of Contents

Implementation Guide for Symantec™ Endpoint Protection Small Business Edition
Technical Support
Contents
1. Introducing Symantec Endpoint Protection Small Business Edition
- About Symantec Endpoint Protection Small Business Edition
- About the types of protection
- Single console management
- How you are protected out-of-the-box
- Key features of Symantec Endpoint Protection Small Business Edition
- Components of Symantec Endpoint Protection Small Business Edition
- Where to get more information about Symantec Endpoint Protection Small Business Edition
  - Technical Support resources
2. Planning the installation
- Planning the installation
- Network architecture considerations
- Guidelines for managing portable computers
- About trialware
- Product license requirements
- System requirements
- Preparing your computers for installation
3. Installing Symantec Protection Center
- Installing Symantec Protection Center
- About the installation wizards
- About the Symantec Protection Center installation settings
- Installing the server and the console
  - Configuring the server
  - Creating the database
- What to do after you install Symantec Protection Center
- Uninstalling Symantec Protection Center
4. Preparing for client installation
- Preparing for client installation
- Configuring firewalls for remote deployment
- Preparing computers for remote deployment
5. Installing the Symantec Endpoint Protection Small Business Edition client
- Installing the Symantec Endpoint Protection Small Business Edition client
  - About managed and unmanaged computers
- About the client installation settings
- About deploying clients
- About reinstalling client protection
- Installing an unmanaged computer
- Uninstalling the client
6. Migrating to Symantec Endpoint Protection Small Business Edition
- About migrating to Symantec Endpoint Protection Small Business Edition
- Migrating legacy installations
  - About migrating computer groups
  - Migrating group settings and policy settings
- Upgrading Symantec Endpoint Protection Small Business Edition
7. Starting the Symantec Protection Center console
- About starting the Symantec Protection Center console
- About the console
- Logging on to the console
- Logging on to a remote console
- Resetting a forgotten password
- What you can do from the console
- Configuring console preferences
8. Monitoring endpoint protection
- About monitoring endpoint protection
- Viewing the Daily Status Report
- Viewing the Weekly Status Report
- Viewing system protection
- Viewing virus and risk activity
- Viewing client inventory
- Finding unscanned computers
- Finding offline computers
- Viewing risks
- Viewing attack targets and sources
- About events and event logs
9. Managing security policies and computer groups
- About managing security policies and computer groups
- About computer groups
- About the security policies
- How policies are assigned to groups
- How computers get policy updates
- Assigning a policy to a group
- Testing a security policy
10. Managing content updates from LiveUpdate
- About managing content updates from LiveUpdate
- About LiveUpdate
- How clients receive content updates
- About the default LiveUpdate schedules
  - Configuring LiveUpdate for the server
  - Enabling LiveUpdate for clients
- Checking LiveUpdate server activity
- Viewing LiveUpdate downloads
- Manually downloading content updates to Symantec Protection Center
11. Managing notifications
- About managing notifications
- How notifications work
- About the default notifications
- Viewing notifications
- Creating a notification
- Creating a notification filter
12. Managing product licenses
- About managing product licenses
- About licenses
- About the Symantec Licensing Portal
  - Creating a Symantec Licensing Portal account
- Checking license status
- About purchasing a license
- Registering a serial number
- Importing a license
- About upgrading trialware
- About renewing a license
- Downloading a license file
- Backing up your license files
13. Managing protection scans
- About managing protection scans
- How protection scans work
  - About the types of protection scans
- About the default protection scan settings
- Enabling File System Auto-Protect
- Scheduling an administrator-defined scan
  - Scheduling a startup scan
  - Scheduling a triggered scan
- Scanning computers
- Updating virus definitions on computers
- About managing quarantined files
- Enabling or disabling TruScan proactive threat scans
- About adjusting the protection scans
- About exceptions
  - Configuring an exception
14. Managing firewall protection
- About managing firewall protection
- How the firewall works
- About the default firewall protection
- Enabling firewall protection
- Adjusting the firewall security level
- Configuring a firewall notification
- About adjusting firewall protection
15. Managing intrusion prevention protection
- About managing Intrusion Prevention protection
- How Intrusion Prevention protection works
- About the default Intrusion Prevention settings
- Enabling Intrusion Prevention
- Blocking an attacking computer
- Specifying Intrusion Prevention exceptions
16. Managing administrator accounts
- About managing administrator accounts
- About administrator accounts
- Creating an administrator account
- Editing an administrator account
- Enabling forgotten passwords
17. Managing disaster recovery
- Managing disaster recovery
- About preparing for disaster recovery
- Backing up the database
- Moving the server
- Reinstalling Symantec Protection Center
- Restoring the database
- Loading a disaster recovery file
A. Maintaining and troubleshooting Symantec Endpoint Protection Small Business Edition
- Restarting client computers
- Finding managed computers
- Converting an unmanaged computer
- Finding the server host name and IP address
- Modifying email server settings
- Modifying the server installation settings
- Investigating client problems
- Troubleshooting Symantec Protection Center communication problems
- Troubleshooting content update problems
- Providing information for Symantec Support
B. Managing mobile clients and remote clients
- About mobile clients and remote clients
- About setting up groups for remote clients
- About strengthening your security policies for remote clients
- About client notifications
- About monitoring remote clients
Index

Table 4-1

Client computer preparation (continued)

DescriptionActionStep

Identify the computer groups to use during client installation.

See “About computer groups” on page 81.

Identify computer groupsStep 5

Configuring firewalls for remote deployment

Windows firewalls can interfere with remote client installation and deployment.

Table 4-2 lists the different ways to configure Windows firewall settings, depending

on the operating systems to which you install. See your Windows documentation

for more information.

Table 4-2

Firewall modifications

DescriptionConfiguration

Perform the following tasks to install the client software

remotely:

■ Permit the server to send traffic from TCP ports

1024-5000 to TCP ports 139 and 145 on the clients.

Stateful inspection permits the return traffic

automatically.

■ Permit the clients to receive traffic from the server TCP

ports 1024-5000 on TCP port 139. You must permit the

clients to send traffic from TCP port 139 to TCP ports

1024-5000 on the server.

■ For legacy communications, open UDP port 2967 on all

computers.

Permit servers to send and

receive traffic to and from

TCP ports

Windows Firewall can interfere with remote installation

and communication between the server and the client

computers.

If your computers run any of these operating systems,

perform one of the following tasks:

■ Disable Windows Firewall on the computers.

■ Leave Windows Firewall enabled, and configure the

firewall rules to open ports to permit deployment.

Note: In Windows XP with SP1, the Windows firewall is

called Internet Connection Firewall.

Disable Windows Firewall in

Windows XP, Windows

Server 2003, or Windows

Server 2008

Preparing for client installation

Configuring firewalls for remote deployment