mophire.blogg.se - Symantec endpoint protection cloud change device group

When the user browses the Internet, their computer will configure their proxy settings based upon the PAC file downloaded from. The SEP client will automatically switch to the “Branch” location. If the user takes their computer to the branch office the SEP client will determine that the subnet that the computer is on is 192.168.1.0/24. When the location is set to Corp there is no Integration policy applied and all web traffic will be directed to WSS by the Firewall/VPN connection. The SEP client will set automatically set the location to “Corp”. If the user logs onto their computer and the computer is on the corporate network, the SEP client will be able to connect to the SEPM server. The Workstations Integrations Policy – Roaming policy is configured to use.

Requirement 1: Roaming Captive Portal has to be enabled in WSS portal.The Roaming location uses the Workstations Integrations Policy – Roaming policy. The Workstations Integrations Policy – Branch policy is configured to use. Captive Portal has to be enabled in WSS portal. Requirement 2: An Explicit Proxy Authentication Policy has to be created for each branch location.Requirement 1: A Location has to be added for each branch office in the WSS portal.The branch location uses the Workstations Integrations Policy – Branch policy. Option 1: Enable Captive Portal (A Firewall/VPN Authentication Policy has to be created for the Corp site).

Requirement 2: The firewall has to be configured to allow a Firewall/VPN connection to WSS.

Requirement 1: Location has to be created for the Corp site.

Therefore, no PAC file will be set and all traffic will go through the firewall/VPN connection. The Corp location has no Integrations Policy. The Integrations Policy is the SEP policy used to configure connectivity to WSS. LocationsĮach location has its own set of policies. Note: This location matches all locations that are not evaluated in the Corp and Branch locations. Note: You can add as many subnets as you have branch offices. SEP policies are applied to Client Groups.Īuto-Location Switching can be used to further subdivide the SEP clients in a client group by criteria, such as the ability to connect to the SEP Management server or the SEP client’s DNS server, IP address, subnet, etc. For example, there can be server and/or workstation client groups. Within the SEPM console, SEP clients are logically organized into Client Groups. Note: The screenshots below are from a lab environment. The content assumes that the reader has at least some familiarity with WSS and SEP. It is not exhaustive in its coverage of the topic.

This section describes the technical aspects of this solution. WSS is managed using the ThreatPulse portal using a web browser. The SEPM server is managed using the SEPM console. A Symantec Endpoint Protection Manager (SEPM) server is used to manage the SEP client. So, this is a modified Explicit Proxy access method which is called SEP WSS Traffic Redirection. The Explicit Proxy access method takes advantage of an auto-updating PAC file configured in the SEP client. The SEP clients not on the corporate network use the Explicit Proxy access method to direct all web traffic from the computers to WSS. All web traffic from the corporate network is transparently directed to WSS through the IPSec tunnel. For the Firewall/VPN access method, an IPSec VPN is set up between the corporate firewall and WSS. This solution uses the Firewall/VPN and Explicit Proxy access methods. WSS has a number of Access Methods which can be used to get computers to connect to WSS. Wouldn’t it be great if there was a way to configure SEP to use WSS? There is, and this is how it works. The challenge from a Symantec point of view is that it is another agent to manage on the endpoint. The Unified Agent is an excellent tool to enforce WSS policies. For roaming computers (not connected to the corporate network) WSS used the Unified Agent to connect computers to WSS. The Symantec Web Security Service (WSS) is a powerful tool to protect your endpoints from web-based threats. When Symantec purchased Blue Coat they gained world class web proxy solutions. This is an extremely effective combination of technologies that help to keep your endpoints secure. Since Version 11, the SEP client has provided antivirus, firewall, intrusion prevention, application and device control, application whitelisting and more. One of the strengths of Symantec Endpoint Protection (SEP) has been the simplicity of the SEP client.