search cancel

Threat Defense for Active Directory Administration Guide

book

Article ID: 175807

calendar_today

Updated On:

Products

Endpoint Threat Defense for Active Directory

Issue/Introduction

  • Threat Defense for Active Directory Administration Guide
  • User guides for TDAD 
  • TDAD 3.3
  • TDAD 3.2

Resolution

Symantec™ Endpoint Threat Defense for Active Directory v3.3 Administration Guide ............................................. 1
Symantec™ Endpoint Threat Defense Active Directory Guide ................................................................................ 2
Symantec Support ...................................................................................................................................................... 3
Knowledge Base articles and Symantec Support ................................................................................................... 3
Technical Support and Enterprise Customer Support ............................................................................................ 3
About this guide ............................................................................................................................................................ 7
Overview ................................................................................................................................................................... 7
Product documentation .............................................................................................................................................. 7
Table 2-1 Symantec Endpoint Threat Defense for Active Directory documentation set................................. 7
Comment on the documentation ................................................................................................................................ 8
Introduction ................................................................................................................................................................... 9
About Symantec Endpoint Threat Defense for Active Directory .............................................................................. 9
Incident response ......................................................................................................................................................... 11
Responding to an alarm ........................................................................................................................................... 11
Architecture ................................................................................................................................................................. 12
Architecture ............................................................................................................................................................. 13
Architecture Standalone Version ............................................................................................................................. 14
Architecture – Complex Architecture (over 10k nodes or multiple domains) ......................................................... 14
Console overview ........................................................................................................................................................ 15
About the Endpoint Threat Defense for AD UI ....................................................................................................... 15
Logging in and logging out ...................................................................................................................................... 15
About the overview dashboard ................................................................................................................................ 16
Domains ............................................................................................................................................................... 17
Alarms ................................................................................................................................................................. 17
Protected Resources ............................................................................................................................................. 17
Detected Dark Corners ........................................................................................................................................ 18
Latest Alarms ....................................................................................................................................................... 18
Latest Dark Corners ............................................................................................................................................. 18
Alarms ..................................................................................................................................................................... 19
Inbox .................................................................................................................................................................... 19
Contents
Archiving an alarm .............................................................................................................................................. 20
Alarm types ......................................................................................................................................................... 20
Table 6-1 Alarm types with breach prevention ............................................................................................. 20
OPTH vs PTH alarms .......................................................................................................................................... 21
Forensics report ........................................................................................................................................................... 24
About forensics report ............................................................................................................................................. 24
Rerun forensics report.......................................................................................................................................... 24
Frequently asked questions about forensics ......................................................................................................... 25
Creating a Pdf or JSON of a forensics report ...................................................................................................... 26
IOC ...................................................................................................................................................................... 27
Mitigation .................................................................................................................................................................... 39
About mitigation ...................................................................................................................................................... 39
Dark Corners ............................................................................................................................................................... 41
About AD Assessment ............................................................................................................................................. 41
Instances ...................................................................................................................................................................... 45
About the Instances icon .......................................................................................................................................... 45
Domains ....................................................................................................................................................................... 47
About the Domains icon .......................................................................................................................................... 47
Deployment manager ................................................................................................................................................... 48
About the Deployment Manager tab ........................................................................................................................ 48
Sites ............................................................................................................................................................................. 56
About the Sites tab ................................................................................................................................................... 56
Policy ........................................................................................................................................................................... 58
Configuring policies ................................................................................................................................................ 58
Editing a policy .................................................................................................................................................... 58
Deploy ......................................................................................................................................................................... 67
Deployment with SEP ................................................................................................................................................. 68
Deployment with Standalone Version ......................................................................................................................... 81
Analytics ...................................................................................................................................................................... 87
Overview ................................................................................................................................................................. 87
Settings ........................................................................................................................................................................ 91
Overview ................................................................................................................................................................. 91
Accounts .................................................................................................................................................................... 107
About user management ........................................................................................................................................ 107
Features and functions ............................................................................................................................................... 110
Ease of deployment ............................................................................................................................................... 110
Ease of management .............................................................................................................................................. 110
Domain Security for the endpoint .......................................................................................................................... 111
Reduce Attack Surface* ........................................................................................................................................ 111
Advanced Testing (optional) ................................................................................................................................. 111
Appendix A ............................................................................................................................................................... 112
Replacing Web server SSL Certificate .................................................................................................................. 112
Appendix B ................................................................................................................................................................ 115
Changing Log Method ........................................................................................................................................... 115
Appendix C ................................................................................................................................................................ 118
Troubleshooting ..................................................................................................................................................... 118
Core Server Installation ..................................................................................................................................... 118
Core Server Configuration ................................................................................................................................. 118
MM Deployment ............................................................................................................................................... 120
Tech Support...................................................................................................................................................... 121
Appendix D ............................................................................................................................................................... 122
Updating Java ........................................................................................................................................................ 122

Attachments

Threat Defense for Active Directory v3.3 Administration Guide.pdf get_app
Symantec Endpoint Threat Defense for Active Directory v3.2 Administration Guide.pdf get_app