Course Objectives
By the completion of this course, you will be able to:
- Describe how the Symantec Endpoint Protection Manager (SEPM) communicates with clients and make appropriate changes as necessary.
- Design and create Symantec Endpoint Protection group structures to meet the needs of your organization.
- Respond to threats using SEPM monitoring and reporting.
- Analyze the content delivery system (LiveUpdate).
- Reduce bandwidth consumption using the best method to deliver content updates to clients.
- Configure Group Update Providers.
- Create location aware content updatThis course is for IT and system administration professionals who are charged with managing and monitoring Symantec Endpoint Protection endpoints. es.
- Use Rapid Release definitions to remediate a virus outbreak.
You must have working knowledge of advanced computer terminology, including TCP/IP networking terms and Internet terms, and an administrator-level knowledge of Microsoft Windows operating systems.
Course Content
Introduction
- Course environment
- Lab environment
Monitoring and Managing Endpoints
- Managing Console Access and Delegating Responsibility
- Creating administrator accounts
- Managing administrators and delegating responsibility
Managing Client-to-SEPM Communication
- Analyzing client-to-SEPM communication
- Restoring communication between clients and SEPM
- Verifying clients are online with the SEPM
Managing the Client Architecture and Active Directory Integration
- Describing the interaction between sites, domains and groups
- Managing groups, locations, and policy inheritance
- Assigning policies to multiple locations
- Importing Active Directory Organizational Units
- Controlling access to client user interface settings
- Managing Clients and Responding to Threats
- Identifying and verifying the protection status for all computers
- Monitoring for health status and anomalies
- Responding to incidents
Monitoring the Environment and Responding to Threats
- Monitoring critical log data
- Identifying new incidents
- Responding to incidents
- Proactively respond to incidents
Creating Incident and Health Reports
- Reporting on your environment’s security status
- Reporting on the health of your environment
Enforcing Content Updates on Endpoints using the Best Method Introducing Content Updates using LiveUpdate
- Describing the LiveUpdate ecosystem
- Configuring LiveUpdate sources
- Troubleshooting LiveUpdate
- Examining the need for an internal LiveUpdate Administration server
- Describe the high-level steps to configure an internal LiveUpdate server
Analyzing the SEPM Content Delivery System
- Describing content updates
- Configuring LiveUpdate on the SEPM and clients
- Monitoring a LiveUpdate session
- Managing content on the SEPM
- Monitoring content distribution for clients
Managing Group Update Providers
- Identifying the advantages of using group update providers
- Adding group update providers
- Adding multiple and explicit group update providers
- Identifying and monitoring group update providers
- Examining group update provider health and status
Configuring Location Aware Content Updates
- Examining location awareness
- Configuring location aware content updates
- Monitoring location aware content updates
Managing Certified and Rapid Release Definitions
- Managing Certified SEPM definitions from Symantec Security Response
- Managing Certified Windows client definitions from Symantec Security Response
- Managing Rapid Release definitions from Symantec Security Response
- Managing Certified and Rapid Release definitions from Symantec Security Response for Mac and Linux clients
- Using static definitions in scripts to download content