Endpoint Protection

 View Only
Back to Library

Best practice for SEP installation /upgradation. 

Jun 10, 2009 05:14 AM


a) SEP pre-implementation documents.
b) Pilot Setup
c) Production Setup
d) SEPM Configuration
e) Basic Configuration


a) Best Practices Documents : -

 

Documents for implementation/administration of SEP to be shared with customer and get approved before starting the project.

Document Includes: -
1. Implementation plan.
2. Prerequisites: Hardware and software prerequisite for installation of SEP
3. Network Architecture: Detailed network diagram of Customer environment with network topology, connectivity, OS versions, Number of systems, number of locations.
4. Solution guide : Documented guide for step by step installation procedure of server and client should be provided to the client.


b) Pilot Setup : -

The initial testing to be done on pilot setup, this is a small deployment in four to five systems for customer understanding the product before rolling it out across network.

c) Production Setup : -

For installation in production follow this procedure.

1. Always take a newly formatted server system with free from virus.
2. Ensure that only required software and Microsoft patches are installed.
3. Install SEP Unmanaged client on server to avoid virus infection on server before installing Manager.
4. Always use latest version of SEP software available.


d) SEPM Configuration: -


After Installing the SEP Manager below fine tuning should be done.

1. Create one more admin account with limited rights for your local engineers
2. Enter proxy details if you are using proxy server.
3. Enter Email server details for all notifications.
4. Set logs settings as per customer needs.

e) Basic Configuration: -

Following configuration recommendations are to be done in SEP manager.

1. In all Groups the settings of download policies and content from the management server will be Pull Mode.
2. Heartbeat frequency for client poling the server should be set to 30 to 60 minute if you have 1000 to 2000 clients in manager.
3. Enable Tamper Protection and set action as block it and log the event to protect Symantec security software from being tampered.
4. Open file system auto protect policy and set a action to Clean and Delete for Macro and Non Macro Virus and for security Risk set action as Quarantine/clean.
5. Risk Tracer should always be enabled to find out the source of attacker which can be blocked using IPS.
6. Schedule scan retry interval should be kept for 1 day or depending upon business criticality.
7. Always keep 30 numbers of content revisions for incremental updates between clients to manager.

End

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Migration User
Apr 08, 2014 01:55 AM

SEP is a big subject. As it's one of the most critical software in industry. One wrong policy can stuck your business and would take hours or days to get route cause. It's very important to refer product documentation, it's working methodology, Policies and Product behaviour before handling it in organisations. Documents above listed could be a good startnig to get knowledge of SEPM.

haroldvm89
Apr 08, 2014 12:14 AM

Excellent!! Great info! I was looking for a guideline for a proper implementation

 

Migration User
Jun 17, 2009 10:00 AM

Always share Knowledge to gain.

Migration User
Jun 17, 2009 09:59 AM

Great Article...!

Migration User
Jun 17, 2009 09:57 AM

Hi Thanks for a good Ideas share...

Migration User
Jun 16, 2009 04:44 AM

thanks for sharing the file..
we shall check it out..
by the way.. could I go directly migrate from SAV10.1 to SEPM MR4 MP2 immediately?
thanks...

Related Entries and Links

No Related Resource entered.