Policy management in Endpoint Protection Manager

Products

Endpoint Protection

Issue/Introduction

Learn more about managing policies in Symantec Endpoint Protection Manager (SEPM).

Resolution

Policies page

The Policies page in Endpoint Protection Manager provides a centrally managed solution that handles security policy enforcement, host integrity checking, and automated remediation for clients. Policies help Endpoint Protection Manager managed clients that connect to the server to get the latest policies, security settings, and software updates.

Typically, you perform most shared policy-related from the Policies page, while you perform non-shared tasks from the Clients page.

Endpoint Protection Manager learns communications behavior, creates and deploys security and enforcement policies, manages user and computer group structures, and communicates with other Endpoint Protection Manager servers.

Through Symantec's heartbeat communication protocol, Endpoint Protection Manager learns about user, application, and network behavior from clients. Endpoint Protection Manager provides enterprises with an up-to-the-minute view of their security status.

You can use several types of policies to manage the corporate environment. Endpoint Protection Manager automatically creates some of these policies during installation. You can use a default policy as is, or further customize it to suit a specific corporate environment.

Table 1: Endpoint Protection Manager policies

This list shows each policy, whether a default policy is created during the initial installation, and a description for each policy.

Policy name	Default policy	Description
Antivirus and Antispyware	Yes	Defines the antivirus and antispyware threat scan settings, including how detected processes are handled.
Firewall	Yes	Contains defined the rules and notifications, intrusion protection and active response settings, smart traffic filtering, and traffic and stealth settings.
Intrusion Prevention	Yes	Defines the exceptions to the intrusion detection policy and applies it to groups.
Host Integrity	Yes	Helps define, restore, and enforce the security of clients to keep enterprise networks and data secure.
Application and Device Control	Yes	Configures the software and device protection policies for clients.
LiveUpdate	Yes	Specifies the computers that clients must contact to check for updates along with the schedule which defines how often clients must check for updates.
Centralized Exceptions	No	Specifies the exceptions to particular policy features you want to apply.

Enterprises use the information that the Endpoint Protection Manager collects to create security policies. These security policies link users, connectivity technology, applications, and network communication to security policies.

Symantec's security policies are managed and inherited through group structures of users, computers, and servers. You can import information about users and computers. You can also synchronize data with directory servers, such as Active Directory and LDAP.

Endpoint Protection Manager can be centralized or distributed in a global enterprise to provide scalability, fault tolerance, load balancing, and policy replication.

You can perform the following tasks:

Set up your administrative structure and organizational structure, which includes computers, users, and groups.
Set up security policies.
- Each group that you define as part of your organizational structure can have a separate policy. You can also set up individual policies for locations, such as home and office within a group.
Set up and deploy client packages.
Customize client settings.
Manage Endpoint Protection Manager sites and replication.
Configure Symantec Enforcers if you use them as part of your enforcement solution.
Monitor logs and view reports.

Overview page

Use the Overview page to provide an overview for each policy. If required, you can assign this policy to specific locations in a group.

Table 2: Policy overview options

Group or Option	Description
Policy name	This option provides the name and description for each policy. The following options are available: Policy name Name of the policy. When you create a new policy, this text box is mandatory. Description Description of the policy. After you click OK, the new policy name and description appear in the policy list in each policy's main window.
Enable this policy	This option enables a policy and assigns it to a location or group. Disable the policy if you want to set up the policy and download the settings to the client at a later time. Policies are enabled by default. Note: You cannot disable an Antivirus and Antispyware Policy, a LiveUpdate Policy, or a LiveUpdate Content Policy.
Groups Using This Policy	This option identifies the groups to which this policy is applied. When you initially create a policy, this table is blank. After you apply policies to groups, the groups appear in this table. You can change the list to appear as a tree to easily view group hierarchy.