Best Practices for using Symantec Endpoint Protection 12.1 with Amazon WorkSpaces

book

Article ID: 158988

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This article describes best practices for using Symantec Endpoint Protection 12.1 (SEP) within Amazon WorkSpaces.

Resolution

When creating a Custom Scan, the C: drive of the WorkSpaces environment is not available for selection

Access to the C: drive is restricted within Amazon WorkSpaces. Because of these restrictions, the C: drive is not available for selection when specifying scan locations for a Custom Scan.

If you wish to scan the C: drive, create a Full Scan. A Full Scan will include the C: drive in the scan.

Note: By default, SEP's Auto-Protect feature will scan all files upon access or modification. This includes files on the C: drive.

Note: In some instance, full system scans can also scan the drives of the local computer. See more information below.

 

Full system scans will scan the drives of the local computer

If a user create a full system scan and remains connected to the WorkSpaces environment when the scan runs, SEP will scan both the drives of the WorkSpaces environment and the drives of the local computer. This occurs because the local computer's drives are automatically mounted within the WorkSpaces environment.

Since the scan of the local computer's drives is running across the internet (from the WorkStations environment to the local computer), it will be slowed significantly and could take an undesirable amount of time to complete.

This issue may be worked around by one of the following methods:

  1. Create folder exclusions within the WorkSpaces environment for the local computer's drives
  2. Disconnect from the WorkSpaces environment before SEP scans the computer
  3. Create a custom scan to scan specific drives, folders, and files rather than using a Full Scan

 

Do not enable the setting "Prompt before allowing application traffic"

Enabling this setting will display a prompt to the user before allowing an application's network traffic through the SEP firewall. Enabling this setting will disconnect your WorkSpaces session and, since you cannot answer the prompt to allow the network traffic to reconnect the session, you will be unable to reconnect.

This setting is disabled by default.

 

Do not block inbound traffic to port 80 from your local IP address

Connections from your local computer to Amazon WorkSpaces occur on port 80. If the Symantec Endpoint Protection firewall within the WorkSpaces environment is configured to block incoming traffic to port 80, you will be unable to connect to your Amazon WorkSpaces environment.