Presentation on theme: "Symantec Endpoint Protection 11.0 Maintenance Release 2: Whats new Updated 11 th April 2008."— Presentation transcript:
Symantec Endpoint Protection 11.0 Maintenance Release 2: Whats new Updated 11 th April 2008
Optional Footer Information Here2 Agenda New features and improvements1 Resolved product issues2 Other points to be aware of3
Optional Footer Information Here3 New features and improvements
Optional Footer Information Here4 New features and improvements: New platform support Windows 2008 support (inc Server Core) SEP client only (32 and 64bit) Windows Vista SP1 support SEP client only (32 and 64bit)
Optional Footer Information Here5 New features and improvements: Less resource usage / Lighter footprint Symantec Endpoint Protection Manager Use less RAM for Console, Server and Embedded DB –approx 256mb Now less disk space –approx 2GB Symantec Endpoint Protection client Now less disk space –approx 400mb
Optional Footer Information Here New features and improvements: Manager Installation > Create sys admin 6
Optional Footer Information Here7 New features and improvements: Manager Installation > Choose config * This dialog will only appear with a new SEPM install, not an upgrade *
Optional Footer Information Here New features and improvements: Manager Installation > Simple Automatically configures the following: Embedded database chosen Site name set to My Site Admin-specified password used for DB and encryption also 3 content revisions stored 8 Please note: By default a SEPM will download 3 new certified AV/Antispyware content updates per day, therefore storing 3 content revisions would mean SEP client content could only be out of date by 1 full day before a full update would be downloaded.
Optional Footer Information Here9 New features and improvements: Manager Installation > Advanced
Optional Footer Information Here New features and improvements: Manager Installation > Advanced Content revisions stored, for each option chosen: Less than 100: 3 Between 100 and 500: 3 Between 500 and 1000: 10 More than 1000: Please note: By default a SEPM will download 3 new certified AV/Antispyware content updates per day, therefore storing 3 content revisions would mean SEP client content could only be out of date by 1 full day before a full update would be downloaded.
Optional Footer Information Here11 New features and improvements: Manager Installation > DB choice
Optional Footer Information Here New features and improvements: Manager Installation > DB choice Re embedded DB option now supporting 5000 computers: Increased so that customers in the range of were not forced to purchase SQL licenses. No further DB optimisation has been implemented, BUT: –Lab testing has proven the embedded DB can adequately scale beyond 5000 managed computers, even out-performing MS-SQL in environments with small numbers. –A product issue has been resolved whereby the embedded DB would not reclaim freed up space, therefore would continue to grow indefinitely. 12
Optional Footer Information Here13 New features and improvements: Manager Installation > Summary
Optional Footer Information Here14 New features and improvements: Console Homepage Latest content versions now show on homepage for both Symantecs public Liveupdate server and the local SEPM:
Optional Footer Information Here15 New features and improvements: Content revision control via the console Number of content revisions stored is now configurable via the console. Please note: If you choose Simple, this will set the stored content revisions to 3. If you choose Advanced, then: Less than 100: 3 revisions Between 100 and 500: 3 revisions Between 500 and 1000: 10 revisions More than 1000: 30 revisions If you upgraded the SEPM, the previously configured setting will be preserved (10 by default preMR2).
Optional Footer Information Here New features and improvements: Delta generation CPU usage control The mdef25builder will now, by default, never use more than 50% of available CPU cycles. This is configurable by adding the following parameter to the conf.properties file: – scm.delta.cpu.usage The advantage is less impact on the SEPM when deltas are being created –Be aware though that this also means the process will take longer to complete the required delta generation task. 16
Optional Footer Information Here New features and improvements: More responsive console experience * Not installed by default, optional component on CD3 * The IIS 6.0 FastCGI extension improves the performance of the Home, Monitors, and Reports pages of the console. Is standard component to ship with Windows Documentation also provided on CD3 detailing setup steps. Symantec provides full support for the SEPM with the successful installation of the FastCGI extension. 17
Optional Footer Information Here New features and improvements: Template AV/Antispyware policies Default (Balanced), High Security, High Performance. All specifics documented in product admin manual (p394) 18
Optional Footer Information Here New features and improvements: Template Application Control policies Further template policies added in MR2: 19
Optional Footer Information Here New features and improvements: Automatic AV/Antispyware exclusions SEP 11.0, when released, already set automatic exclusions for MS Exchange 2003 and Now, MR2 will add automatic exclusions for: –SEPM embedded database and transactional logs –Active Directory database, transactional logs and working files Following Microsoft best practice recommendations 20
Optional Footer Information Here New features and improvements: Granular Device Control Devices can now be identified by any means –Type, Brand, Model, Serial Number Tool provided on CD3 to verify Device IDs (DevViewer) Some Device ID examples: –SanDisk Micro Cruzer - USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\ &0 –Apple iPod - USBSTOR\DiskApple___iPod____________1.62\4&3656B0&0 –Hitachi IDE Hard Drive - IDE\DISKHTS541060G9SA00_________________________MB3IC60H\4&14AA9DA8&0&
Optional Footer Information Here New features and improvements: Granular Device Control 22
Optional Footer Information Here New features and improvements: Granular Device Control 23
Optional Footer Information Here New features and improvements: Other updated included components Liveupdate Administrator (MR2) –Now supports Vista SP1 and Windows 2008 Symantec Antivirus for Linux (MR4) Network Access Control (optional additional purchase) –Now includes Microsoft NAP support and Peer-to-Peer enforcement 24
Optional Footer Information Here25 Resolved product issues
Optional Footer Information Here26 Resolved product issues: Performance Fixed port leaks on SEPM server Optimized disk space usage of embedded database Fixed excessive disk space used by antivirus logs on SEPM Fixed excessive disk space use by LiveUpdate on SEP client Reduced length of accelerated heartbeat on SEP client to optimize communication between SEPM and SEP client
Optional Footer Information Here27 Resolved product issues: Functionality and usability Resolved inconsistent scanning of files on SEP client Improvements to SEPM console home page include all charts displayed properly, all agents and agent status appear correctly Fixed site and agent replication issues Fixed ClientRemote Utility Optimized creation of group folders so that they can be created in a timely manner Optimized performance of Active Directory synchronization to avoid database deadlocks Minimized boot time on SEP client by optimizing Symantec processes during startup
Optional Footer Information Here28 Resolved product issues: Communication and connectivity Addressed issues whereby SEP clients connecting to a SEPM over slow network links could saturate the line when retrieving content updates Addressed issues with SEP client communicating with SEPM behind a firewall with NAT or after changing the remote console port Addressed issue with SEP clients management being blocked by Checkpoint VPN client connections
Optional Footer Information Here29 Other points to be aware of
Optional Footer Information Here30 Other points to be aware of: SEP client cached installs have moved * Now also compressed to save disk space *
Optional Footer Information Here31 Other points to be aware of: Default AV/Antispyware policy overwrite MR2 changes the default AV/Antispyware policy so that an ActiveScan doesnt occur each time new definitions are loaded (which occurs 3 times a day by default): This change means that if you install MR2 over an existing pre MR2 SEPM, the default AV/Antispyware policy will be overwritten. It is recommended, if you wish to keep this default AV/Antispyware policy, please make a copy of it or rename it before upgrading to MR2.
Optional Footer Information Here32 Other points to be aware of: MR2 client will not be available via LU Due to a defect in SEPM, pre-MR2 releases of SEPM cannot download MR2 LiveUpdate Packages. Customers will have to download SEPM via FileConnect. –Since new SEPM will already contain MR2 SEP client packages, it will be unnecessary for administrators to use LiveUpdate to download the MR2 client packages. Once administrators have MR2 SEPM release in their environment, they can use LiveUpdate to download future client packages (to be determined... either MR2 MP1 or MR3) that will be available via LiveUpdate.
Optional Footer Information Here33 Other points to be aware of: How to shrink the embedded DB There is a product issue preMR2 whereby the embedded DB would continue to grow indefinitely. This was caused by the SEPM not successfully periodically reclaiming freed up space. If you have upgraded the SEPM to MR2, some steps can still be followed to reclaim this space: Note: Technical Support can assist with this procedure as needed. 1.Via DOS prompt, navigate to C:\Program Files\Symantec\Symantec Endpoint Protection Manager\ASA\win32\ 2.Run command dbunload -c "uid=dba;pwd=dba_password" –ar 3.Restart the SEPM service.
Optional Footer Information Here34 & ANSWERS QUESTIONS