Best practices for installing Endpoint Protection Manager on Windows 7 or XP

book

Article ID: 177477

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You intend to install the Symantec Endpoint Protection Manager (SEPM) on Windows XP or Windows 7. Windows XP has a 10 concurrent connection limitation set by Microsoft. Windows 7 has a limit of 20. This guide contains the configuration changes that are necessary to work around this limitation. This is supported for up to 100 clients managed from a single Windows XP-based Symantec Endpoint Protection Manager.

Resolution

Follow these steps before you install a client through the management console:

  1. Log in to Symantec Endpoint Protection Manager.
  2. Click Clients.
  3. Select the Group to configure and turn off Policy Inheritance (if at a level other than My Company).
  4. Under the Policies tab, click the Communication Settings link under Location Independent Settings.
  5. Set the Download radio button to Pull Mode.
  6. Set the Heartbeat Interval to at least 30 minutes (60 minutes recommended).
  7. Click OK.

If the Windows Firewall is kept active, you will need to create an exception for the Symantec Endpoint Protection Manager communication port.

  1. Open Control Panel
  2. Open Windows Firewall
  3. Click on the Exceptions tab
  4. Choose Add Port
  5. Name it something meaningful, like "SEPM communication port" (or something similar).
  6. Port number will be the one you chose during installation. The default is 8014.
  7. Click OK, and then OK again

Note: This change only needs to be made on the manager, not the clients.

Now the clients can be deployed and communicate successfully with Symantec Endpoint Protection Manager.