Press "Enter" to skip to content

Posts published in “Symantec”

Symantec Endpoint Protection Manager (SEPM) Performance Tuning


SEPM Communication Settings Change Pull mode The client computer connects to the management server periodically, depending on the frequency of the heartbeat setting. The client computer checks the status of the management server when the client connects. Push mode The client computer establishes a constant HTTP connection to the management server. Whenever a change occurs in the management server status, it notifies the client computer immediately. In either mode, the client computer takes the corresponding…

Deploy and Configure Symantec Endpoint Encryption 11.x


Symantec Endpoint Encryption protects sensitive information and ensures regulatory compliance. It encrypts all files on the hard drive, sector-by-sector, for maximum security. It supports Windows, Mac, tablets, self-encrypting drives, and removable media (USB drives, external hard drives, and DVDs).

I had a chance to install it in my lab environment for a testing. This post is kind of recording all steps including all mistakes I had made, especially in the YouTube video. The version I am using is 11.2.1. The process is also test with version 11.3.x

1. Pre-Installation System Requirements:

1.1 OS Requirements

  • Microsoft Windows Server 2016 Datacenter, with updates
  • Microsoft Windows Server 2016 Standard, with updates
  • Microsoft Windows Server 2012 R2 Datacenter, with updates
  • Microsoft Windows Server 2012 R2 Standard, with updates
  • Microsoft Windows Server 2008 R2 Enterprise SP1 (Deprecated in SEE 11.2.1 MP1)
  • Microsoft Windows Server 2008 R2 Standard SP1 (Deprecated in SEE 11.2.1 MP1)

Symantec DLP Operation Notes


Here are some notes I recorded when I was working on Symantec DLP project. Restart DLP Enforce services in the correct order The following order is important when stopping and starting DLP services in Windows or Linux. Stopping services in DLP 15.1 and later             1. Symantec DLP Detection Server Controller             2. Symantec DLP Incident Persister             3. Symantec DLP Manager             4. Symantec DLP Notifier Starting services in DLP 15.1 and later             1.…

Symantec SEPM Configuration and Client Deployment Notes

Here are some of my notes for configuring SEPM (Symantec Endpoint Protection Manager) and SEP (Symantec Endpoint Protection) Client. It only records some of my working experience which I met during Symantec Project.  M ost of notes is just for reminding me how to complete this task. It might not fit into all situations since it is only specific for my environment.  The version I am using is 14.2.1 (14.2 RU1). One SEPM installed at main site, and another SEPM installed at DR site. They are replicated to each other through configuration. We are using MS SQL Express since the environment is not that big size , less than 1000 users. 

Import Client Packages

Symantec Endpoint Detection & Response (EDR) Notes


Symantec EDR (Endpoint Detection & Response, Previously ATP - Advanced Threat Protection) exposes advanced attacks with precision
machine learning and global threat
intelligence minimizing
false positives and helps ensure high levels of productivity
for security teams. Symantec EDR capabilities allow incident
responders to quickly search, identify and contain all impacted
endpoints while investigating threats using a choice of onpremises and cloud-based sandboxing. Also, Symantec EDR
enhances investigator productivity with automated investigation
playbooks and user behavior analytics that brings the skills and
best practices of the most experienced security analysts to any
organization, resulting in significantly lower costs.

Symantec EDR Software Update

You cannot copy content from