I didn't dig deeper about that functionality at the time. It is typically installed on a server running Windows, Linux, or macOS. According to SC Magazine, Endpoint Protection also has some features typical of data loss prevention software.
More than once compliance checklist weasel-words this by saying "antivirus software is required.on all operating systems where anti-virus software is normally used".Ī recent experience with ClamAV scanning non-executable data files is that it turned up a lot of positives on PDFs that would generally go into the class of "false positives" because they were detecting some kind of macro functionality that's been used by hostile malware in the past. Symantec Endpoint Protection is a security software suite that includes intrusion prevention, firewall, and anti-malware features. Compliance is all about proving that you're thorough and proving it in writing for the record, not about jumping through hoops that don't apply to your situation. Remember that for all compliance, there are always ways to document that you've handled the needs with an exception to the guidelines. 5% of the time it's about scanning non-Linux fileshares or file repositories. SEP client should be successfully installed.I haven't run SEP on anything, but my inclination is to strenuously avoid "beyond" ClamAV out of your distro repos.ĩ5% of the time, antivirus on Linux is about unthinking compliance check-off. Note: if you installed a managed client, you can verify if the machine is connected to the manager by running the following command.Grant permissions to install.sh and pkg.sig (R+W+X).Change directory to the extracted folder.sudo unzip -d sep SymantecEndpointProtection.zip.The SEPM server software can be downloaded from the Symantec website. The second step is to configure the Linux server to communicate with the SEPM server.
The first step is to download and install the Symantec Endpoint Protection Manager (SEPM) server software. Unzip installer to a folder called ‘sep’ Installing Symantec Endpoint Protection in a Linux server is a two-step process.Open terminal and change directory to tmp.See Supported Linux kernels for Endpoint Protection 14.x Although you can copy the SymantecEndpointProtection.zip file to any folder, /tmp is recommended to avoid permission issues. You can export the rpm package from the manager, or use a stand-alone installer. Acquire the compatible package based on the OS and the kernel. You are ready to install SEP 14.x on the Redhat based Linux machine. Note: kernel-headers, kernel-devel, and kernel are in the same version i.e. A Smart-Net server requires a separate installation of SEP specific for the Linux operating system to protect it from known threats and vulnerabilities.sudo yum install elfutils-libelf-devel (RedHat 8.x only).Note: libX11.i686 is used for the User interface, if you are only using the Command Line interface, you do not need this.Note: If you see multiple headers and devel present from step 4, you will need to install by specifying the kernel version found in step 3 instead of $(uname-r).sudo yum install kernel-devel-$(uname -r).sudo yum install kernel-headers-$(uname -r).If the kernel headers and devel are not installed, make sure you install the same version as the kernel.Find the kernel headers and devels installed.Run the following command to find the Kernel version.Find the OS version by running the following command.SSH into the Linux client using PUTTY, MobaXterm, etc.You must have the following in order first: