Endpoint Protection

 View Only

  • 1.  SEP and Embedded Windows 7 / XP

    Posted Feb 27, 2012 11:51 AM

    Hi, looking through the community forums I cant seem to find what I'm looking for. We currently run SEP 11.0.6 on our way to 12.1. We are going to be deploying thin laptops and just wondering if Symantec has a recommended settings/feature set for the thin clients? I see some people recommend running just on demand scan to lower the impact on the system.Thanks for any info/links I searched but could not find much



  • 2.  RE: SEP and Embedded Windows 7 / XP

    Posted Feb 27, 2012 12:50 PM

     

    The procedure below was developed using HP t5730 thin clients and may not apply to other models hosting the XP embedded OS.
    The procedure below is NOT supported by Symantec Technical Support and is provided only for your convenience.

    Follow the steps below to prepare your Thin Clients for SEP install:

    1. Disable the EWF (Enhanced Write Filter) using the following command: 

      ewfmgr.exe c: -Disable
    2. Restart the Thin Client.
    3. Change the RAMDisk size:
      1. Control Panel\HP RAMDisk Manager.
      2. Set the RAMDisk size to the highest value (64MB) (do not restart).
    4. Change the temporary folder to a USB drive, network drive, or a folder on C: with 300+ MB available.
      1. Control Panel>System>Advanced.
      2. Change the “User variables for Administrator” for TEMP and TMP to a USB drive or a network drive with adequate free space.
    5. Take note of the existing TEMP and TMP paths.
    6. Change the “System variables” TEMP and TMP to a USB drive or a network drive with adequate free space and take note of the existing TEMP and TMP path.
    7. Restart the HP t5730 thin client.
    8. Install the Windows Firewall:
      1. HP XPe Add-On (Windows Firewall) 2.00 Rev. B (17 May 2009) sp43811.exe.
      2. Run “Add_Windows_Firewall_2.00_B1.exe –s” from the extracted components.
      3. Wait for the “Netsh” command windows.
    9. Restart.
    10. Disable the Windows Firewall.
    11. Install Unicode support:
      1. Copy c_20127.nls from a Windows XP Pro computer to C:\Temp on the Thin Client.
      2. Enable the "20127 (US-ASCII)" option at the following location.

        Control Panel>Regional and Language Options>Advanced>Code page conversion tables
      3. When prompted, reference c_20127.nls from C:\Temp.
    12. Install Symantec Endpoint Protection client. (recommend running the install package directly on the thin client)
      • Verify there is ether no Windows Firewall, or it is disabled.
      • The install process may take longer than expected (30+ min).
      • Launch the SEP client to verify the status.
    13. Restart.
    14. Re-enable the Windows Firewall.
    15. Add an exception in the Windows Firewall for Symantec Endpoint Protection.
    16. Restart.
    17. Change the temporary folders back to their original locations.
      1. Control Panel>System>Advanced.
      2. Change the Variables TEMP and TMP to their original setting:

        Z:\%username%\Temp or Z:\Temp
    18. Re-enable the EWF using the following commands: 

      ewfmgr.exe c: -Commit
      ewfmgr.exe c: -Enable
    19. Restart.



    NOTE: The SEP client will have the standard SEP client footprint in terms of disk space, RAM and CPU usage as on a standard PC or laptop.


    NOTE: The SEP client does not use the embedded APIs that allow operation in conjunction with the write filter feature so write filters need to be disabled during Liveupdate on the client. If write filters are required to be started at all times on the client then install SEP for embedded product instead of Symantec Endpoint Protection 11.


  • 3.  RE: SEP and Embedded Windows 7 / XP

    Posted Feb 27, 2012 01:04 PM
      |   view attached

    Hi ,

     

    Please find the Admin guide for SEP Embeded system.

     

    Regards

    Santhosh



  • 4.  RE: SEP and Embedded Windows 7 / XP

    Posted Feb 27, 2012 03:37 PM

    Hi thank you for the info, but I was looking more generally for what you all disable/tweak on a standard SEP 12.1 or 11 client install package. The instructions on how to install are appreciated but not really what I was looking for. Also, the linked pdf is for a separate product. The embedded xp product Symantec offers is an additional cost and cannot be managed within SEP.



  • 5.  RE: SEP and Embedded Windows 7 / XP
    Best Answer

    Posted Feb 28, 2012 06:51 AM

    Hi Aweldon,

    Many thanks for starting this thread.  There is no specific "SEP Best Practices on Embedded OS" article- different thin clients, etc have different specifications.  Many can run the full SEP 11 or 12.1 without any difficulties, I have seen.  Some are very low on hard drive space, RAM etc.  For this reason it is hard to make general recommendations.

    This article has some good information and links:

    Symantec Endpoint Protection support for embedded operating systems
    Article: TECH106027   |  Created: 2008-01-25   |  Updated: 2011-11-18   | 
    Article URL http://www.symantec.com/docs/TECH106027

    On some specific systems that I have examined, I have recommended to use only the minimum AV/AS protection (no IDS, etc).  If resources are very low, that may be best in your case.

    I definitely recommend SEP 12.1 over SEP 11 on embedded machines.  SEP 12.1 retains fewer past sets of AV definitions by default than SEP 11.  This will save several hundred MD of hard drive space.

    One component that is very rarely need on an embedded OS is SEP's optional email scanning components.  It's best not to include those, as it is extrememely unlikely that anyone will be using MS Outlook, Lotus Notes or another mail client from an ATM. &: )

    Hope this helps- please do keep the thread up to date with any additional specific requests, or mark it as "solved" for the benefit of future admins.


     

     



  • 6.  RE: SEP and Embedded Windows 7 / XP

    Posted Feb 28, 2012 10:38 AM

    Thank you for the information that was more along the lines of what I was looking for, using our current product for the solution.