Common topics and support resources
Microsoft Small Business Server 2003 Best Practices If installing on an older machine (or virtual machine) make sure that your system meets the minimum requirements:
Processor Dual-Core / Dual CPU Memory 2GB RAM (installed in the machine) Disk Space 20GB of free disk space (mostly to allow room for the database to grow over time) Note: At least 500mb of free space is required on the system drive (usually C:) even if not installing there.
An introduction:
When I took over administration of a network, a previous admin had installed Symantec Antivirus (aka SAV) on all the machines and had a server to download the virus definitions from Symantec. None of the other techs knew how it worked, we all just assumed that it worked and didn’t require our intervention.
Then one day I thought of moving the server to a virtual machine; in the process I broke the connection from the clients to the server. This created a minor emergency. Over the course of that day I reinstalled the system and created a new server/client communication and completely reconfigured the system. It was now working really well.
Time passes and so do software versions. Soon enough, it was time for an upgrade. Here are some of the things that I learned while upgrading a system from Symantec Antivirus to Symantec Endpoint Protection.
Installation of the server:
Overview Open up the installer and follow the prompts for your server info etc.
Detailed installation info can be found in the Installation Guide. We choose default options in almost every case. The embedded database was the best choice for this small network.
Installation of the clients:
Depending on your network situation, this should also be a simple procedure.
We tried the deployment wizard, which appeared to make everything very simple and automatic. Deploy Symantec Endpoint Protection to your client computers (using the Wizard). Alas, it was not so simple and we ran into many errors, including: Error: “No Network Provider accepted the given the network path”. From windows, we issued this command to investigate: START->RUN->’cmd’ netstat -abn. In the end, we decided to manually install SEP by creating deployment packages and saving them to a USB or network share:
- under
- admin->install packages->client install packages
- right click on the …WIN32BIT package and choose export
- From this window you can select the options for the install package
I choose the following options:
- browsed to a USB drive
- checked the box for create a single EXE
- HR install settings (made in the creating deployment package step)
- HR feature set (also made in the creating deployment package step)
- Export a managed client
- Choose the group you are making the package for (HR, Accounting or Barc…)
How to manually uninstall Symantec Endpoint Protection Manager 11.0
Best Notification Overview
Creating notifications in the Symantec Endpoint Protection Manager
Email alerts
We worked on this aspect for a long time and couldn’t figure out what was wrong. We think that this is one of the weakest ‘improvements’ that Symantec made in this version of their software. First of all, there is no
Symantec Endpoint Protection Manager 11.x communication troubleshooting
I had a lot of problems getting email notifications to work for several reasons:
- Damper setting may be preventing a series of detections from generating individual notifications, and the damper auto setting may be 1 hour: correction, it is 1 hr).
So you can repeat an event all you like, but you will only be notified as often as the damper setting indicates, making it difficult to test. - When specifying the administrative email server, symantec makes several assumptions that they never tell you about and they don’t give you the option to change. For example,Symantec Endpoint Protection Manager cannot send email notifications to a SMTP server configured to require Secure Password Authentication. Additionally, it appears that they are doing some kind of assumption about usernames and domains where User Name = username@domain.tld. The latter ruled out the use of our email server, so I used an email that I set up elsewhere.
How to setup email alerts in the Symantec Endpoint Protection Manager more detail on the same topic
How to test the e-mail notification feature
Best Practices for Disaster Recovery with the Symantec Endpoint Protection Manager
