1 | SPSSBE 4.0 Getting Started Guide
Symantec™ Protection Suite
Small Business Edition 4.0
Getting Started Guide
2 | SPSSBE 4.0 Getting Started Guide
SPS Small Business Edition 4.0 Getting Started
The software described in this book is furnished under a license agreement and may be used
only in accordance with the terms of the agreement.
Documentation version: 12.01.00.00
Legal Notice
Copyright © 2011 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo, Bloodhound, Confidence Online, Digital Immune System,
LiveUpdate, Norton, Norton 360, Sygate, and TruScan are trademarks or registered
trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other
names may be trademarks of their respective owners.
The product described in this document is distributed under licenses restricting its use,
copying, distribution, and decompilation/reverse engineering. No part of this document
may be reproduced in any form by any means without prior written authorization of
Symantec Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS,
REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT,
ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO
BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL
OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING,
PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED
IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software
as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19
"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in
Commercial Computer Software or Commercial Computer Software Documentation", as
applicable, and any successor regulations. Any use, modification, reproduction release,
performance, display or disclosure of the Licensed Software and Documentation by the U.S.
Government shall be solely in accordance with the terms of this Agreement.
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
http://www.symantec.com
Printed in the United States of America.
10 9 8 7 6 5 4 3 2 1
3 | SPS SBE 4.0 Getting Started Guide
Getting Started with
Symantec Protection Suite
Small Business Edition 4.0
This document is not intended to replace the point-product Getting Started Guides. Please
see the “Where to get more information” section for further details.
This document includes the following topics:
■
About Symantec Protection Suite
■
Components of SPS SBE 4.0
■
Getting Started with SPS SBE 4.0
■
Where to get more information
■
Accessing the Suite Software
About Symantec Protection Suite Small Business
Edition 4.0
Symantec Protection Suite Small Business Edition 4.0 (SPS SBE 4.0) combines the
fastest, most effective desktop security with recovery and spam-blocking Microsoft
Exchange email security—all priced for small business.
The patented technology of Symantec Insight tracks billions of files from millions
of systems that identify new threats as they are created. Maximize your employees’
productivity by blocking 99 percent of spam.
Save time and get superior data protection with automatic security with eventtriggered backups, or recover entire Windows desktops completely in minutes.
Simple central management enables fast, automated protection and recovery.
4 | SPS SBE 4.0 Getting Started Guide
About the components included in SPS SBE 4.0
Symantec Protection Suite includes multiple layers of protection from the marketleading endpoint security, messaging security, web, data loss prevention, and data
and system recovery technologies.
Symantec Protection Suite provides effective protection from viruses, malware,
spyware, and new threats. Email security blocks 99% of spam and protect emails in
Microsoft Exchange and efficiently manage, monitor, and recover systems from
backups
Table 1-1 describes the protection technologies included in SPS SBE 4.0 and their
benefits.
Table 1-1 – Protection Suite Components
SPS Component Description Benefit
Endpoint
Protection
Symantec Insight Patented technology
separates files at risk from those that are
safe, for faster and more accurate malware
detection, blocking more threats including
mutating and zero-day.
Antivirus and antispyware for Windows and
Macintosh provides unmatched, malware
protection, market-leading antivirus and
spyware protection, new rootkit protection,
reduced memory footprint, and blazing
performance.
Single endpoint agent and single
management console provides antivirus,
antispyware, desktop firewall, and intrusion
prevention all in a single agent — managed
by a single management console.
■
Symantec Insight—Accurately detects and blocks
new and rapidly mutating malware.
■
Browser Intrusion Prevention—Effectively blocks
attacks directed at browser vulnerabilities.
■
Endpoint Protection for Mac OS® X—Now managed
through the Symantec Endpoint Protection
management console.
■
Symantec Power Eraser—Powerful tool for
removing malware on heavily infected systems.
■
Smart Scheduler—Stays out of your way by
performing security tasks when your computer is
idle.
5 | SPS SBE 4.0 Getting Started Guide
SPS Component
Description
Benefit
Mail Security for
Exchange
System Recovery
Desktop Edition
Symantec Mail Security provides real-time
protection for email against viruses, spam,
spyware, phishing, and other attacks while
enforcing content policies. Powered by
Brightmail technology, this email security
software stops 99 percent of spam while
making fewer than 1 false positive per
million messages. It supports 64 bit and
Virtualized server environments with easy
installation and simple administration.
Symantec System Recovery 2011 delivers
fast and reliable system recovery to help you
minimize downtime and meet recovery time
objectives with confidence. Quickly restore
Windows desktops/laptops in minutes, even
to bare metal, dissimilar hardware, remote
locations, or virtual environments.
Symantec System Recovery is one of the
most proven, trusted, and reliable system
recovery solutions.
The Optional System Recovery Management
Solution allows you to manage machines in a
one-to-many configuration, simplifying
administration. Systems can still be
managed one-to-one without the
Management Solution.
■
Protects against viruses, mass-mailer worms,
Trojan horses, spam, spyware, phishing, and denial
of service attacks
■
Stops 99 percent of spam while making fewer than
1 mistake per million messages.
■
Filters email content with pre-defined policies,
regular expressions, attachment criteria and True
File typing.
■
Management console provides centralized server
group policy configuration, notifications, alerts, and
reporting.
■
Integration with Microsoft Operations Manager
and Systems Center Operations Manager creates an
email security software solution that enables endto-end monitoring of your IT environment.
■
Dramatically minimize downtime and avoid
disruption and employee productivity losses.
■
Replace time-consuming, manual and error-prone
desktop/laptop recovery processes with fast,
reliable, automated system recovery.
■
Recover what you need, when and where you need
it, including individual files, folders or complete
systems in minutes.
■
Eliminate the need to have duplicate hardware on
standby for recovery purposes and save on hardware
costs.
■
Easily perform hardware refreshes and migrations.
■
Centrally manage backup and recovery tasks for
multiple desktops/laptops across your entire
organization
SPS SBE 4.0 Reference Architecture
When fully deployed, Symantec Protection Suite Enterprise Edition provides coverage across
multiple attack vectors in the network, including email for Exchange (via Symantec Mail Security),
and endpoints (via Symantec Endpoint Protection and Symantec Endpoint Protection for Mac).
Windows desktops and laptops can be quickly recovered in the event of a critical system failure.
The solutions in Symantec Protection Suite 4.0 Enterprise Edition can be grouped into three
categories:
Endpoint Security
6 | SPS SBE 4.0 Getting Started Guide
Symantec Endpoint Protection
Symantec Endpoint Protection for Mac
Messaging Security
Symantec Mail Security for Microsoft Exchange
Backup and Recovery
Symantec System Recovery Desktop Edition
Figure 1-1 Reference Architecture
Getting Started with SPS SBE 4.0
Before beginning the deployment of Symantec Protection Suite 4.0 Enterprise Edition you
should assess your security requirements and prioritize the installation of critical
technologies. In this section we will describe how to implement a total solution and take
advantage of the full value that Symantec Protection Suite 4.0 Small Business Edition
provides.
For further details on any of the actions or descriptions listed below see the individual
7 | SPS SBE 4.0 Getting Started Guide
point-product Getting Started and Implementation/Installation guides.
Table 1-2 – Getting Started
Action
Prerequisites
Plan your Architecture
Security Management
Install the Small
Business Endpoint
Protection Manager
Mail Protection
Install the mail
security solution
Security
Configuration
Configure policies
Description
Make sure you have appropriate hardware resources for the Protection Suite technologies.
■
Mail Security for Exchange will be installed directly to the mail servers.
■
The Small Business Endpoint Protection Management server uses the default embedded
database.
■
can be installed to a shared resource server but make sure the system requirements are
appropriate for all server activities.
Please see the point product Getting Started and Implementation guides for complete system
requirements.
Install the Symantec Endpoint Protection SBE Manager. The SEP SBE Management console
Install the Symantec Mail Security server next to protect mail.
■
Install Mail Security to your existing Exchange mail server.
Identify any special requirements your organization may need. Although the default policies
for the Protection Suite technologies are very robust and effective your environment may have
unique requirements that are not covered in the default templates and policies. Try to
minimize any unnecessary changes to simplify troubleshooting steps if required.
■
Endpoint Protection policies: client groups and locations, scanning exclusions for special file
types or directories, communication settings, etc.
■
Mail Security: Endpoint Protection exclusions, thread tuning, etc.
Client Deployment &
Configuration
Deploy the System
Recovery agents
Perform a full
endpoint backup
■
Deploy the Symantec System Recovery agent to the endpoints.
■
Identify the storage locations for your endpoint backups. Storage locations can be local
(directly attached to the endpoint) or on a network resource that the endpoint can access.
Performance will depend on transfer rates of the network or hardware devices. Backups can be
password protected and backup data can be compressed. Note that compression levels may
affect backup performance.
■
Backup policies can be configured to perform a full with incremental to reduce the amount of
time that subsequent backups will take.
■
Having a full endpoint backup can simplify troubleshooting or recovery in the case of failures
during client agent implementation or migration.
■
Create and test the Symantec Recovery Disk to ensure you can perform a system recovery if
necessary.
8 | SPS SBE 4.0 Getting Started Guide
Deploy the Endpoint
Protection Agent
■
Once the systems have been backed up deploy the Endpoint Protection Agent. The SEP agent
can be deployed in a number of ways depending on your endpoints and users.
See the Endpoint Protection SBE Implementation Guide for deployment options.
Update definitions and
run a full system scan
on the endpoints
■
Run a full system scan on the endpoints with the latest virus definitions to identify any
threats that may be dormant on the endpoint. This can be a manual or scheduled scan that is
defined in the SEP SBE protection policies.
Where to get more information
Your first stop for the Protection Suites once you receive your licensing information
should be
product is available for download along with the installation media.
The individual point-products also include several sources of information. The
primary documentation is available in the Documentation folder on the product disc.
Updates to the documentation are available from the Symantec Technical Support
Web site at
The Protection Suites include the following point product documentation:
■
■
■
fileconnect.symantec.com. Full product documentation for each point
http://www.symantec.com/business/support
Implementation Guides
These guides include procedures to install, configure, and manage the product.
Client and User Guides
These guides include procedures for users to use and configure client software.
Online Help
Online Help systems contain the information that is in the guides plus context-
specific content.
Document Locations
Symantec Endpoint Protection
http://www.symantec.com/business/support/index?page=landing&key=54619
Symantec Mail Security for Exchange
http://www.symantec.com/business/support/index?page=landing&key=51980
Symantec System Recovery Desktop Edition
http://www.symantec.com/business/support/index?page=landing&key=53847
To provide feedback on SPS SBE 4.0 or this document please visit:
Symantec Connect SPS Forums
https://www-secure.symantec.com/connect/security/forums/symantec-protection-suites-sps
9 | SPS SBE 4.0 Getting Started Guide
Accessing the Suite Software
Symantec uses the FileConnect website at https://fileconnect.symantec.com, which allows
customers to download electronic media. FileConnect also provides the ability to request physical
media.
1. Upon navigating to FileConnect you will be prompted to choose your language.
2. Next you will be prompted to log in.
3. Enter your product serial number. The serial number will be located on the certificate you received
from Symantec.
4. Read and agree to the terms of the end user license agreement.
5. The most up-to-date full build Maintenance Releases are available from this site.
6. Select the product suite and language you wish to download
10 | SPS SBE 4.0 Getting Started Guide
Two download methods are available:
HTTP Download:
Although the HTTP download allows one file to be selected for download at a time, it is a browser
controlled download, and as such does not use the Java Runtime Environment or require the
installation of any applets on your computer. The HTTP download uses HTTP 1.1 allowing
browsers to resume an interrupted download in most cases. This method does, however, require
that cookies be enabled, to transmit an encrypted hash code to the download server. Without
this code, your download will fail.
Managed FTP Download:
If you wish to begin downloading multiple files at the same time, this method allows you to
select as many files as you wish, begin the download, and go on to other areas of business. The
process requires that a Java Applet be installed on your machine that manages the download
process, so that when one file completes its download, the next in the queue is initiated. It also
allows for the use of the "Resume Downloads" feature on the web site. We recommend the use of
the Java Runtime Environment (JRE) version 1.4.2, as there is a bug, documented on the Sun site,
between Verisign certificates and certain other versions of the JRE. This bug will still allow the
download, but a warning will appear stating that it is not a trusted source.
7. Select the Suite components you wish to download. If you chose “Managed Download” you will be
able to select multiple options, if you chose “HTTP Download” you can only choose one option at a
time.
8. When you have made your choice, click “Begin Downloading”
9. If you have chosen components which either have dependencies or multiple components, you will be
prompted to add them to your download
10. If you wish to download further components, you can choose them here. Once again, if you chose the
Managed download, you can select multiple options. If you chose HTTP Download, you will only be
able to choose one option at a time.
11. Once you have made your choices, click Continue Downloading.
12. If you chose HTTP Download, then your browser will prompt you for a location to save the download
file.
13. If you chose Managed Download, the download manager will launch. You may be prompted with
security prompts; you will need to accept these to continue.
Once the download manager has launched, you click Browse and specify a location to save the
14.
downloads. Then click Start Download – your download progress will be shown.
11 | SPS SBE 4.0 Getting Started Guide
15. Once the download has completed, you will see the screen below. At this point, you may close your
browser and start installation of the suite products
Loading...