Endpoint Protection

Hello,

Can someone tell me if it is best practice to use SSL with SEP 12.x?

Cheers,

Cameron Mottus

It depends on your company policy. There is no best practice. If you want to encrypt communication between client/server and reporting than you can use it.

Configuring SSL between Symantec Endpoint Protection Manager and the clients

if you do not want anyone to see the traffic between client and SEPM then you can enable the SSL.

Basically if the SEPM is internet facing then it might be enabled.

Thanks guys.

I am curious because with EV you can also enable SSL but I have never seen anyone do it.

Is there a good reason why you would not enable SSL?

if the traffic is not on internet, then the possiblity of attack is less hence SSL may not be needed in LAN/VPN

Hello,

The communications used when accessing the SEPM's web console are encrypted.  This traffic is encrypted using the SEPM's own self-signed certificate (and therefore untrusted by your machines by default), which is the reason behind the certificate warnings you receive.

You don't need to do anything to add SSL encryption for console access, it is already there.

However, check these Articles:

Configuring SSL between Symantec Endpoint Protection Manager and the clients

http://www.symantec.com/docs/HOWTO55351

Symantec Endpoint Protection 12.1: Enabling SSL Between the Manager and Clients

http://www.symantec.com/docs/TECH162326

Enabling SSL Between the Symantec Endpoint Protection Manager and Client

https://www-secure.symantec.com/connect/articles/enabling-ssl-between-symantec-endpoint-protection-manager-and-client

Moreover, incase you are thinking using the SEPM 12.1 webconsole over SSL, check this Thread:

https://www-secure.symantec.com/connect/forums/how-install-proper-ssl-certificate-sepm-server

Hope that helps!!

Probably not so much for internal, unless you work for gov't or a nuke plant.

As Pete suggested, if in DMZ, it is a godo idea.