Checklist for enrolling Symantec Endpoint Protection Manager domains and Symantec Endpoint Protection clients
Symantec Endpoint Protection Managerdomains and
Symantec Endpoint Protectionclients
Make sure to check the system requirements for your
Symantec Endpoint Protection Managerversion. See:
Symantec Endpoint Protection Managerconfigurations
The following URLs must be allowed to access the Internet through proxies, firewalls, an SSL Visibility Appliance (SSLVA), or any other networking devices in your environment.
Check proxy setup for
Symantec Endpoint Protection Managercommunication to the cloud
Symantec Endpoint Protection Managercommunicates over a proxy with the cloud console, then you must configure the system level proxy,
The following proxy configurations are supported for the
Symantec Endpoint Protection ManagerBridge:
The following are not supported: Basic, NTLM, or Kerberos authentication for WinHTTP and WinINet.
Assign full rights to critical registry keys and directories
Symantec Endpoint Protection Manageroperating system is Windows 2008-based, then make sure that the Network Service account has access to the folders and critical registry keys.
Manually add the Network Service account to these items and assign full rights see:
Install root certificates
Add root certificates to the
Symantec Endpoint Protection ManagerLocal Computer \Trusted Root Certification Authorities.
If the root certificates of the mentioned sites are not added, the
Symantec Endpoint Protection Managercannot connect to the cloud console.
Check communication ports
Symantec Endpoint Protection Managercommunication ports
Endpoint Securitybridge services on operating systems earlier than Windows Server 2008 R2 or Windows 7 uses the Network Service for which the default domain policies include privileges.
You should ensure that any security policies that apply to the Endpoint Protection Bridge computer do not have the Network Service removed. Bridge services are installed under the virtual accounts if the operating system is later than Windows 2008.
Symantec Endpoint Protectionclient configurations
Check proxy setup for client communication to the cloud
Allow URLs for communication if you use proxies in your environment.
Setting up WinHttp proxy
For successful enrollment, configure the system-level WinHttp proxy.
Setting up WinInet proxy
For successful enrollment, configure WinInet proxy.