Symantec Endpoint Protection 14.2 RU1 With Server 2016 Std Edition-Part3

SEPM 14.2 RU1 with Windows Server 2016

Hello Friends ,

I am Manish Dixit , I have 12 yrs of  experience in IT sector with different-2 technologies which comes under Security, Network, Server - Data-Center & Cloud . In this post you will learn , how to create policies and integrate SEPM with Active Directory.

• First of All Open SEPM Console (If you don't know how to install SEPM , then go to https://manyinonebymanishdixit.blogspot.com/2019/05/symantec-endpoint-protection-142-ru1.html )

• To Create Policies go to Policies Section -- Click on "Virus and Spyware Protection" and Add a new policy by clicking Right click.
  

• Give Policy Name whatever you want to give. Go in "Administrator-Defined Scans" ,delete existing one and create a new schedule scan one by clicking on Add button.
  

• In Scan Type Section , i am using Full Scan (Time :- Weekly - Wednesday at 00.30 AM !! Scan Duration:- Scan until finished !! Retry the scan within:- 3 days). You can set these settings as per your need.
  

• In Advance Scanning options , i am using Compressed Files:- Number of levels--5 !! Tuning:- Best Application Performance. Go to Action tab and choose the setting which you want to apply for your endpoints (this will applicable when any type of security risk//malware/virus etc arrive and your AV will take action against those threats). You can set Notifications also by going Notification tab. After these settings click on OK
  

• Now go in Advance tab. For my Scenario i choose "Do not show scan progress" 
  

• Now we will configure Auto protect Settings.  File System Auto-Protect is a type of ongoing or background scan that provides real-time protection for files on your computer. Whenever you access, copy, save, move, open, or close a file,Auto-Protect scans it to ensure that a threat or security risk is not present.
  
  
  

• You can lock these setting (If you don't want that user should not modify setting by opening client interface, then you can click on the lock button and it will lock). You can also define Action as per your scenario. There is Advanced tab in which you can define Startup and shutdown options of SEP agent.
  

• Now go to Download Protection tab. Download Insight detects potential risk in a file using file reputation. Here you can set sensitivity against files.You can also set Action against Download Protection by going in Actions tab.
  

• Now we have to configure SONAR properties. SONAR is the abbreviation for Symantec Online Network for Advanced Response. Unlike virus signatures, SONAR examines the behavior of applications to decide whether they are malicious.
  

• Now we will set Email Scan settings. Go in Microsoft Outlook Auto Protect and click Enable to Apply.
  

• Once You done with these setting, Click on OK and then you can see your custom Virus and Spyware Protection Policy.
  

In my NEXT POST we will learn about other Policies such as Live Update , Application and Device Control Policy.