Thoughts, information and reflections about technology

SBS, Symantec Endpoint Protection and Network Threat Protection

Aaarrrgghh

A server had an expired copy of Norton Corporate 10.x. Symantec Endpoint Protection 11.x seemed to be the best alternative at the time. We purchased enough licenses and installed SEP on the clients (about 6 machines). So far so good.

When we tried to install on the server, it was requiring that IIS be installed on the server. That turned out to be a nightmare because (1) the company could not locate the distribution media for Server 2003 (It is a legal copy) and (2) the c drive is short of space (For some reason the previous VAR decided that 8 gig on the c drive would be enough hard drive space.

So, it seemed like we could run as unmanaged clients… NOT…

What happens is that as soon as you enaable “Network Threat Protection” on the server, all of the clients are blocked from accessing shares on the server. So, on to the trusty Google searches. We found documentation about checking the “share files and folders” boxes. Been there, done that. We also found

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007100512163348

OK, that involves setting some firewall rules to open up the necessary ports. Been there, done that too. Went back and double checked… Yep, all those settings are correct. However, a minute or so after turning on “Network Threat Protection” none of the clients can access any shares.

So, right now, it doesn’t look like we can set things up as managed clients until (1) we get more hard drive space (2) we get the distribution media to install IIS.
-or-
Either a fix comes out or we find more ports that have to be opened up.

So, back to either the windoze firewall or trying to find a 3rd party firewall that will play nicely with SEP

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact me
Archives
Categories
Amazon Disclosure

We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.