Now that Symantec Endpoint Protection 11 Maintenance Release 4 Maintenance Pack 1a has been released, all the kinks holding me back from upgrading have been taken care of. The new web management interface is a highly welcomed upgrade as well.
So after a few long reading sessions, I have compile a short list of key things to take into consideration. I won’t go over exact installation steps as the Symantec documentation is practically step-by-step. With that being said here is what stood out most to me:
First off, prepare Vista clients before installing the SEP management server. This will help make the client deployment go smoother. Also when it comes to creating the installer package, it is recommended that you do an unattended install for Vista deployments. Read:
For a server OS that will run SEP as a client, use an installation pack that does not have Network Threat Protection or Proactive Threat Protection. For the feature sets, disable Antivirus Email Protection as well as Network Threat Protection. Read:
After the installation has completed and you are logged into the manger, you should start configuring by creating groups based upon your security needs. Example: Server, Desktop, Laptop..etc. Note: You can’t add groups to the Default Group.
At minimum a brief overview of the Administration Guide is a definite must. You will learn about many nice features such as the automatic exclusion of files and folders for Exchange Servers versions 5.5 through 2007. (some manual exclusions for clusters) AD servers are also auto detectable for exclusions.
Certainly more can be said about the policies and client deployments, so for the big picture check out the Symantec documentation:
Read: Read:
One last thing: Don’t forget to install the Symantec Endpoint Protection client on the management server!