Duration 3 days
The Symantec Endpoint Protection 12.1: Maintain and Troubleshoot course is designed for the IT security management professional tasked with administering, monitoring, and troubleshooting Symantec Endpoint Protection 12.1. Students learn how to troubleshoot and upgrade to Symantec Endpoint Protection 12.1, monitor and troubleshoot the SEPM, client-to-SEPM communication, content distribution, client deployments, protection technologies and network threat protection. The class also covers how to follow Symantec best practices for troubleshooting and remediating a virus outbreak, performing advanced monitoring using IT Analytics, and providing solutions to Symantec Endpoint Protection 12.1 case studies.
Who should attend
This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the installation, configuration, and day-to-day management of Symantec Endpoint Protection in a variety of network environments, and who are responsible for troubleshooting and tuning the performance of this product in the enterprise environment.
You must have attended Symantec Endpoint Protection 12.1: Administration (SC1439)course or have equivalent experience.
By the completion of this course, you will be able to:
- Monitor client-to-SEPM communication.
- Maintain a Symantec Endpoint Protection environment.
- Upgrade the Symantec Endpoint Protection environment.
- Monitor and troubleshoot a Symantec Endpoint Protection environment.
- Monitor and troubleshoot SEPM and client content delivery.
- Monitor and troubleshoot protection technologies.
- Use best practices when creating Application and Device Control and Firewall rules.
- Use best practices when troubleshooting and remediating a virus outbreak.
- Use IT Analytics to generate comprehensive reports from Symantec Endpoint Protection.
- Provide solutions to Symantec Endpoint Protection 12.1 case studies.
- Monitoring Client-to-SEPM Communication
- Maintaining the Symantec Endpoint Protection Environment
- Managing and Troubleshooting the SEPM
- Monitoring and Troubleshooting Content Distribution
- Maintaining and Troubleshooting Clients
- Monitoring and Troubleshooting Protection Technologies
- Monitoring and Troubleshooting Netw ork Threat Protection
- Best Practices for Troubleshooting and Remediating a Virus Outbreak
- Performing Advanced Monitoring using IT Analytics
- Providing Solutions to Symantec Endpoint Protection 12.1 Case Studies
Detailed Course Outline
- Course overview
- The classroom lab environment
Monitoring Client-to-SEPM Communication
- Introducing client-to-SEPM communication
- Examining client-to-SEPM communication
- Monitoring communication
- Using basic troubleshooting and other monitoring tools to troubleshoot communication
Maintaining the Symantec Endpoint Protection Environment
- Identifying critical SEP 12.1 services and processes
- Checking client status
- Using the Symantec Endpoint Protection Support Tool
- Managing administrators
- Reporting and notifications
Managing and Troubleshooting the SEPM
- Managing the SEPM
- Managing and troubleshooting the database
- Configuring SEP 12.1 clients to use secure socket layer (SSL) communication
Monitoring and Troubleshooting Content Distribution
- Describing LiveUpdate sources: Review
- Examining a LiveUpdate session
- Downloading full or xdelta packages
- Deter mining LiveUpdate status and examining logs
- SEP 12.1 LiveUpdate client management
- Managing and monitoring group update providers (GUPs)
Maintaining and Troubleshooting Clients
- Client Deployment Wizard optimizations
- Upgrading Symantec Endpoint Protection clients
- Troubleshooting client installation failures
- Performing client management
- Enabling Symantec Endpoint Protection debug logs
- Troubleshooting SEP 12.1 Mac clients
Monitoring and Troubleshooting Protection Technologies
- Managing protection technologies
- Preventing false positives
- Identifying false positives
- Introducing Windows software trace preprocessor (WPP)
Monitoring and Troubleshooting Network Threat Protection
- Application control best practices
- Application and device control use cases
- Application and device control reports and logs
- Firewall use cases
Best Practices for Troubleshooting and Remediating a Virus Outbreak
- Best practices for troubleshooting and remediating viruses
- Managing rapid release definitions
Performing Advanced Monitoring using IT Analytics
- Introducing IT Analytics
- Hardware and software requirements
- Describing how IT Analytics works
- About installing IT Analytics
Providing Solutions to Symantec Endpoint Protection 12.1 Case Studies
- Evaluating a legacy environment for upgrade
- Redesigning a Symantec Endpoint Protection 11.x environment