Professional Documents
Culture Documents
Best Practices SEP11.0.6
Best Practices SEP11.0.6
Contents
Scope ............................................................................................................................................... 2 What is Symantec Endpoint Protection (SEP) 11.0? .................................................................... 2 General note on compatibility ....................................................................................................... 2 Recommended hardware ............................................................................................................... 3 Phase 1: Planning and Preparation ............................................................................................... 3 Phase 2: Installing and configuring the Symantec Endpoint Protection Manager .................... 4 Phase 3: Installing the Symantec Endpoint Protection client ..................................................... 6 Phase 4: Recommended post-installation tasks .......................................................................... 6 What to expect from this point onward ........................................................................................ 7 Frequently Asked Questions .......................................................................................................... 7 Useful Online Resources ................................................................................................................ 7
Important! The latest version of this document can always be accessed via the following Symantec webpage:
http://www.symantec.com/connect/articles/symantec-endpoint-protection-110-windows-small-business-server-2003-best-practices-white-pa
Scope
This white paper provides guidance on how to successfully deploy the core Symantec Endpoint Protection 11.0 management and protection components to a Microsoft Small Business Server. Note, to date the content of this document has only been validated with the English version of both Windows Small Business Server and Symantec Endpoint Protection 11.0.
The core components required to run a centrally managed Symantec Endpoint Protection 11.0 environment include: Symantec Endpoint Protection client (on each machine you wish to protect, including the Manager) Symantec Endpoint Protection Manager (a web server, utilising Microsoft IIS and Apache Tomcat) Database (by default, the embedded database is automatically installed and managed) Symantec Endpoint Protection Manager console (Can be run from anywhere with network access to the Manager)
Even though the product provides all this protection and functionality, it typically takes less than 30 minutes to get the Symantec Endpoint Protection Manager up and running for a Microsoft Small Business Server environment, most of this is following a wizard so it is very straightforward.
Recommended hardware
While every environment varies, below are some high-level guidelines on recommended (not mandatory) hardware that will help to ensure the Windows Small Business Server machine will run smoothly with Symantec Endpoint Protection 11.0: Processor Memory Disk space Dual-Core / Dual CPU 1GB RAM (total installed in the machine) 3GB of free disk space (mostly to allow room for the database to grow over time)
Note: At least 500mb of free space is required on the system drive (usually C:) as temp space, even if not installing to this drive.
Important! It is strongly recommended that you take some time to review how utilised the resources are currently on the target machine before moving ahead with the installation of the Symantec Endpoint Protection 11.0 components, especially memory and processor. Below are some guidelines on how much memory the components will require on average: Symantec Endpoint Protection Manager (including Database) Approximately 150MBs Symantec Endpoint Protection client Between 25MBs (idle) and 50MBs (running Liveupdate or scheduled scan) Symantec Endpoint Protection Manager Console (when in use) Approximately 80MBs
Note: The Console can be run from a remote machine also. See the Frequently Asked Questions section for more detail.
If you believe the resource requirements to run Symantec Endpoint Protection may be too high for your Windows Microsoft Small Business Server, it is possible to run Symantec AntiVirus Corporate Edition 10 as an alternative.
1. Insert the Symantec Endpoint Protection CD into the CD/DVD drive, the CD should auto run and the menu should appear. 2. Click Install Symantec Endpoint Protection, then Install Symantec Endpoint Protection Manager 3. A wizard will launch and a welcome dialog will appear, click Next 4. Select I accept... then click Next 5. Select the location to which you wish to install the Symantec Endpoint Protection 11.0 Manager, then click Next 6. Create a custom Web site will be selected by default, click Next 7. Click Install to kick off the installation. This can take up to 5 minutes to complete. When prompted, click Finish. (At this point, the Management Server Configuration Wizard will launch automatically) 8. Ensure the Simple configuration type is selected, then click Next Note: If upgrading from a previous version of Symantec Endpoint Protection, it is normal to not see this dialog. 9. Enter a password and email address for the admin user, click Next 10. Leave the box selected if you wish to participate in Symantec's anonymous data collection program which is used to optimize our security solutions. 11. When your selected settings are displayed, Select Next if you require no changes. (Configuration will begin and can take up to 5 minutes to complete) Upon completion the Migration and Deployment Wizard will launch automatically. 12. The Welcome dialog will appear, click Next 13. Ensure Deploy the Windows client is selected, click Next 14. Select Specify the name of a new group... and enter a name of Small Business Server, then click Next 15. Select specifically the features shown below, then click Next
The behavior-based TruScan Proactive Threat Scan feature is not supported on servers, therefore it is recommended that this feature should not be selected for this specific client installation package. The Antivirus Email Protection features are aimed at providing additional protection to client-side email applications such as Microsoft Outlook and Lotus Notes, therefore if you wont run these directly on the Small Business Server, these features should not be selected.
If you are currently running the ISA 2004 firewall on the Microsoft Small Business Server, you should ensure the Network Threat Protection feature is not be selected.
16. Enter a path such as that shown below in the Specify the folder... field, then click Next
17. Select No, just create them... then click Next. Creation of a client package will begin, this can take up to 5 minutes 18. Once the client package has been created, the management console will automatically launch 19. Login using the following credentials - Username: admin, Password: <as you specified earlier> Note: After approximately 15 minutes, Liveupdate will begin to run silently. It will download the latest content (Antivirus and Antispyware definitions, etc). This process can run for varying lengths of time depending on the speed of the internet connection. You do not need to wait for this process to complete before progressing to Phase 3, but you should be aware Liveupdate is running in the background and will utilize resource, therefore may impact the user experience temporarily.
1. Locate the exported setup.exe file, which typically will reside in C:\SEPclientpackages\ Small Business Server_32-bit 2. Double-click this setup.exe file to launch an unattended install of the Symantec Endpoint Protection client 3. After approximately 10-15 minutes, a Restart Notification dialog will appear, click Restart Now Note: The Antivirus and Antispyware protection component will typically be active before reboot but the firewall requires a reboot, so in the Symantec Endpoint Protection client user interface, it is normal to not see the firewall protection component present in the client user interface until a reboot has occurred. 4. After restart, log back into Windows
Symantec Endpoint Protection 11.0 Technical Support homepage (search the Knowledge Base from here) http://www.symantec.com/enterprise/support/overview.jsp?pid=54619