SuperTekBoy

There are a couple of ways to manage mobile workers with regard to Symantec EndPoint Protection. The first is to use location awareness. Location awareness allows you to set one set of policies when users are in one location and a separate set of policies when they are in a different location.

Typically when I set up location awareness I set up two locations. One for inside the office and one for outside the office. I apply these locations to the client group where my mobile workers reside.

One example is that my inside the office LiveUpdate policy only uses the Management Server to obtain definition updates. The benefit here is that the definitions are only downloaded from the internet once. My outside the office LiveUpdate policy tells the EndPoint clients to go directly to the internet for definitions.

The second method I use to manage mobile workers is to publish my Symantec Management server onto the internet. This requires opening one port on your firewall and NATing it from a public IP to the private IP of the SEPM server. It also requires that you add the public IP of SEPM to the Management Server List and then sending out the new SYLINK file. The benefit of this is that if you have road warriors or people who rarely if ever, come into the office you can still see the full health of their SEP client and computer and still manage the client with policies. For more information check the link here.

http://www.symantec.com/business/support/index?page=content&id=TECH93033&locale=en_US

As many of you are well aware there was quite a shock to the system when Backup Exec 2012 came out. Many people had many different complaints and many held no reservation when expressing those complaints to Symantec Employees on Symantec Connect.

Some complained about not liking the new user interface, others had other complaints but most seemed to complain about the new philosophy on how they should execute backups.

In all previous versions of Backup Exec, the backup philosophy had been what Symantec now termed as a job-centric backup. In a job-centric backup you created a job, selected the resources from multiple servers, and specified every option and agent for the varying resources you might be backing up. A single job might have selections and backup options for Exchange, File, SQL, SharePoint and more.

In 2012, Symantec switched to what they call Server-Centric backups. This philosophy creates a separate job for each server. The benefit of being a new minimalist approach that was apparent through the whole new user interface. When you created a job for your Exchange server, you only saw selections and agent options that referenced those Exchange selections. No half a dozen other options that did not even apply to the resources you were backing up.

When upgrading to Symantec Endpoint Protection 12.1 you will get prompts during the upgrade process to enable/disable/configure database backups and log truncation. I recommend leaving these at the default settings. Do not turn them off.

Database backups of the Symantec Embedded Database are important because there are plenty of things out there that can corrupt and go wrong with the database. One of the biggest sources of corruption is when the disk that the database resides on runs out of space. The Embedded Database Service will stop and there is a good chance your database is completely corrupted.

This leads on to Log Truncation. I have seen the Embedded Database Logs grow to 50GB+. So out of control logs can corrupt your database, which in turn takes down your whole antivirus management solution. So make sure you keep those automatic log truncation settings at their defaults.

Here is a great article on how to manually truncate the Embedded Database transaction logs if they have gone out of control. Then you can turn automatic transaction log truncation back on in the Manager.

http://www.symantec.com/business/support/index?page=content&id=TECH171546

If you can still log into the Manager (the services have not shut down yet and the database is still running) and you have the Enterprise version of SEPM 12.1 there is also a “Truncate Database Logs Now” button in the SEPM under the Admin tab.

The Small Business Edition of SEPM 12.1 does not have the ‘Truncate Database Logs Now” button. Also, please note, while you can modify the truncation frequency in the Enterprise edition you can not do this in the Small Business Edition. The truncation schedule is fixed/unconfigurable in the Small Business Edition. There is also a known issue in Small Business Edition of SEPM 12.1 where the logs do not truncate. Updating the Manager to SEP 12.1 Release Update 1a (or at the time of writing this, Release Update 2) will fix this known issue.

After you have truncated the logs and freed up space on your drive, should the Symantec EndPoint Protection Manager services not remain started, chances are your database is corrupt and you will need to restore the database from backup. Going to Start –> All Programs –> Symantec EndPoint Protection Manager –> Database Backup and Restore will launch a wizard to walk you through locating your backup file for restore.