Learn more about managing policies in Symantec Endpoint Protection Manager (SEPM).
The Policies page in Endpoint Protection Manager provides a centrally managed solution that handles security policy enforcement, host integrity checking, and automated remediation for clients. Policies help Endpoint Protection Manager managed clients that connect to the server to get the latest policies, security settings, and software updates.
Typically, you perform most shared policy-related from the Policies page, while you perform non-shared tasks from the Clients page.
Endpoint Protection Manager learns communications behavior, creates and deploys security and enforcement policies, manages user and computer group structures, and communicates with other Endpoint Protection Manager servers.
Through Symantec's heartbeat communication protocol, Endpoint Protection Manager learns about user, application, and network behavior from clients. Endpoint Protection Manager provides enterprises with an up-to-the-minute view of their security status.
You can use several types of policies to manage the corporate environment. Endpoint Protection Manager automatically creates some of these policies during installation. You can use a default policy as is, or further customize it to suit a specific corporate environment.
This list shows each policy, whether a default policy is created during the initial installation, and a description for each policy.
|Policy name||Default policy||Description|
|Antivirus and Antispyware||Yes||Defines the antivirus and antispyware threat scan settings, including how detected processes are handled.|
|Firewall||Yes||Contains defined the rules and notifications, intrusion protection and active response settings, smart traffic filtering, and traffic and stealth settings.|
|Intrusion Prevention||Yes||Defines the exceptions to the intrusion detection policy and applies it to groups.|
|Host Integrity||Yes||Helps define, restore, and enforce the security of clients to keep enterprise networks and data secure.|
|Application and Device Control||Yes||Configures the software and device protection policies for clients.|
|LiveUpdate||Yes||Specifies the computers that clients must contact to check for updates along with the schedule which defines how often clients must check for updates.|
|Centralized Exceptions||No||Specifies the exceptions to particular policy features you want to apply.|
Enterprises use the information that the Endpoint Protection Manager collects to create security policies. These security policies link users, connectivity technology, applications, and network communication to security policies.
Symantec's security policies are managed and inherited through group structures of users, computers, and servers. You can import information about users and computers. You can also synchronize data with directory servers, such as Active Directory and LDAP.
Endpoint Protection Manager can be centralized or distributed in a global enterprise to provide scalability, fault tolerance, load balancing, and policy replication.
You can perform the following tasks:
Use the Overview page to provide an overview for each policy. If required, you can assign this policy to specific locations in a group.
|Group or Option||Description|
|Policy name||This option provides the name and description for each policy.
The following options are available:
|Enable this policy||This option enables a policy and assigns it to a location or group.
Disable the policy if you want to set up the policy and download the settings to the client at a later time. Policies are enabled by default.
Note: You cannot disable an Antivirus and Antispyware Policy, a LiveUpdate Policy, or a LiveUpdate Content Policy.
|Groups Using This Policy||This option identifies the groups to which this policy is applied.
When you initially create a policy, this table is blank. After you apply policies to groups, the groups appear in this table.
You can change the list to appear as a tree to easily view group hierarchy.