|
|
SLAC Computer Security | ||
| SLAC Home | Computing Home | Computing Outages | Help | |||
Symantec Endpoint Protection V11 - Overview
Symantec Endpoint Protection (SEP) can protect your computer from destructive
programs known as viruses and Trojan horses, and can protect against malicious
Active X and Java applets.
For
centrally-managed Windows computers
at SLAC, the software is automatically installed and configured. There is
no installation or configuration needed by the user. If you have any questions,
please contact your
local
administrator.
“How do I”
topics on SEP:
o Know it as the latest definitions?
o
Do a 'Live
Updates' for off-site computers?
1.
Checks for the installed program
a.
On your local drive (typically C:\), select Program Files directory->Symantec
> Symantec Endpoint Protection >
SymCorpUI.exe program is present.
b.
Go to 'Start' button,
select 'Control Panel', select Performance and Maintenance’,
select 'Administrative Tools',
and select 'Services'.
c.
Symantec services:’Symantec Endpoint Protection’, ‘Symantec Event
Manager’, ‘Symantec Management Clien’t, and ‘Symantec Settings Manager’
appear under 'Services(local)', with 'Status: Started' and
'Startup Type: Automatic'.
Figure 1 - Services Window
d.
Press Control/Alt/Delete keys to bring up the 'Windows Security'
dialog box, select 'Task Manager'. Under 'Processes', six
(6) Symantec processes (ccApp.exe,
ccSvcHst.exe, Rtvscan.exe, Smc.exe, Smcgui.exe, SymCorpUI.exe) should be
listed.
Figure 2 -
Task Manager
a.
Right click on the Symantec “shield” in the lower right of the task bar, select
Open Symantec Endpoint Protection,
the Symantec Endpoint Protection window should come up. The ‘Status’ should be
green, ‘Your computer is protected.
No problems detected’. (Item 1 in Figure 4.)
Figure 3 - Open SEP
Figure 4 - SEP Window
Note:
If you have any problems, please contact your
local
administrator.
Check for up-to-date 'Virus Definition File'
1.
In the SEP window (see Figure 4), check that the date next to
'Definitions:' is recent. (Item 2 in
Figure 4.)
Note: 'LiveUpdate' (Item 3 in Figure 4) is pre-configured to check for updates hourly, if there is a network connection. You can click on the 'LiveUpdate' button to do a manual update.
If you have any problems, please contact your
local
administrator.
How are 'LiveUpdates' done for off-site computers?
1.
'LiveUpdate'
(Item 3 in Figure 4) is configured to first check the SLAC server for downloads,
and if that is not available it will go to the Symantec server for downloads.
Therefore computers within the SLAC internal network will primarily use the SLAC
server, and computers off-site will go to the Symantec server.
'LiveUpdate' is pre-configured for
you to check for updates hourly. You can click on the
'LiveUpdate' button to do a manual
update.
1.
To scan you local drives, you can right click on the drive, folder or file you
want to scan within 'Windows Explorer' window.
Figure 5 – Window Explorer
a.
Select 'Scan for viruses'.
Figure 6 – SEP Scan File
2.
You can do an ‘Active Scan’’ or ‘Full Scan’ within the SEP program.
a.
Bring up the SEP window (See ‘Is
it running properly?’
above). Click on ‘Scan for threats’ (Item 4 on Figure 4).
Figure 7 – SEP Scan for Threats/span>
Note: There is a weekly scan scheduled for local drives on a user's computer.
A user cannot currently schedule scans, but can scan at any time.
Users will not be able to scan the network drives (e.g., V drive or home directory Z drive) since this will impede performance on the servers, and anti-virus procedures on the servers are maintained by the Computing Division (CD) system administrators. The real time scanner on the local computer automatically scans every file that has been opened, moved, copied, or executed. In addition, the servers are also running Antivirus software.
Last Updated: August 09, 2010 |