Enrolling a Symantec Endpoint Protection Manager domain into the cloud console
You must first enroll a
Symantec Endpoint Protection Managerdomain before you can view or manage it in the cloud console.
You can enroll a maximum of 50 Symantec Endpoint Protection Manager domains.
Before you start enrollment
Enrollment with the cloud console installs the
Symantec Endpoint Protection Managerbridge service, or connector, using an .MSI file.
Your environment must meet the following requirements to support the enrollment of a domain into the ICDm cloud console:
- Paid subscription to Symantec Endpoint Security
- Symantec Security Cloud accountYou can set up this login account when you initiate domain enrollment fromSymantec Endpoint Protection Manager. Or you might have an existing account to use for login.
- Administrator access to theSymantec Endpoint Protection Manager
- Symantec Endpoint Protection Manager14.0.1 or later clientsYou can enroll aSymantec Endpoint Protection Managerdomain into the cloud console with earlier clients, but these earlier clients cannot take advantage of the cloud-only Intensive Protection policy.
- Put the Application and Device Control into Test (log only) mode and System Lockdown into log-only mode. This situation applies only if such policies apply to the server on whichSymantec Endpoint Protection Managerruns, and the policies block .MSI installation.
Step 1: Start the enrollment
To start the enrollment from Symantec Endpoint Protection Manager 14.3, select the
To start the enrollment from Symantec Endpoint Protection Manager 14.2 or earlier:
Symantec Endpoint Protection Manager, on the
Enroll Nowor go to the
Get Startedbutton takes you to the cloud console sign in page. If you do not have sign in credentials, contact your account team manager.
You can also start the enrollment process from the cloud console on the
Step 2: Get an enrollment token from the cloud console
In the cloud console, go to
Endpoint > Integration > Enrollment. You can generate and copy an enrollment token from this page.
Step 3: Complete the enrollment
- InSymantec Endpoint Protection Manager, paste the enrollment token into the specified area in theCloudpage.
- SelectEnroll Symantec Endpoint Protection Manager.You get a confirmation message.
- You can pressLaunchin theSymantec Endpoint Protection ManagerHomepage banner to log on to the cloud console.
- After enrollment, all of your devices appear in the cloud console. Devices are the client computers that your clients run on. By default, theSymantec Endpoint Protection Managermanages the topology.
- To manage groups and devices from the cloud console, turn onManage Devices from the Cloudonly for the logged-on domain. To manage cloud-based policies, turn onManage Policies from the Cloud. You enable these options in the cloud console inEndpoint > Integration > Enrollment.You should keepManage Devices from the Clouddisabled if you use Active Directory or third-party APIs to manage your devices.Whenever you make a change to the device group structure, there is a 10-minute delay before the change appears inSymantec Endpoint Protection Manager. The reverse is also true. The behavior is similar to howSymantec Endpoint Protection Managerreplication functions. During the delay, you should not try to make additional topology changes. The changes might not take effect.