a) SEP pre-implementation documents.
b) Pilot Setup
c) Production Setup
d) SEPM Configuration
e) Basic Configuration
a) Best Practices Documents : -
Documents for implementation/administration of SEP to be shared with customer and get approved before starting the project.
Document Includes: -
1. Implementation plan.
2. Prerequisites: Hardware and software prerequisite for installation of SEP
3. Network Architecture: Detailed network diagram of Customer environment with network topology, connectivity, OS versions, Number of systems, number of locations.
4. Solution guide : Documented guide for step by step installation procedure of server and client should be provided to the client.
b) Pilot Setup : -
The initial testing to be done on pilot setup, this is a small deployment in four to five systems for customer understanding the product before rolling it out across network.
c) Production Setup : -
For installation in production follow this procedure.
1. Always take a newly formatted server system with free from virus.
2. Ensure that only required software and Microsoft patches are installed.
3. Install SEP Unmanaged client on server to avoid virus infection on server before installing Manager.
4. Always use latest version of SEP software available.
d) SEPM Configuration: -
After Installing the SEP Manager below fine tuning should be done.
1. Create one more admin account with limited rights for your local engineers
2. Enter proxy details if you are using proxy server.
3. Enter Email server details for all notifications.
4. Set logs settings as per customer needs.
e) Basic Configuration: -
Following configuration recommendations are to be done in SEP manager.
1. In all Groups the settings of download policies and content from the management server will be Pull Mode.
2. Heartbeat frequency for client poling the server should be set to 30 to 60 minute if you have 1000 to 2000 clients in manager.
3. Enable Tamper Protection and set action as block it and log the event to protect Symantec security software from being tampered.
4. Open file system auto protect policy and set a action to Clean and Delete for Macro and Non Macro Virus and for security Risk set action as Quarantine/clean.
5. Risk Tracer should always be enabled to find out the source of attacker which can be blocked using IPS.
6. Schedule scan retry interval should be kept for 1 day or depending upon business criticality.
7. Always keep 30 numbers of content revisions for incremental updates between clients to manager.
End