Press "Enter" to skip to content

Posts published in “Symantec”

LogRhythm Remote Windows Log Collection Integration with Symantec SEPM MS SQL DB


This post describes how to configure LogRhythm Agnet to collect the Symantec SEPM logs through MS SQL DB. Method 1 – Syslog Forwarding 1  This is traditional way to forward logs from SEPM to Syslog servers, such as ArcSight, Splunk, Qradar, LogRhythm, etc.  Note: SEPM does not support multiple syslog servers. Only one host can be configured and supported. Procedure Log in to your Symantec Endpoint Protection Manager system. In the left pane, click the Admin icon.…

Windows 10 Security Center Shows Red x Icon On Firewall & Network Protection with SEP Installed Machine


Encountered this issue recently while testing policy. This post is to record the solution for my reference.

The notification and description on this issue in Windows Security is quite confusion. It mentions actions needed in Symantec Endpoint Protection.

But if you open SEP, it will just show you Your Computer is protected and no problems detected.

Symantec SEPM Configuration and Client Deployment Notes


Here are some of my notes for configuring SEPM (Symantec Endpoint Protection Manager) and SEP (Symantec Endpoint Protection) Client. It only records some of my working experience which I met during Symantec Project.  M ost of notes is just for reminding me how to complete this task. It might not fit into all situations since it is only specific for my environment.  The version I am using is 14.2.1 (14.2 RU1). One SEPM installed at main site, and another SEPM installed at DR site. They are replicated to each other through configuration. We are using MS SQL Express since the environment is not that big size , less than 1000 users. 

Symantec Endpoint Protection Manager (SEPM) Performance Tuning


SEPM Communication Settings Change

Pull mode
The client computer connects to the management server periodically, depending on the frequency of the heartbeat setting. The client computer checks the status of the management server when the client connects.

Push mode
The client computer establishes a constant HTTP connection to the management server. Whenever a change occurs in the management server status, it notifies the client computer immediately.

Deploy and Configure Symantec Endpoint Encryption 11.x


Symantec Endpoint Encryption protects sensitive information and ensures regulatory compliance. It encrypts all files on the hard drive, sector-by-sector, for maximum security. It supports Windows, Mac, tablets, self-encrypting drives, and removable media (USB drives, external hard drives, and DVDs).

I had a chance to install it in my lab environment for a testing. This post is kind of recording all steps including all mistakes I had made, especially in the YouTube video. The version I am using is 11.2.1. The process is also test with version 11.3.x

1. Pre-Installation System Requirements:

1.1 OS Requirements

  • Microsoft Windows Server 2016 Datacenter, with updates
  • Microsoft Windows Server 2016 Standard, with updates
  • Microsoft Windows Server 2012 R2 Datacenter, with updates
  • Microsoft Windows Server 2012 R2 Standard, with updates
  • Microsoft Windows Server 2008 R2 Enterprise SP1 (Deprecated in SEE 11.2.1 MP1)
  • Microsoft Windows Server 2008 R2 Standard SP1 (Deprecated in SEE 11.2.1 MP1)