This course is designed for network, IT security, and systems administration professionals tasked with architecting, implementing, and monitoring antivirus and antispyware, as well as client firewall solutions. You will learn how to design, deploy, install, configure, and monitor Symantec Endpoint Protection. You also will learn how to create and implement client firewall, intrusion prevention, and behavioral protection policies that guard the enterprise from viruses, hackers, and spam. In addition, you'll learn how to troubleshoot Symantec Endpoint Protection managers and clients.

What You'll Learn

• Symantec Endpoint Protection products, components, product dependencies, and the system hierarchy
• Install and configure Symantec Endpoint Protection management and client components
• Deploy Symantec Endpoint Protection clients
• Manage the client UI
• Manage antivirus and antispyware policies
• Configure TruScan Proactive Threat Scans
• Design a Symantec Endpoint Protection environment
• Monitor and maintain the Symantec Endpoint Protection environment
• Configure firewall and intrusion prevention policies
• Customize network threat protection

Who Needs to Attend

This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with installing, configuring, and day-to-day management of Symantec Endpoint Protection in a variety of network environments, and who are responsible for troubleshooting and tuning the performance of this product in the enterprise environment

Prerequisites

• Working knowledge of advanced computer terminology, including TCP/IP networking terms and Internet terms
• Administrator-level knowledge of Microsoft Windows 2000/XP/2003 operating systems

Follow-On Courses

There are no follow-ons for this course.

Course Outline

1. Introduction

• Course Overview
• The Classroom Lab Environment

2. Symantec Endpoint Protection Product Solution

• Why Use Symantec Endpoint Protection?
• Symantec Endpoint Protection Components
• Symantec Endpoint Protection Policies and Concepts
• Key Design Factors

3. Installing Symantec Endpoint Protection

• Hardware and Software Requirements
• Preparing Servers and Clients
• Installing the Symantec Endpoint Protection Manager

4. Managing Symantec Endpoint Protection (SEPM)

• Important SEPM Elements
• Starting and Navigating the Symantec Endpoint Protection Manager
• Policy Types and Components
• SEPM and Console Communications

5. Deploying Clients

• Preparing for Client Deployment
• Choosing the Client Installation Method
• Installing Managed Clients
• Making Unmanaged Clients Managed
• Configuring Unmanaged Detector
• Scanning Clients
• Managing the User Environment
• Managing Groups, Policies, and Locations

6. Configuring LiveUpdate Policies

• Configuring LiveUpdate
• Configuring LiveUpdate for Clients
• Manually Updating Virus Definitions

7. Configuring Antivirus and Antispyware Protection

• Introducing Antivirus and Antispyware Policies
• Configuring Auto-Protect Scans
• Configuring TruScan Proactive Threat Scans
• Configuring Administrator-defined Scans
• Quarantining Files
• Configuring Miscellaneous Settings

8. Active Directory Integration

• What Is Active Directory?
• How Is Active Directory Used?
• Working with Active Directory Integration
• Using Active Directory

9. Migrating to Symantec Endpoint Protection

• Migrating Legacy Symantec Antivirus Server and Client
• Migrating to Symantec Endpoint Protection 11.04
• Other Deployment Methods

10. Designing a Symantec Endpoint Environment

• Architecture and Sizing Considerations
• Designing the Architecture
• Determining Client-to-SEPM Ratios
• Content Distribution Methods
• SEPM and Database Sizing
• Completing the Deployment

11. Introduction to Network Threat Protection and Application and Device Control

• Network Threat Protection Basics
• The Firewall
• Intrusion Prevention
• Application and Device Control

12. Configuring Firewall Policies

• Configuring Firewall Policy Elements
• Configuring Firewall Rules
• Configuring Smart Traffic Filtering
• Configuring Traffic and Stealth Settings

13. Managing Intrusion Prevention System (IPS) Policies

• Configuring IPS
• Managing Custom Signatures

14. Configuring Application and Device Control Policies

• Introducing Application and Device Control
• Creating Application and Device Control Policies
• Customizing Application and Device Control Policies

15. Customizing Network Threat Protection and Application and Device Control

• Managing Locations
• Managing Policy Components
• Configuring Application Learning
• Configuring System Lockdown

16. Configuring Additional Protection

• Configuring Tamper Protection
• Configuring Centralized Exceptions

17. Monitoring and Reporting

• Viewing Summary Data
• Viewing and Managing Logs
• Configuring and Viewing Notifications
• Creating and Viewing Reports

18. Performing Server and Database Management

• Managing Symantec Endpoint Protection Servers
• Managing Server Security
• Communicating with Other Servers
• Managing Administrators
• Managing the Database
• Disaster Recovery Techniques

19. Installing Additional Management Components

• Installing Additional LiveUpdate Servers
• Installing and Configuring the Central Quarantine
• Expanding the Management Environment