Best practices for installing Endpoint Protection Manager on Windows 7 or XP
search cancel

Best practices for installing Endpoint Protection Manager on Windows 7 or XP


Article ID: 177477


Updated On:


Endpoint Protection


You intend to install the Symantec Endpoint Protection Manager (SEPM) on Windows XP or Windows 7. Windows XP has a 10 concurrent connection limitation set by Microsoft. Windows 7 has a limit of 20. This guide contains the configuration changes that are necessary to work around this limitation. This is supported for up to 100 clients managed from a single Windows XP-based Symantec Endpoint Protection Manager.


Follow these steps before you install a client through the management console:

  1. Log in to Symantec Endpoint Protection Manager.
  2. Click Clients.
  3. Select the Group to configure and turn off Policy Inheritance (if at a level other than My Company).
  4. Under the Policies tab, click the Communication Settings link under Location Independent Settings.
  5. Set the Download radio button to Pull Mode.
  6. Set the Heartbeat Interval to at least 30 minutes (60 minutes recommended).
  7. Click OK.

If the Windows Firewall is kept active, you will need to create an exception for the Symantec Endpoint Protection Manager communication port.

  1. Open Control Panel
  2. Open Windows Firewall
  3. Click on the Exceptions tab
  4. Choose Add Port
  5. Name it something meaningful, like "SEPM communication port" (or something similar).
  6. Port number will be the one you chose during installation. The default is 8014.
  7. Click OK, and then OK again

Note: This change only needs to be made on the manager, not the clients.

Now the clients can be deployed and communicate successfully with Symantec Endpoint Protection Manager.