This post describes how to configure LogRhythm Agnet to collect the Symantec SEPM logs through MS SQL DB. Method 1 – Syslog Forwarding 1 This is traditional way to forward logs from SEPM to Syslog servers, such as ArcSight, Splunk, Qradar, LogRhythm, etc. Note: SEPM does not support multiple syslog servers. Only one host can be configured and supported. Procedure Log in to your Symantec Endpoint Protection Manager system. In the left pane, click the Admin icon.…
Posts published in “Symantec”
Encountered this issue recently while testing policy. This post is to record the solution for my reference.
The notification and description on this issue in Windows Security is quite confusion. It mentions actions needed in Symantec Endpoint Protection.
But if you open SEP, it will just show you Your Computer is protected and no problems detected.
SEP's Layers Protection Technologies
Here are some of my notes for configuring SEPM (Symantec Endpoint Protection Manager) and SEP (Symantec Endpoint Protection) Client. It only records some of my working experience which I met during Symantec Project. M ost of notes is just for reminding me how to complete this task. It might not fit into all situations since it is only specific for my environment. The version I am using is 14.2.1 (14.2 RU1). One SEPM installed at main site, and another SEPM installed at DR site. They are replicated to each other through configuration. We are using MS SQL Express since the environment is not that big size , less than 1000 users.
SEPM Communication Settings Change
Symantec Endpoint Encryption protects sensitive information and ensures regulatory compliance. It encrypts all files on the hard drive, sector-by-sector, for maximum security. It supports Windows, Mac, tablets, self-encrypting drives, and removable media (USB drives, external hard drives, and DVDs).
I had a chance to install it in my lab environment for a testing. This post is kind of recording all steps including all mistakes I had made, especially in the YouTube video. The version I am using is 11.2.1. The process is also test with version 11.3.x
1. Pre-Installation System Requirements:
1.1 OS Requirements
- Microsoft Windows Server 2016 Datacenter, with updates
- Microsoft Windows Server 2016 Standard, with updates
- Microsoft Windows Server 2012 R2 Datacenter, with updates
- Microsoft Windows Server 2012 R2 Standard, with updates
- Microsoft Windows Server 2008 R2 Enterprise SP1 (Deprecated in SEE 11.2.1 MP1)
- Microsoft Windows Server 2008 R2 Standard SP1 (Deprecated in SEE 11.2.1 MP1)