Symantec AntiVirus Corporate Edition Administrator's Guide

Save this PDF as:

Size: px
Start display at page:

Download "Symantec AntiVirus Corporate Edition Administrator's Guide"

Transcription

1 Symantec AntiVirus Corporate Edition Administrator's Guide

2 Symantec AntiVirus Corporate Edition Administrator's Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Documentation version Legal Notice Copyright 2006 Symantec Corporation. All rights reserved. Federal acquisitions: Commercial Software - Government Users Subject to Standard License Terms and Conditions. Symantec, the Symantec logo, LiveUpdate, Norton AntiVirus, Symantec AntiVirus, Symantec Client Security, Symantec Security Response, and Symantec System Center are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. The Licensed Software and Documentation are deemed to be "commercial computer software" and "commercial computer software documentation" as defined in FAR Sections and DFARS Section Symantec Corporation Stevens Creek Blvd. Cupertino, CA USA

3 Technical Support Contacting Technical Support Symantec Technical Support maintains support centers globally. Technical Support s primary role is to respond to specific queries about product feature and function, installation, and configuration. The Technical Support group also authors content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates. Symantec s maintenance offerings include the following: A range of support options that give you the flexibility to select the right amount of service for any size organization A telephone and web-based support that provides rapid response and up-to-the-minute information Upgrade insurance that delivers automatic software upgrade protection Global support that is available 24 hours a day, 7 days a week worldwide. Support is provided in a variety of languages for those customers that are enrolled in the Platinum Support program Advanced features, including Technical Account Management For information about Symantec s Maintenance Programs, you can visit our Web site at the following URL: Select your country or language under Global Support. The specific features that are available may vary based on the level of maintenance that was purchased and the specific product that you are using. Customers with a current maintenance agreement may access Technical Support information at the following URL: Select your region or language under Global Support. Before contacting Technical Support, make sure you have satisfied the system requirements that are listed in your product documentation. Also, you should be at the computer on which the problem occurred, in case it is necessary to recreate the problem.

4 When you contact Technical Support, please have the following information available: Product release level Hardware information Available memory, disk space, and NIC information Operating system Version and patch level Network topology Router, gateway, and IP address information Problem description: Error messages and log files Troubleshooting that was performed before contacting Symantec Recent software configuration changes and network changes Licensing and registration Customer service If your Symantec product requires registration or a license key, access our technical support Web page at the following URL: Select your region or language under Global Support, and then select the Licensing and Registration page. Customer service information is available at the following URL: Select your country or language under Global Support. Customer Service is available to assist with the following types of issues: Questions regarding product licensing or serialization Product registration updates such as address or name changes General product information (features, language availability, local dealers) Latest information about product updates and upgrades Information about upgrade insurance and maintenance contracts Information about the Symantec Value License Program

5 Advice about Symantec's technical support options Nontechnical presales questions Issues that are related to CD-ROMs or manuals Maintenance agreement resources Additional Enterprise services If you want to contact Symantec regarding an existing maintenance agreement, please contact the maintenance agreement administration team for your region as follows: Asia-Pacific and Japan: Europe, Middle-East, and Africa: North America and Latin America: Symantec offers a comprehensive set of services that allow you to maximize your investment in Symantec products and to develop your knowledge, expertise, and global insight, which enable you to manage your business risks proactively. Enterprise services that are available include the following: Symantec Early Warning Solutions Managed Security Services Consulting Services Educational Services These solutions provide early warning of cyber attacks, comprehensive threat analysis, and countermeasures to prevent attacks before they occur. These services remove the burden of managing and monitoring security devices and events, ensuring rapid response to real threats. Symantec Consulting Services provide on-site technical expertise from Symantec and its trusted partners. Symantec Consulting Services offer a variety of prepackaged and customizable options that include assessment, design, implementation, monitoring and management capabilities, each focused on establishing and maintaining the integrity and availability of your IT resources. Educational Services provide a full array of technical training, security education, security certification, and awareness communication programs. To access more information about Enterprise services, please visit our Web site at the following URL:

6 Select your country or language from the site index.

7 Contents Technical Support Section 1 Chapter 1 Managing Symantec AntiVirus Symantec AntiVirus basics About Symantec AntiVirus About the Symantec System Center Symantec System Center console icons Using the Symantec System Center Starting the Symantec System Center Selecting a primary management server for a server group About console views Changing console views Saving console settings Customizing console view columns Showing when clients are offline Showing client Auto-Protect status Showing client infection state About refreshing the console About the Discovery Service How Discovery works Types of Discovery Discovery Service requirement for WINS or Active Directory NetWare computers and the Discovery Service Running the Discovery Service Configuring the Discovery Service to use IP addresses Configuring the Discovery Service Configuring the Discovery Cycle interval Using the Find Computer feature Finding computers using a local cache search Finding computers using a network search Locating found items in the Symantec System Center console Using the Refresh feature Auditing computers... 39

8 8 Contents Configuring login certificates Configuring login certificate lifetime and time tolerance Configuring login certificate key size Chapter 2 Managing Symantec AntiVirus About servers About primary management servers About secondary management servers About parent management servers About server groups and client groups Deciding whether to use server groups, client groups, or both About Grc.dat files Locating the Symantec AntiVirus program folder Client groups and configuration priority How settings propagate Server and client group scenario Using server groups to manage Creating server groups Locking and unlocking server groups Viewing and filtering server groups Renaming server groups Deleting server groups Changing primary management servers Changing parent management servers Moving a server to a different server group Best practice: maintaining server-client communication Restoring client communication when a primary server is lost Restoring communication with a server group Managing user accounts for server groups Configuring options for Windows Security Center (WSC) Configuring the out-of-date time for definitions Configuring alerts to appear on the host computer Configuring Symantec AntiVirus to disable Windows Security Center Optimizing server performance Optimizing definitions and configuration rollouts Monitoring clients Using Tamper Protection Enabling, disabling, and configuring Tamper Protection Creating Tamper Protection messages... 81

9 Contents 9 Using client groups to manage Creating client groups Adding clients to a client group Configuring settings and running tasks at the client group level About client group settings Moving a client to a different client group Viewing and filtering client groups Renaming client groups Deleting client groups Using client group settings instead of server group settings Managing clients Managing legacy clients Enabling direct client configuration Handling clients with intermittent connectivity Changing the management mode of a client Restoring communication between servers and managed client computers Restoring communication if you have made a server change or reinstalled a client computer Restoring communication when you use a drive image to create clones on the same network Restoring communication if the client computers can receive definitions updates Restoring communication if the client computers cannot receive definitions updates Chapter 3 Alert Management System About the Alert Management System How Alert Management System works Configuring alert actions Alert configuration tasks Speeding up alert configuration Configuring the Message Box alert action Configuring the Broadcast alert action Configuring the Run Program alert action Configuring the Load An NLM alert action Configuring the Send Internet Mail alert action About paging services Configuring the Send Page alert action Configuring the Send SNMP Trap alert action Configuring the Write To Event Log alert action

10 10 Contents About configuring alert action messages Configuring a default alert message Working with configured alerts Testing configured alert actions Deleting an alert action from an alert Exporting alert actions to other computers Using the Alert Management System Alert Log Viewing detailed alert information Filtering the Alert Log display list Forwarding alerts from unmanaged clients Section 2 Chapter 4 Configuring antivirus protection Scanning for viruses and security risks About viruses and security risks About Symantec AntiVirus scans About the automatic exclusion of Microsoft Exchange files and directories About the global exclusion of security risks from scans Understanding Auto-Protect scans About manual scans About virus sweep scans About scheduled scans Selecting computers to scan About inclusions and exclusions in scans Configuring file and folder inclusions and exclusions If client applications use a single Inbox file Configuring global security risk exclusions About actions for viruses and security risks that scans detect Configuring Auto-Protect About propagating Auto-Protect settings Locking and unlocking Auto-Protect options Configuring File System Auto-Protect Configuring Auto-Protect scanning for groupware applications Configuring Auto-Protect scanning for Internet Configuring manual scans Configuring actions for manual scans Configuring notifications for manual scans Creating and configuring scheduled scans Creating scheduled scans Configuring scheduled scans

11 Contents 11 Managing the client user experience Enabling users to pause, snooze, or stop scheduled scans Preventing or allowing users to unload Symantec AntiVirus services Changing the password that is required to uninstall Changing the password that is required to scan mapped drives Modifying scanning options for clients Displaying a warning when definitions are out of date or missing Managing warnings and notifications about infected files Chapter 5 Updating definitions About definitions About legacy client definitions Definitions files update methods Best practice: Using the Virus Definition Transport Method and LiveUpdate together Best practice: Using Continuous LiveUpdate on 64-bit computers Updating definitions files on servers Updating and configuring servers using the Virus Definition Transport Method Updating servers using LiveUpdate Updating servers with Intelligent Updater Updating virus definitions by using an.xdb file About using Central Quarantine polling to update servers Minimizing network traffic and handling missed updates Updating definitions files on clients Forcing definitions files on clients to update immediately Configuring managed clients to use an internal LiveUpdate server Enabling and configuring Continuous LiveUpdate for managed clients Setting LiveUpdate usage policies Controlling definitions file deployment Finding computers with outdated definitions files Verifying the version number of definitions files Viewing the risk list Rolling back definitions files Testing definitions files Scenarios for definitions updates

12 12 Contents About scanning after updating definitions files Chapter 6 Chapter 7 Chapter 8 Responding to virus outbreaks Preparing for virus outbreaks Creating a virus outbreak plan Defining Symantec AntiVirus actions for handling suspicious files Specifying a local quarantine directory Configuring automatic Quarantine purge options Registry settings for Quarantine Purge options Forwarding items to the Quarantine Server Enabling scan and deliver Configuring actions to take when new definitions arrive Handling a virus outbreak on your network Using alerts and messages Running a virus sweep Tracking virus alerts using reporting, Event Logs, and Histories Tracking submissions to Symantec Security Response with Central Quarantine Console Managing roaming clients About roaming clients Roaming client components How roaming works Implementing roaming Analyzing and mapping your Symantec AntiVirus network Identifying servers for each hierarchical level Creating a list of level 0 Symantec AntiVirus servers Creating a hierarchical list of Symantec AntiVirus servers Configuring roaming client support options from the Symantec System Center console Roaming server example Command-line options Registry values Working with Histories and Event Logs About Histories and Event Logs Sorting and filtering History and Event Log data About Event Log icons Viewing Histories

13 Contents 13 Working with Histories Working with Scan Histories Working with Risk Histories Viewing Risk properties Working with Tamper Histories Working with Virus Sweep Histories Forwarding client and server logs Configuring log forwarding options Configuring log events to forward Best practice: configuring events to forward for sometimes-managed clients Reviewing the forwarding status file Deleting Histories and Event Logs Index

14 14 Contents

15 Section 1 Managing Symantec AntiVirus Symantec AntiVirus basics Managing Symantec AntiVirus Alert Management System

16 16

17 Chapter 1 Symantec AntiVirus basics This chapter includes the following topics: About Symantec AntiVirus About the Symantec System Center Using the Symantec System Center About the Discovery Service Running the Discovery Service Using the Find Computer feature Configuring login certificates About Symantec AntiVirus For workstations and network servers, Symantec AntiVirus provides scalable, cross-platform protection from viruses and security risks, and repairs their side effects. Among the tasks you can perform by using Symantec AntiVirus are the following: Establish and enforce an antivirus and security risk policy for your business. Retrieve content updates such as virus and security risk definitions. Quarantine and delete live viruses. Analyze logged events. Create pre-defined and customizable graphical reports that are based on Symantec AntiVirus security information from your network.

18 18 Symantec AntiVirus basics About the Symantec System Center Symantec AntiVirus product components and system requirements, including the protocols and ports that are used for Symantec AntiVirus, are described in the Symantec AntiVirus Installation Guide. Note: The Symantec AntiVirus client software provides antivirus and security risk protection for supported Windows 32-bit and 64-bit computers. The Symantec AntiVirus client software protects both networked and non-networked computers. The term, Symantec AntiVirus, refers to both the Symantec AntiVirus server and the Symantec AntiVirus client software. Computers that run Symantec AntiVirus server software might be required to do so because of system requirements. Computers that run Symantec AntiVirus server software are not required to act as management servers. The Symantec AntiVirus server software can manage other computers that run Symantec AntiVirus and supported legacy versions of Norton AntiVirus Corporate Edition. It can also push configuration updates, as well as virus and security risk definitions file updates, to these clients. The Symantec AntiVirus server software also provides antivirus and security risk protection for the computers on which it runs. Note: The Symantec AntiVirus server software is not supported on 64-bit computers. About the Symantec System Center By using the Symantec System Center, you can manage network security by performing administrative operations such as the following: Installing antivirus and security risk protection on workstations and network servers. Updating Symantec AntiVirus definitions. Managing Symantec AntiVirus servers and clients. Managing content licensing, if you use a content license rather than a site license for your computers. See the Content Licensing chapter in the Symantec AntiVirus Installation Guide. In addition to the Symantec System Center, you can also use Grc.dat configuration files to configure Symantec AntiVirus clients. You can use configuration files if you want to use a third-party tool to remotely configure your network.

19 Symantec AntiVirus basics About the Symantec System Center 19 The following information about the Symantec System Center is not included in this guide: Information about the configuration and use of reporting functionality is in the Reporting User's Guide. Information about the configuration and use of endpoint compliance functionality is in the Endpoint Compliance Implementation Guide. Symantec System Center console icons When the Symantec System Center runs, it displays a system hierarchy of server groups, client groups, and the servers that the icons represent. The icons appear in an expandable hierarchy in the Symantec System Center console. The Symantec System Center uses icons to represent the different states of computers that are running Symantec managed products. For example, if the server group icon in the server group view appears with a padlock icon, the server group must be unlocked with its password before you can configure or run scans for the computers in the server group. Table 1-1 describes the Symantec System Center icons. Table 1-1 Icon Symantec System Center icons Icon descriptions Highest level object representing the system hierarchy, which contains all server groups. Unlocked server group or client group. Compare this icon to the locked server group icon. For security reasons, all server groups default to locked when you start the Symantec System Center. Locked server group. You must enter a password before you can view the computers in the server group to configure and run updates and scans. An issue needs to be resolved in this server group. For example, there may not be a primary management server that is assigned to the server group or a server may have detected a virus or security risk. A security risk, such as adware or spyware, was detected on a computer in this server group. Note: If Symantec AntiVirus detects both a virus and a security risk on the same computer, the virus icon appears.

20 20 Symantec AntiVirus basics About the Symantec System Center Table 1-1 Icon Symantec System Center icons (continued) Icon descriptions Symantec AntiVirus server running on a supported computer. Compare this icon to the next one, which is the primary management server for the server group. Symantec AntiVirus primary management server running on a supported computer. Unavailable Symantec AntiVirus server. This icon appears when communication is severed between the Symantec AntiVirus server and the Symantec System Center console. The communication error may result from one of several different causes. For example, the server system is not running; the Symantec software has been removed; the server, client, and Symantec System Center system times are out of sync; or there could be a network failure between the console and the system. A virus was detected on the computer that is running Symantec AntiVirus server. A security risk, such as adware or spyware, was detected on the computer that is running Symantec AntiVirus server. If Symantec AntiVirus detects both a virus and a security risk on the same computer, the virus icon appears. Symantec AntiVirus client running on a supported Windows computer. If you use Symantec endpoint compliance, this icon also indicates that this client computer is compliant. When you select this computer, you view options only on that computer. A virus was detected on the computer that is running Symantec AntiVirus client. Note: Client infection state will not display in the Symantec System Center console unless you enable that option under Tools > SSC Console Options, on the Virus Alert Filter tab. A security risk, such as adware or spyware, was detected on the computer that is running Symantec AntiVirus client. If Symantec AntiVirus detects both a virus and a security risk on the same computer, the virus icon appears.

21 Symantec AntiVirus basics Using the Symantec System Center 21 Table 1-1 Icon Symantec System Center icons (continued) Icon descriptions An issue needs to be resolved with this client. For example, virus and security risk definitions files may be out of date or the client group to which the client was assigned may be no longer valid. The status field in the Symantec System Center console indicates the actual problem. This computer, which runs Symantec AntiVirus client software, has access to the network, but failed an endpoint compliance audit. You may want to examine why it failed and take action to remediate the problem. The computer, which runs Symantec AntiVirus client software, failed an endpoint compliance check. The computer, which runs Symantec AntiVirus client software, is not currently connected to the network. This situation could occur because the server, client, and Symantec System Center system times are out of sync. You must enable a setting for the Symantec System Center console to show when clients are not connected to the network. Using the Symantec System Center The system hierarchy in the Symantec System Center console is the top level that contains all server groups and client groups. Note: The system hierarchy is not populated until you install at least one Symantec AntiVirus server. Starting the Symantec System Center Start the Symantec System Center when you want to manage Symantec AntiVirus. Note: You can use the Run As command from the Start menu to open the Symantec System Center, but there is a restriction. The Symantec System Center will not open when you are running as Current User and also have checked the "Protect my computer and data from unauthorized program activity" box.

22 22 Symantec AntiVirus basics Using the Symantec System Center To start the Symantec System Center On the Windows taskbar, click Start > Programs > Symantec System Center Console > Symantec System Center Console. The Symantec System Center opens to the Default Console View. Figure 1-1 The Symantec System Center console Console tree tab Top server group level Contents of object selected in tree appear in right pane Locked server group Unlocked server group Client groups Note: You can use a remote terminal session to view the Symantec System Center console and to view reports from the console. Selecting a primary management server for a server group If you have not already done so, the first thing that you must do to use Symantec System Center is to assign a primary management server for the server group that you created at the time of installation. You must specify a server in the server group as the primary management server; no server is specified as the primary management server by default. Until you specify a primary management server, you cannot perform most Symantec product management operations. After promoting a server to primary and installing additional secondary management servers, you should remove and archive the server group private key from the pki\private-keys directory that is located under the Symantec AntiVirus directory that you selected at the time of installation.

23 Symantec AntiVirus basics Using the Symantec System Center 23 For more information, see the Symantec AntiVirus Reference Guide. When you select a server group object in the Symantec System Center console and set options, the settings are saved to the primary management server in the server group. Other servers in the server group also use the new configuration. Computers that are running any of the following operating systems can be primary management servers: Windows 2000 Server/Advanced Server/Professional Windows Server 2003 Web/Standard/Enterprise/Datacenter Editions Windows XP Professional The primary management server plays an important role, so select a stable server that is always running. To select the primary management server for a server group About console views Right-click the server that you want to be the primary management server, and then click Make Server A Primary Server. Each product management snap-in makes a new product view available within the Symantec System Center console. For example, when you install the Symantec AntiVirus management snap-in, the Symantec AntiVirus view is added, which includes the fields that are related to Symantec AntiVirus, such as Last Scan and Definitions. Note: After an initial client software installation, the user's logon domain information does not appear in the Symantec System Center until the client computer is restarted. After a restart, this information is available in the Symantec System Center Symantec AntiVirus View, the network audit results, the Event Log, the Risk History, and the Tamper History. In the Symantec AntiVirus user interface, it is available in the Event Log, the Risk History, and the Tamper History. Changing console views Unless you change the view, the Symantec System Center console displays the Default Console View. The other views available depend upon which managed Symantec AntiVirus snap-ins you have installed.

24 24 Symantec AntiVirus basics Using the Symantec System Center To change console views 1 In the left pane, right-click an object, such as System Hierarchy. 2 On the View menu, in the list that appears at the bottom of the menu, click a view. Saving console settings When you close the Symantec System Center, you are prompted to save Microsoft Management Console (MMC) console settings for the Symantec System Center. This process has no effect on the Symantec AntiVirus configuration changes that you make when you use the Symantec System Center. To save console settings Do one of the following: Click Yes if you want to see the same console view the next time that you launch the Symantec System Center. Click No if you want to see the last saved view the next time you launch the Symantec System Center. Customizing console view columns The columns that appear in the right pane change based on the selected view. When System Hierarchy is selected, the Default Console View includes the following data columns: Name Status Primary Server Valid State Table 1-2 lists the data columns in the Symantec AntiVirus view. Table 1-2 Data columns in the Symantec AntiVirus view Level selected in left pane Data columns that appear in right pane System hierarchy Server Group Status Definition Sharing Newest Definitions Status of Server Updates

25 Symantec AntiVirus basics Using the Symantec System Center 25 Table 1-2 Data columns in the Symantec AntiVirus view (continued) Level selected in left pane Data columns that appear in right pane Server group Server Type Status Last Scan Definitions Version Scan Engine Address Status of Client Updates Groups (for client groups) Group Name Configuration Change Date Number of Clients Client group or server Client User, including the domain that authenticated the user Status Last Scan Definitions Version Scan Engine Address Group Server You can rearrange the order of the columns to better suit your needs. To customize the columns in a view 1 In the left pane, under Symantec System Center, select an object. 2 On the View menu, in the list that appears at the bottom of the menu, select the view that you want to customize. 3 On the View menu at the top of the Symantec System Center window, click Choose Columns. 4 In the Modify Columns dialog box, use the Add, Remove, Move Up, and Move Down buttons to customize your view as needed, or use Reset to return the settings to the last saved state.

26 26 Symantec AntiVirus basics Using the Symantec System Center Showing when clients are offline You can configure the Symantec System Center console to show when computers running Symantec AntiVirus client software are not currently connected to the network. The icon in the last row of Table 1-1 indicates that the client is offline. To show when clients are offline 1 On the Tools menu, click SSC Console Options. 2 In the SSC Console Options Properties dialog box, on the Client Display tab, under Client Configuration Options, check Indicate when clients are offline. This option is unchecked by default. Showing client Auto-Protect status You can configure the Symantec AntiVirus client or server icon to appear on the Windows system tray. Showing client infection state The icon shows a client or server's Auto-Protect status as follows: When Auto-Protect is enabled, the icon appears as a full shield. When you right-click the icon, a check mark appears before Enable Auto-Protect. When Auto-Protect is disabled, the icon is covered by a universal no sign (a red circle with a diagonal slash). When you right-click the icon, no check mark appears before Enable Auto-Protect. You can configure the Symantec System Center to display client infection state that is based on client check-in data on the Symantec System Center console. This option is disabled by default. To show client infection state on the Symantec System Center console 1 On the Tools menu, click SSC Console Options. 2 In the SSC Console Options Properties dialog box, on the Virus Alert Filter tab, check Display the infected state of each client that is based on client check-in data.

27 Symantec AntiVirus basics About the Discovery Service 27 3 To configure how long the information displays, use the arrows or type the number of days you want virus infection data to remain on the Symantec System Center console. By default, the console does not display the infections that occurred more than three days ago. 4 To reset the Symantec System Center to display client infection state from the current time forward, check Don t show virus alerts before:, and then click Set to Current Time. Note: Use the reporting console for more comprehensive and up-to-date infection status. For information about the reporting console, see the Reporting User's Guide. About refreshing the console At the first startup of a newly installed Symantec System Center console, the console pings the network to find all available computers that run Symantec AntiVirus server software. As soon as the servers respond, they are added to the console. Connected workstations running a managed Symantec client product are added when their parent management server is selected in the console tree. If you start the servers that are running a manageable Symantec product while the Symantec System Center is already running, you may need to locate the servers by using the Find Computer feature or by running the Discovery Service so that they appear in the server group view. See Using the Find Computer feature on page 35. You can also use Discovery to locate network computers on which Symantec AntiVirus is not installed. See About the Discovery Service on page 27. About the Discovery Service The Symantec System Center console runs a single service: the Symantec System Center Discovery Service (Nsctop.exe). This service is responsible for discovering the computers running Symantec AntiVirus server software that appear in the Symantec System Center console. The Discovery Service also populates the Symantec System Center console with the objects in the hierarchy. From the Symantec System Center console, you can select any object beneath the console root, and then choose Discovery Service from the Tools menu to perform a new Discovery of servers.

28 28 Symantec AntiVirus basics About the Discovery Service How Discovery works Types of Discovery To discover computers on the network, a computer that runs the Symantec System Center sends several pings to the network. The pings are UDP broadcasts to port The ping program verifies that the remote computer exists and can accept requests. When Symantec AntiVirus servers and AMS2 servers that run the Ping Discovery Service (Intel PDS) hear a ping, they respond with pong packets. Only antivirus servers are discovered by using this ping and pong mechanism. Symantec AntiVirus finds client information by querying the server for its client information. Clients ping the server to get the port number that the server's Rtvscan listens on. The client's Rtvscan can then send its keep-alive packet to the parent server's Rtvscan, and communication can begin. The keep-alive packet contains information such as the following: Date of the computer's virus definitions files When the computer was last infected IP pings are sent to the remote computer running Symantec AntiVirus server software to determine what type of protocol it uses. Pings are also sent that support Norton AntiVirus Corporate Edition and Intel LANDesk Virus Protect, legacy versions of Symantec AntiVirus. The data from the computer that runs Symantec AntiVirus client software is stored on the computer that runs Symantec AntiVirus server software that is the client's parent management server. The Symantec System Center console reads each parent management server's registry to get the data that it displays in the console. Following the completion of this process, Normal Discovery runs. Symantec System Center uses the following types of Discovery: Load from cache only (with or without using IP Discovery) Local Discovery (with or without using IP Discovery) Intense Discovery (with or without using IP Discovery) Normal Discovery (not user-initiated) Table 1-3 describes the types of Discovery that Symantec AntiVirus uses:

29 Symantec AntiVirus basics About the Discovery Service 29 Table 1-3 Discovery types Type Load from cache only Description Load from cache only offers the most basic type of Discovery. It tries to refresh all of the servers for which the Symantec System Center console address cache contains information. Each server is then sent a series of pings to see if the server checks back in, and to refresh information on the console. Load from cache only reduces traffic on the network when you launch the Symantec System Center. In most cases, you may find that choosing Load from cache only finds all of the servers that you need to add to the Symantec System Center console. What follows Normal Discovery Local Discovery (default) In Local Discovery, a ping packet is broadcast over the local subnet of the computer that runs the Symantec System Center console. Intel PDS services that run on servers on the local subnet reply with pong data. Load from cache only Normal Discovery Local Discovery generates less ping noise, but is limited to the local subnet. Local Discovery works very well on small subnets. In very large subnets, you might obtain better results by using Intense Discovery. Intense Discovery Intense Discovery walks My Network Places on the local Windows computer and attempts to resolve all computers that it finds into a network address. When it has the network address, it attempts to send ping requests. You can configure whether Intense Discovery walks the NetWare or Microsoft branches of the network tree, or both. Local Discovery Load from cache only Normal Discovery The ability of Intense Discovery to locate computers is limited by several factors: the availability of a Windows Internet Naming Service (WINS) server or Active Directory, network subnet and router configuration, DNS configuration, and Microsoft domain and workgroup configuration. Searching by IP address range in most cases is not affected by these factors. For this reason, you may want to use IP Discovery.

30 30 Symantec AntiVirus basics About the Discovery Service Table 1-3 Discovery types (continued) Type Description What follows Normal Discovery The Symantec System Center console broadcasts to all servers that are in unlocked server groups. Normal Discovery queries the primary management server of the server group for the list of secondary management servers in its address cache. Runs automatically after other types of Discovery; not user-initiated. The Symantec System Center console address cache stores information for all servers that have ever reported to it. The primary management server address cache contains information for every server within the server group. The address cache includes the names of all secondary management servers and their IP addresses. The Symantec System Center console compares its own address cache with the address cache sent by the primary management server. When a mismatch is identified, the console pings the associated server. When the pong data returns, it is added to all other servers in the list. In this way, Normal Discovery can identify every server in the server group and attempt to resolve information conflicts between parent management servers. You can configure Load from cache only, Local Discovery, and Intense Discovery to use IP Discovery by using either an IP address or an IP subnet address range. You may want to use IP Discovery only periodically to discover computers across the network. After the computers are in the address cache, you can then use the Load from cache only method. Discovery Service requirement for WINS or Active Directory The Discovery Service requires the use of Windows Internet Naming Service (WINS) or Active Directory name resolution. If you attempt to run the Discovery Service in an environment where WINS or Active Directory is not available, you need to find at least one computer running Symantec AntiVirus server on your network first. To find the computer, you can use the Find Computer feature or the Importer tool. See Using the Find Computer feature on page 35. See the Symantec AntiVirus Reference Guide for information about the Importer tool.

31 Symantec AntiVirus basics Running the Discovery Service 31 NetWare computers and the Discovery Service The Discovery Service may not find NetWare computers that are running IP only. To find the computers that are not located by the Discovery Service, you can use the Find Computer feature. See Using the Find Computer feature on page 35. Running the Discovery Service You initiate all types of Discovery in the Symantec System Center console. Note: The Discovery Service uses WINS or Active Directory when it browses for new computers that run Symantec AntiVirus. If you are trying to discover new computers in an environment in which WINS or Active Directory is unavailable, you may want to run the Find Computer feature or the Importer tool first. See Using the Find Computer feature on page 35. See the Symantec AntiVirus Reference Guide for information about the Importer tool. Configuring the Discovery Service to use IP addresses You can run the Discovery Service and find servers with or without including IP addresses and subnets. To configure the Discovery Service to use IP addresses 1 In the left pane, select any object below the console root. 2 On the Tools menu, click Discovery Service.

32 32 Symantec AntiVirus basics Running the Discovery Service 3 In the Discovery Service Properties window, on the Advanced tab, check Enable IP Discovery. Once Enable IP Discovery is checked, an IP Discovery session runs whenever you run an Intense Discovery. To run any type of Discovery without also running IP Discovery, uncheck Enable IP Discovery. You can also access IP Discovery functionality in the Find Computer dialog box. 4 In the Scan Type list, select one of the following: IP Address: The console pings every computer in the range of IP addresses. IP Subnet: The console broadcasts to each subnet. 5 In the Beginning of range and End of range boxes, type the addresses. 6 If you clicked IP Subnet, type the subnet mask to refine the search. IP Address search results appear in the lower portion of the Find Computer dialog box. IP Subnet search results are displayed in the Symantec System Center console status bar.

33 Symantec AntiVirus basics Running the Discovery Service 33 Configuring the Discovery Service You can configure and run three types of Discovery. To configure the Discovery Service 1 In the Symantec System Center console, on the Tools menu, click Discovery Service. 2 If you want to run Discovery using IP addresses, configure the settings on the Advanced tab. See To configure the Discovery Service to use IP addresses on page 31.

34 34 Symantec AntiVirus basics Running the Discovery Service 3 In the Discovery Service Properties window, on the General tab, select one of the following options: Load from cache only Local Discovery Intense Discovery This is the quickest method. The Symantec System Center reads the list of servers and clients stored in the local cache. Broadcasts to the Symantec System Center console's local subnet. Servers respond immediately with information about themselves and their clients. Each server's server group appears in the console unless you have filtered the view by using the View menu. Load from cache only runs as well. This is the most thorough method. If you have a large network, the Discovery process may take a long time. The Symantec System Center serially pings every server in the Network Neighborhood. Server names appear in the message area of the Symantec System Center console as they are found during the Discovery process. Intense Discovery also performs the same local subnet broadcast as Local Discovery. Load from cache only and Local Discovery run as well. See Table 1-3 on page Under Discovery Cycle, select the interval in minutes, if necessary. 5 If you plan to run Intense Discovery, under Intense Discovery Properties, specify the number of Intense Discovery threads, between 2 and 50. Each Discovery thread is an independent search for servers and clients. To maintain the most up-to-date Discovery information, select a lower Discovery interval and a higher number of Discovery threads. 6 If you want to clear all server and client information out of the active memory and address cache, and immediately run Discovery based on the current Discovery settings, under Cache Information, click Clear Cache Now. When you clear the cache, unlocked server groups are locked. 7 Do one of the following: Click OK to save your changes. If you want to immediately run Discovery, click Run Discovery Now, and then click Close. Only one Discovery can run at a time.

35 Symantec AntiVirus basics Using the Find Computer feature 35 Rebuilding a list of servers on a large network during Discovery may take a long time. Configuring the Discovery Cycle interval You can configure the Discovery Cycle time-out interval. By default, the interval is set to 480 minutes (every 8 hours), but you can set the time-out to any value from 1 to 1440 minutes between Discovery attempts. A new Discovery is skipped if the last Discovery is still running. For example, if you have Discovery set to run once a minute, and Discovery takes 20 minutes, 19 Discovery attempts are skipped. Note: Increasing the Discovery Cycle interval can result in a display of outdated information in the Symantec System Center console. To change the Discovery Cycle interval 1 On the Tools menu, click Discovery Service. 2 Change the Interval in minutes setting as necessary. Using the Find Computer feature If you quickly want to find a server without having to expand and browse through the tree, you can use the Find Computer feature. You can search using TCP/IP addresses or computer names. The Find Computer feature is also useful if you install a server and then do not see it in the tree view when you expand a server group or server, which may occur for the following reasons: The Symantec System Center may not automatically discover servers on LAN segments that are separated by routers. Servers may not be visible in the Network Neighborhood. For example, Windows Internet Naming Service (WINS) servers or Active Directory may not be replicated across network segments. If you cannot locate some servers on your LAN, you can locate them manually by using the Find Computer feature in the Symantec System Center console. After you use the Find Computer feature to locate a server, you can manage it from the Symantec System Center console.

36 36 Symantec AntiVirus basics Using the Find Computer feature Finding computers using a local cache search Rather than search the entire network for computers, you can restrict the search to those known to be stored already in the local cache. To find computers using a local cache search 1 On the Tools menu, click Find Computer. 2 In the Find Computer window, on the Local Search tab, type the network name of the server that you want to find. 3 Under Match Type, select one of the following: Partial Exact Searches for a server name that is a partial match. Searches for a server name that is an exact match. If you leave the Search For text box empty, and then specify Partial as the match type, all computers in the local cache appear when you run the search. 4 Click Find Now.

37 Symantec AntiVirus basics Using the Find Computer feature 37 Finding computers using a network search You can use a network search to find individual computers running the Symantec AntiVirus server software. The Symantec System Center console contains the following Find Computer options that search the network: Network Discovery Scan Network Audit Network Finds computers that run the Symantec AntiVirus server software by computer name or address. Finds the computers that run the Symantec AntiVirus server software by using an IP address or subnet range. This broad network search allows you to not only locate the computers, but also to determine the protection that is available on them, including whether other antivirus software is installed, and to configure a number of search settings. This option takes the most time and resources. See To run a network audit on page 40. To find computers using an address type 1 On the Tools menu, click Find Computer. 2 In the Find Computer window, on the Network Discovery tab, specify whether you want to use a computer name or an IP address as the search criterion. 3 Type the server address or computer name. 4 Click Find Now. To find computers using an IP address range 1 On the Tools menu, click Find Computer. 2 In the Find Computer window, on the Scan Network tab, select one of the following: IP Subnet IP Address Sends out a broadcast to each subnet. Pings every computer in the range of IP addresses. 3 Type the addresses for Beginning of range and End of range.

Symantec Client Security Administrator's Guide

Symantec Client Security Administrator's Guide Symantec Client Security Administrator's Guide Symantec Client Security Administrator's Guide The software described in this book is furnished under a license agreement and may be used only in accordance

More information

Symantec AntiVirus Business Pack Administrator s Guide

Symantec AntiVirus Business Pack Administrator s Guide Symantec AntiVirus Business Pack Administrator s Guide Symantec AntiVirus Business Pack Administrator s Guide The software described in this book is furnished under a license agreement and may be used

More information

Symantec Client Security Administrator s Guide

Symantec Client Security Administrator s Guide Symantec Client Security Administrator s Guide Symantec Client Security Administrator s Guide The software described in this book is furnished under a license agreement and may be used only in accordance

More information

Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide

Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide Legal Notice Copyright 2006 Symantec Corporation. All rights reserved. Federal acquisitions: Commercial Software - Government

More information

Symantec Critical System Protection Agent Event Viewer Guide

Symantec Critical System Protection Agent Event Viewer Guide Symantec Critical System Protection Agent Event Viewer Guide Symantec Critical System Protection Agent Event Viewer Guide The software described in this book is furnished under a license agreement and

More information

Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide

Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide The software described in this book is furnished under

More information

Symantec Backup Exec System Recovery Granular Restore Option User's Guide

Symantec Backup Exec System Recovery Granular Restore Option User's Guide Symantec Backup Exec System Recovery Granular Restore Option User's Guide Symantec Backup Exec System Recovery Granular Restore Option User's Guide The software described in this book is furnished under

More information

Symantec Critical System Protection Agent Event Viewer Guide

Symantec Critical System Protection Agent Event Viewer Guide Symantec Critical System Protection Agent Event Viewer Guide Symantec Critical System Protection The software described in this book is furnished under a license agreement and may be used only in accordance

More information

Symantec Event Collector 4.3 for Microsoft Windows Quick Reference

Symantec Event Collector 4.3 for Microsoft Windows Quick Reference Symantec Event Collector 4.3 for Microsoft Windows Quick Reference Symantec Event Collector for Microsoft Windows Quick Reference The software described in this book is furnished under a license agreement

More information

Symantec LiveUpdate Administrator. Getting Started Guide

Symantec LiveUpdate Administrator. Getting Started Guide Symantec LiveUpdate Administrator Getting Started Guide Symantec LiveUpdate Administrator Getting Started Guide The software described in this book is furnished under a license agreement and may be used

More information

Symantec Critical System Protection Configuration Monitoring Edition Release Notes

Symantec Critical System Protection Configuration Monitoring Edition Release Notes Symantec Critical System Protection Configuration Monitoring Edition Release Notes Symantec Critical System Protection Configuration Monitoring Edition Release Notes The software described in this book

More information

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide The software described in this book is furnished

More information

Symantec Enterprise Security Manager Modules for Sybase Adaptive Server Enterprise Release Notes 3.1.0

Symantec Enterprise Security Manager Modules for Sybase Adaptive Server Enterprise Release Notes 3.1.0 Symantec Enterprise Security Manager Modules for Sybase Adaptive Server Enterprise Release Notes 3.1.0 Release 3.1.0 for Symantec ESM 6.5.x and 9.0.1 Symantec Enterprise Security Manager Modules for Sybase

More information

Symantec Event Collector for Kiwi Syslog Daemon version 3.7 Quick Reference

Symantec Event Collector for Kiwi Syslog Daemon version 3.7 Quick Reference Symantec Event Collector for Kiwi Syslog Daemon version 3.7 Quick Reference Symantec Event Collector for Kiwi Syslog Daemon Quick Reference The software described in this book is furnished under a license

More information

Veritas Cluster Server Getting Started Guide

Veritas Cluster Server Getting Started Guide Veritas Cluster Server Getting Started Guide Windows Server 2003, Windows Server 2008 5.1 Service Pack 2 21101490 Veritas Cluster Server Getting Started Guide The software described in this book is furnished

More information

Configuring Symantec AntiVirus for Hitachi High-performance NAS Platform, powered by BlueArc

Configuring Symantec AntiVirus for Hitachi High-performance NAS Platform, powered by BlueArc Configuring Symantec AntiVirus for Hitachi High-performance NAS Platform, powered by BlueArc Configuring Symantec AntiVirus for Hitachi High-performance NAS Platform, powered by BlueArc The software described

More information

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started Getting started Corporate Edition Copyright 2005 Corporation. All rights reserved. Printed in the U.S.A. 03/05 PN: 10362873 and the logo are U.S. registered trademarks of Corporation. is a trademark of

More information

Veritas Cluster Server Application Note: High Availability for BlackBerry Enterprise Server

Veritas Cluster Server Application Note: High Availability for BlackBerry Enterprise Server Veritas Cluster Server Application Note: High Availability for BlackBerry Enterprise Server Windows Server 2003, Windows Server 2008 5.1 Service Pack 1 Veritas Cluster Server Application Note: High Availability

More information

Symantec Mobile Management for Configuration Manager

Symantec Mobile Management for Configuration Manager Symantec Mobile Management for Configuration Manager Replication Services Installation Guide 7.5 Symantec Mobile Management for Configuration Manager: Replication Services Installation Guide The software

More information

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started Getting Started Symantec Client Security About Security Security provides scalable, cross-platform firewall, intrusion prevention, and antivirus protection for workstations and antivirus protection for

More information

Configuring Symantec AntiVirus for NetApp Storage system

Configuring Symantec AntiVirus for NetApp Storage system Configuring Symantec AntiVirus for NetApp Storage system Configuring Symantec AntiVirus for NetApp Storage system The software described in this book is furnished under a license agreement and may be used

More information

Symantec Event Collector for Cisco NetFlow version 3.7 Quick Reference

Symantec Event Collector for Cisco NetFlow version 3.7 Quick Reference Symantec Event Collector for Cisco NetFlow version 3.7 Quick Reference Symantec Event Collector for Cisco NetFlow Quick Reference The software described in this book is furnished under a license agreement

More information

Symantec Endpoint Protection Small Business Edition Client Guide

Symantec Endpoint Protection Small Business Edition Client Guide Symantec Endpoint Protection Small Business Edition Client Guide Symantec Endpoint Protection Small Business Edition Client Guide The software described in this book is furnished under a license agreement

More information

Altiris Patch Management Solution for Linux 7.1 SP2 from Symantec User Guide

Altiris Patch Management Solution for Linux 7.1 SP2 from Symantec User Guide Altiris Patch Management Solution for Linux 7.1 SP2 from Symantec User Guide Altiris Patch Management Solution for Linux 7.1 SP2 from Symantec User Guide The software described in this book is furnished

More information

Symantec Endpoint Protection Shared Insight Cache User Guide

Symantec Endpoint Protection Shared Insight Cache User Guide Symantec Endpoint Protection Shared Insight Cache User Guide Symantec Endpoint Protection Shared Insight Cache User Guide The software described in this book is furnished under a license agreement and

More information

Symantec Mobile Security Manager Administration Guide

Symantec Mobile Security Manager Administration Guide Symantec Mobile Security Manager Administration Guide Symantec Mobile Security Manager The software described in this book is furnished under a license agreement and may be used only in accordance with

More information

Symantec System Recovery 2013 Management Solution Administrator's Guide

Symantec System Recovery 2013 Management Solution Administrator's Guide Symantec System Recovery 2013 Management Solution Administrator's Guide Symantec System Recovery 2013 Management Solution Administrator's Guide The software described in this book is furnished under a

More information

Symantec NetBackup Desktop and Laptop Option README. Release 6.1 MP7

Symantec NetBackup Desktop and Laptop Option README. Release 6.1 MP7 TM Symantec NetBackup Desktop and Laptop Option README Release 6.1 MP7 2 The software described in this document is furnished under a license agreement and may be used only in accordance with the terms

More information

Symantec Client Firewall Policy Migration Guide

Symantec Client Firewall Policy Migration Guide Symantec Client Firewall Policy Migration Guide Symantec Client Firewall Policy Migration Guide The software described in this book is furnished under a license agreement and may be used only in accordance

More information

Symantec NetBackup Backup, Archive, and Restore Getting Started Guide. Release 7.5

Symantec NetBackup Backup, Archive, and Restore Getting Started Guide. Release 7.5 Symantec NetBackup Backup, Archive, and Restore Getting Started Guide Release 7.5 Symantec NetBackup Backup, Archive, and Restore Getting Started Guide The software described in this book is furnished

More information

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in this book is

More information

Symantec Protection Center Enterprise 3.0. Release Notes

Symantec Protection Center Enterprise 3.0. Release Notes Symantec Protection Center Enterprise 3.0 Release Notes Symantec Protection Center Enterprise 3.0 Release Notes The software described in this book is furnished under a license agreement and may be used

More information

Symantec Security Information Manager - Best Practices for Selective Backup and Restore

Symantec Security Information Manager - Best Practices for Selective Backup and Restore Symantec Security Information Manager - Best Practices for Selective Backup and Restore Symantec Security Information Manager - Best practices for selective backup and restore The software described in

More information

Symantec Security Information Manager 4.6 Administrator's Guide

Symantec Security Information Manager 4.6 Administrator's Guide Symantec Security Information Manager 4.6 Administrator's Guide Symantec Security Information Manager 4.6 Administrator's Guide The software described in this book is furnished under a license agreement

More information

Symantec Endpoint Protection and Symantec Network Access Control Client Guide

Symantec Endpoint Protection and Symantec Network Access Control Client Guide Symantec Endpoint Protection and Symantec Network Access Control Client Guide Symantec Endpoint Protection and Symantec Network Access Control Client Guide The software described in this book is furnished

More information

Symantec Virtual Machine Management 7.1 User Guide

Symantec Virtual Machine Management 7.1 User Guide Symantec Virtual Machine Management 7.1 User Guide Symantec Virtual Machine Management 7.1 User Guide The software described in this book is furnished under a license agreement and may be used only in

More information

Symantec Endpoint Protection and Symantec Network Access Control Client Guide

Symantec Endpoint Protection and Symantec Network Access Control Client Guide Symantec Endpoint Protection and Symantec Network Access Control Client Guide Symantec Endpoint Protection and Symantec Network Access Control Client Guide The software described in this book is furnished

More information

Symantec Data Center Security: Server Advanced v6.0. Agent Guide

Symantec Data Center Security: Server Advanced v6.0. Agent Guide Symantec Data Center Security: Server Advanced v6.0 Agent Guide Symantec Data Center Security: Server Advanced Agent Guide The software described in this book is furnished under a license agreement and

More information

Symantec AntiVirus Installation Guide

Symantec AntiVirus Installation Guide Symantec AntiVirus Installation Guide 10517969 Symantec AntiVirus Installation Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the

More information

Symantec AntiVirus Corporate Edition Patch Update

Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Patch Update Symantec AntiVirus Corporate Edition Update Documentation version 10.0.1.1007 Copyright 2005 Symantec Corporation. All rights reserved. Symantec, the Symantec

More information

Symantec Endpoint Protection Small Business Edition 12.1.2 Installation and Administration Guide

Symantec Endpoint Protection Small Business Edition 12.1.2 Installation and Administration Guide Symantec Endpoint Protection Small Business Edition 12.1.2 Installation and Administration Guide Symantec Endpoint Protection Small Business Edition Installation and Administration Guide The software described

More information

Altiris Patch Management Solution for Windows 7.1 SP2 from Symantec User Guide

Altiris Patch Management Solution for Windows 7.1 SP2 from Symantec User Guide Altiris Patch Management Solution for Windows 7.1 SP2 from Symantec User Guide Altiris Patch Management Solution for Windows 7.1 SP2 from Symantec User Guide The software described in this book is furnished

More information

Symantec Response Assessment module Installation Guide. Version 9.0

Symantec Response Assessment module Installation Guide. Version 9.0 Symantec Response Assessment module Installation Guide Version 9.0 The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.

More information

Symantec Database Security and Audit 3100 Series Appliance. Getting Started Guide

Symantec Database Security and Audit 3100 Series Appliance. Getting Started Guide Symantec Database Security and Audit 3100 Series Appliance Getting Started Guide Symantec Database Security and Audit 3100 Series Getting Started Guide The software described in this book is furnished

More information

Veritas Operations Manager Package Anomaly Add-on User's Guide 4.1

Veritas Operations Manager Package Anomaly Add-on User's Guide 4.1 Veritas Operations Manager Package Anomaly Add-on User's Guide 4.1 November 2011 Veritas Operations Manager Package Anomaly Add-on User's Guide The software described in this book is furnished under a

More information

Altiris IT Analytics Solution 7.1 SP1 from Symantec User Guide

Altiris IT Analytics Solution 7.1 SP1 from Symantec User Guide Altiris IT Analytics Solution 7.1 SP1 from Symantec User Guide Altiris IT Analytics Solution 7.1 from Symantec User Guide The software described in this book is furnished under a license agreement and

More information

Symantec Security Information Manager 4.5 Administrator's Guide

Symantec Security Information Manager 4.5 Administrator's Guide Symantec Security Information Manager 4.5 Administrator's Guide Symantec Security Information Manager 4.5 Administrator's Guide The software described in this book is furnished under a license agreement

More information

Symantec Endpoint Protection Integration Component 7.5 Release Notes

Symantec Endpoint Protection Integration Component 7.5 Release Notes Symantec Endpoint Protection Integration Component 7.5 Release Notes Symantec Endpoint Protection Integration Component 7.5 Release Notes Legal Notice Copyright 2013 Symantec Corporation. All rights reserved.

More information

Email Encryption. Administrator Guide

Email Encryption. Administrator Guide Email Encryption Administrator Guide Email Encryption Administrator Guide Documentation version: 1.0 Legal Notice Copyright 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo,

More information

Symantec Security Information Manager 4.8 Release Notes

Symantec Security Information Manager 4.8 Release Notes Symantec Security Information Manager 4.8 Release Notes Symantec Security Information Manager 4.8 Release Notes The software described in this book is furnished under a license agreement and may be used

More information

Symantec Protection Engine for Cloud Services 7.0 Release Notes

Symantec Protection Engine for Cloud Services 7.0 Release Notes Symantec Protection Engine for Cloud Services 7.0 Release Notes Symantec Protection Engine for Cloud Services Release Notes The software described in this book is furnished under a license agreement and

More information

Symantec Protection for SharePoint Servers 6.0.4 Implementation Guide

Symantec Protection for SharePoint Servers 6.0.4 Implementation Guide Symantec Protection for SharePoint Servers 6.0.4 Implementation Guide for Microsoft SharePoint 2003/2007 Symantec Protection for SharePoint Servers Implementation Guide The software described in this book

More information

Symantec System Recovery 2011 Management Solution Administrator's Guide

Symantec System Recovery 2011 Management Solution Administrator's Guide Symantec System Recovery 2011 Management Solution Administrator's Guide Symantec System Recovery 2011 Management Solution Administrator's Guide The software described in this book is furnished under a

More information

Getting started. Symantec AntiVirus Business Pack. About Symantec AntiVirus. Where to find information

Getting started. Symantec AntiVirus Business Pack. About Symantec AntiVirus. Where to find information Getting started Symantec AntiVirus Business Pack Copyright 2004 Symantec Corporation. All rights reserved. Printed in the U.S.A. 03/04 Symantec and the Symantec logo are U.S. registered trademarks of Symantec

More information

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started

Getting started. Symantec AntiVirus Corporate Edition. About Symantec AntiVirus. How to get started Getting started Symantec AntiVirus Corporate Edition Copyright 2004 Symantec Corporation. All rights reserved. Printed in the U.S.A. 03/04 10223881 Symantec and the Symantec logo are U.S. registered trademarks

More information

Symantec Enterprise Security Manager Patch Policy Release Notes

Symantec Enterprise Security Manager Patch Policy Release Notes Symantec Enterprise Security Manager Patch Policy Release Notes Symantec Enterprise Security Manager Patch Policy Release Notes The software described in this book is furnished under a license agreement

More information

Getting started. Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers

Getting started. Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers Getting started Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers Copyright 2003 Symantec Corporation. All rights reserved. Printed in the U.S.A. 03/03 Symantec and the Symantec

More information

Symantec Enterprise Security Manager Oracle Database Modules Release Notes. Version: 5.4

Symantec Enterprise Security Manager Oracle Database Modules Release Notes. Version: 5.4 Symantec Enterprise Security Manager Oracle Database Modules Release Notes Version: 5.4 Symantec Enterprise Security Manager Oracle Database Modules Release Notes The software described in this book is

More information

Symantec NetBackup OpenStorage Solutions Guide for Disk

Symantec NetBackup OpenStorage Solutions Guide for Disk Symantec NetBackup OpenStorage Solutions Guide for Disk UNIX, Windows, Linux Release 7.6 Symantec NetBackup OpenStorage Solutions Guide for Disk The software described in this book is furnished under a

More information

Symantec Mobile Management 7.2 MR1Quick-start Guide

Symantec Mobile Management 7.2 MR1Quick-start Guide Symantec Mobile Management 7.2 MR1Quick-start Guide Symantec Mobile Management 7.2 MR1 Quick-start Guide The software described in this book is furnished under a license agreement and may be used only

More information

Veritas Operations Manager LDom Capacity Management Add-on User's Guide 4.1

Veritas Operations Manager LDom Capacity Management Add-on User's Guide 4.1 Veritas Operations Manager LDom Capacity Management Add-on User's Guide 4.1 November 2011 Veritas Operations Manager LDom Capacity Management Add-on User's Guide The software described in this book is

More information

Symantec Patch Management Solution for Windows 7.5 SP1 powered by Altiris User Guide

Symantec Patch Management Solution for Windows 7.5 SP1 powered by Altiris User Guide Symantec Patch Management Solution for Windows 7.5 SP1 powered by Altiris User Guide Altiris Patch Management Solution for Windows 7.5 SP1 from Symantec User Guide The software described in this book is

More information

Symantec Endpoint Protection Small Business Edition Implementation Guide

Symantec Endpoint Protection Small Business Edition Implementation Guide Symantec Endpoint Protection Small Business Edition Implementation Guide Symantec Endpoint Protection Small Business Edition Implementation Guide The software described in this book is furnished under

More information

Backup Exec Cloud Storage for Nirvanix Installation Guide. Release 2.0

Backup Exec Cloud Storage for Nirvanix Installation Guide. Release 2.0 Backup Exec Cloud Storage for Nirvanix Installation Guide Release 2.0 The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the

More information

Symantec Endpoint Protection Getting Started Guide

Symantec Endpoint Protection Getting Started Guide Symantec Endpoint Protection Getting Started Guide 12167130 Symantec Endpoint Protection Getting Started Guide The software described in this book is furnished under a license agreement and may be used

More information

Getting Started with Symantec Endpoint Protection

Getting Started with Symantec Endpoint Protection Getting Started with Symantec Endpoint Protection 20983668 Getting Started with Symantec Endpoint Protection The software described in this book is furnished under a license agreement and may be used only

More information

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control Client Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in this book is

More information

Symantec Event Collector 4.3 for SNARE for Windows Quick Reference

Symantec Event Collector 4.3 for SNARE for Windows Quick Reference Symantec Event Collector 4.3 for SNARE for Windows Quick Reference Symantec Event Collector for SNARE for Windows Quick Reference The software described in this book is furnished under a license agreement

More information

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Windows Server 2003, Windows Server 2008 5.1 Service Pack 1 Veritas Cluster Server Database Agent for Microsoft SQL Configuration

More information

Symantec Endpoint Protection Getting Started Guide

Symantec Endpoint Protection Getting Started Guide Symantec Endpoint Protection Getting Started Guide 13740352 Symantec Endpoint Protection Getting Started Guide The software described in this book is furnished under a license agreement and may be used

More information

Configuring Symantec Protection Engine for Network Attached Storage 7.5 for NetApp Data ONTAP

Configuring Symantec Protection Engine for Network Attached Storage 7.5 for NetApp Data ONTAP Configuring Symantec Protection Engine for Network Attached Storage 7.5 for NetApp Data ONTAP Configuring Symantec Protection Engine for Network Attached Storage 7.5 for NetApp Data ONTAP. The software

More information

Altiris Asset Management Suite 7.1 from Symantec User Guide

Altiris Asset Management Suite 7.1 from Symantec User Guide Altiris Asset Management Suite 7.1 from Symantec User Guide Altiris Asset Management Suite 7.1 from Symantec User Guide The software described in this book is furnished under a license agreement and may

More information

Symantec Mail Security for Microsoft Exchange

Symantec Mail Security for Microsoft Exchange Symantec Mail Security for Microsoft Exchange Getting Started Guide v7.0 Symantec Mail Security for Microsoft Exchange Getting Started Guide The software described in this book is furnished under a license

More information

Altiris Monitor Solution for Servers 7.1 SP1from Symantec User Guide

Altiris Monitor Solution for Servers 7.1 SP1from Symantec User Guide Altiris Monitor Solution for Servers 7.1 SP1from Symantec User Guide Altiris Monitor Solution for Servers 7.1 SP1from Symantec User Guide The software described in this book is furnished under a license

More information

Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control

Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control Installation Guide for Symantec Endpoint Protection and Symantec Network Access Control The software described in

More information

Altiris Asset Management Suite 7.1 SP2 from Symantec User Guide

Altiris Asset Management Suite 7.1 SP2 from Symantec User Guide Altiris Asset Management Suite 7.1 SP2 from Symantec User Guide Altiris Asset Management Suite 7.1 SP2 from Symantec User Guide The software described in this book is furnished under a license agreement

More information

Altiris Monitor Solution for Servers 7.1 SP1 and Event Console 7.1 MR1 from Symantec Release Notes

Altiris Monitor Solution for Servers 7.1 SP1 and Event Console 7.1 MR1 from Symantec Release Notes Altiris Monitor Solution for Servers 7.1 SP1 and Event Console 7.1 MR1 from Symantec Release Notes Altiris Monitor Solution for Servers 7.1 SP1 and Event Console 7.1 MR1 from Symantec Release Notes The

More information

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Windows 2000, Windows Server 2003 5.0 11293743 Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Copyright

More information

Altiris Monitor Solution for Servers 7.5 from Symantec User Guide

Altiris Monitor Solution for Servers 7.5 from Symantec User Guide Altiris Monitor Solution for Servers 7.5 from Symantec User Guide Altiris Monitor Solution for Servers 7.5 from Symantec User Guide The software described in this book is furnished under a license agreement

More information

Symantec Management Platform Installation Guide. Version 7.0

Symantec Management Platform Installation Guide. Version 7.0 Symantec Management Platform Installation Guide Version 7.0 Symantec Management Platform Installation Guide The software described in this book is furnished under a license agreement and may be used only

More information

Symantec Secure Email Proxy Administration Guide

Symantec Secure Email Proxy Administration Guide Symantec Secure Email Proxy Administration Guide Documentation version: 4.4 (2) Legal Notice Copyright 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo

More information

Veritas Operations Manager Advanced 5.0 HSCL Pack 1 Release Notes

Veritas Operations Manager Advanced 5.0 HSCL Pack 1 Release Notes Veritas Operations Manager Advanced 5.0 HSCL Pack 1 Release Notes November 2012 Veritas Operations Manager Advanced Release Notes The software described in this book is furnished under a license agreement

More information

Symantec Critical System Protection 5.2.9 Agent Guide

Symantec Critical System Protection 5.2.9 Agent Guide Symantec Critical System Protection 5.2.9 Agent Guide Symantec Critical System Protection Agent Guide The software described in this book is furnished under a license agreement and may be used only in

More information

Symantec ApplicationHA Agent for Microsoft Internet Information Services (IIS) Configuration Guide

Symantec ApplicationHA Agent for Microsoft Internet Information Services (IIS) Configuration Guide Symantec ApplicationHA Agent for Microsoft Internet Information Services (IIS) Configuration Guide Windows Server 2003, Windows Server 2008 and 2008 R2 6.0 September 2011 Symantec ApplicationHA Agent for

More information

Symantec NetBackup for Lotus Notes Administrator's Guide

Symantec NetBackup for Lotus Notes Administrator's Guide Symantec NetBackup for Lotus Notes Administrator's Guide for UNIX, Windows, and Linux Release 7.5 Symantec NetBackup for Lotus Notes Administrator's Guide The software described in this book is furnished

More information

Veritas Operations Manager Release Notes. 3.0 Rolling Patch 1

Veritas Operations Manager Release Notes. 3.0 Rolling Patch 1 Veritas Operations Manager Release Notes 3.0 Rolling Patch 1 Veritas Operations Manager Release Notes The software described in this book is furnished under a license agreement and may be used only in

More information

Recovering Encrypted Disks Using Windows Preinstallation Environment. Technical Note

Recovering Encrypted Disks Using Windows Preinstallation Environment. Technical Note Recovering Encrypted Disks Using Windows Preinstallation Environment Technical Note Preface Documentation version Documentation version: 11.0, Release Date: Legal Notice Copyright Symantec Corporation.

More information

NetBackup Backup, Archive, and Restore Getting Started Guide

NetBackup Backup, Archive, and Restore Getting Started Guide NetBackup Backup, Archive, and Restore Getting Started Guide UNIX, Windows, and Linux Release 6.5 Veritas NetBackup Backup, Archive, and Restore Getting Started Guide Copyright 2007 Symantec Corporation.

More information

Symantec Enterprise Vault

Symantec Enterprise Vault Symantec Enterprise Vault Setting up SMTP Archiving 10.0 Symantec Enterprise Vault: Setting up SMTP Archiving The software described in this book is furnished under a license agreement and may be used

More information

bv-control for Active Directory v8.50 User Guide

bv-control for Active Directory v8.50 User Guide bv-control for Active Directory v8.50 User Guide bv-control for Active Directory v8.50 bv-control for Active Directory User Guide The software described in this book is furnished under a license agreement

More information

Symantec Enterprise Security Manager Modules. Release Notes

Symantec Enterprise Security Manager Modules. Release Notes Symantec Enterprise Security Manager Modules for MS SQL Server Databases Release Notes Release 4.1 for Symantec ESM 9.0.x and 10.0 For Windows 2000/2008 and Windows Server 2003 Symantec Enterprise Security

More information

Symantec bv-control for Microsoft Exchange 9.0 Getting Started Guide

Symantec bv-control for Microsoft Exchange 9.0 Getting Started Guide Symantec bv-control for Microsoft Exchange 9.0 Getting Started Guide Symantec bv-control for Microsoft Exchange 9.0 Getting Started Guide The software described in this book is furnished under a license

More information

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide The software described in this book is furnished

More information

Symantec Security Information Manager 4.5 Installation Guide

Symantec Security Information Manager 4.5 Installation Guide Symantec Security Information Manager 4.5 Installation Guide PN: 10912602 Symantec Security Information Manager 4.5 Installation Guide The software described in this book is furnished under a license agreement

More information

Symantec NetBackup for Microsoft SharePoint Server Administrator s Guide

Symantec NetBackup for Microsoft SharePoint Server Administrator s Guide Symantec NetBackup for Microsoft SharePoint Server Administrator s Guide for Windows Release 7.5 Symantec NetBackup for Microsoft SharePoint Server Administrator s Guide The software described in this

More information

Symantec ApplicationHA agent for Microsoft Exchange 2010 Configuration Guide

Symantec ApplicationHA agent for Microsoft Exchange 2010 Configuration Guide Symantec ApplicationHA agent for Microsoft Exchange 2010 Configuration Guide Windows on Hyper-V 6.1 February 2014 Symantec ApplicationHA agent for Microsoft Exchange 2010 Configuration Guide The software

More information

Symantec Event Collector 3.6 for Blue Coat Proxy Quick Reference

Symantec Event Collector 3.6 for Blue Coat Proxy Quick Reference Symantec Event Collector 3.6 for Blue Coat Proxy Quick Reference Symantec Event Collector for Blue Coat Proxy Quick Reference The software described in this book is furnished under a license agreement

More information

Symantec Enterprise Vault Technical Note

Symantec Enterprise Vault Technical Note Symantec Enterprise Vault Technical Note Configuring Internal and External WebApp URLs for OWA 2007 SP4 and later Symantec Enterprise Vault: Configuring Internal and External WebApp URLs for OWA The software

More information

PGP Desktop Version 10.2 for Mac OS X Maintenance Pack Release Notes

PGP Desktop Version 10.2 for Mac OS X Maintenance Pack Release Notes PGP Desktop Version 10.2 for Mac OS X Maintenance Pack Release Notes Thank you for using this Symantec Corporation product. These Release Notes contain important information regarding this release of PGP

More information

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Windows Server 2003, Windows Server 2008 5.1 Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide Copyright

More information