Getting started with Symantec Endpoint Security

Use the following steps to get started with Symantec Endpoint Security.
For more information about migrating from the on-premises Symantec Endpoint Protection to the cloud console, see:

Step 1: Sign into your Symantec Security Cloud account and view the Home page

You can access the cloud console at the following URL: securitycloud.symantec.com
For more information, see:
The
Home
page appears by default. You use the
Home
page to monitor the security posture of your environment. See:
To review the product tour
  • Go to
    Home
    , and next to
    Default
    , select the video icon:

Step 2: Review and configure the default policies

Review the policies that are used to protect the devices in your environment. Each policy type has a default policy, such as Default Antimalware Policy. Each default policy is based on a predefined policy template of a particular type, such as Malware. The settings in the default policies are configured to provide the best protection and performance. See:
To review and configure the default policies
  1. Go to
    Policies
    and open a
    Default
    policy type
    Policy
    .
  2. After you make changes, select
    Save Policy
    .
    Policies must be applied to a device group to provide protection. By default, the policies apply to the
    Default
    group.
  3. To apply the policy to a different group or more groups, select
    Apply Policy
    , select one or more groups, and complete the wizard.
    For new policies and most policies that are included with the Symantec Endpoint Security Complete subscription, you must apply the policy to a device group manually.
You can perform this step before or after you install and deploy the agent installation package.

Step 3: Allow URLs and open communication ports

If you do not use proxies, skip this step.
If you use proxies in your environment, you may need to allow certain URLs in your network settings or firewall for communication between the various services to work. In addition, make sure that certain communication ports are open. See:

Step 4: Configure the agent installation package and enroll the devices

You must download and deploy the Symantec Agent installation package to your devices so that the agents communicate with the cloud console and provide protection using the policies. The deployment registers the devices with the cloud console, called
enrollment
.
By default, a package creator utility creates the agent installation package. The package creator utility saves bandwidth by downloading package components once from the cloud. You then run the resulting package on the device to install it.
To create an agent installation package using the package creator utility
  • Choose one of the following options:
    • Go to
      Quick Setup
        >
      Endpoint Security
      .
      .
    • Go to
      My Tasks
        and in the task list select
      Set up Symantec Endpoint Security
      .
You can also create an agent installation package using the online installation method, which downloads and launches the package directly on the device without any intervention from the device user. You should use this method for devices in remote locations.
To create an agent installation package using the online installation method
  • Choose one of the following options:
    • Go to 
      Devices
      >
      Managed Devices
      tab >
      Installation Package
      .
    • Go to 
      Settings
      >
      Installation Package
      .
For the Mac client, you must uninstall the existing version before you install the new installation package.
For more information, see:
To find devices that do not have the agent software yet, use device discovery. See:

Step 5: View your enrolled devices

After you install the agent software on the users' devices, check whether the agents are online and connected to the cloud console.
To view the enrolled devices:
  • Go to
    Devices
    page >
    Device Groups
    >
    Managed Devices
    >
    Default
    .
On the device, the Symantec Agent is called the Symantec Endpoint Protection client.
To check the agent-cloud console connection on the Symantec Endpoint Protection client:
  • On the device notification area, look for the client shield with a green dot:

Next steps