Managing remote clients

Your network may include some clients that connect to the network from different locations. You may need to manage these clients differently from the clients that connect only from within the network. You may need to manage some clients that always connect remotely over a VPN, or clients that connect from multiple locations because employees travel. You may also need to manage security for some computers that are outside your administrative control. For example, you may allow customers, contractors, vendors, or business partners to have limited access to your network. Some employees may connect to your network using their own personal computers, and you may need to manage these clients differently.
In all these cases, you must deal with greater security risk. Connections may be less secure, or the client computers may be less secure, and you may have less control over some clients. To minimize these risks to your overall network security, you should assess the different kinds of remote access that clients have to your network. You can then apply more stringent security policies based on your assessment.
To manage the clients that connect to your network differently because of the security risks that they pose, you can work with
Symantec Endpoint Protection
's location awareness.
You apply different policies to clients that pose a greater risk to your network based on their location. A location in
Symantec Endpoint Protection
is defined as the type of connection that a client computer uses to connect to your network. A location can also include information about whether the connection is located inside or outside your corporate network.
You define locations for a group of clients. You then assign different policies to each location. Some security settings can be assigned to the entire group regardless of location. Some settings are different depending on location.
Managing remote clients
Task
Description
Set up groups based on assessment of security risk
For more information, see:
Set up locations for groups of remote clients
For more information, see:
Configure communication settings for locations
Strengthen your security policies
Turn on client notifications
Customize client log management settings
Customize the log settings for remote clients, especially if clients are offline for several days. To reduce bandwidth and the load on your management servers, make the following changes:
  • Set clients to not upload their logs to the management server.
  • Set clients to upload only the client security logs.
  • Set filter log events to upload only specified events.
    Suggested events to upload include definition updates, or side effect repair failures.
  • Make the log retention time longer.
    Longer retention times let you review more virus and spyware event data.
Monitor remote clients