Tuesday, January 18, 2011

Deploying Symantec Endpoint Protection 11

First off I am going to make some assumptions...

1.  You already downloaded Symantec Endpoint Protection (SEP) from https://fileconnect.symantec.com
2.  You have already installed Symantec Endpoint Protection Manager Console (SEP Manager)

Open SEP Manager and login with your account.  Select Admin from the icons on the left.  Click Install Packages located at the bottom of the second column on the left.  Next, click "Client Install Settings". Right click in the window to the right and click "add". I am going to call my settings Custom SEP install.  You can choose different types of installations.  The choices are Interactive, Unattended and Silent.  Interactive lets the user interact with it, unattended shows the user but doesn't allow them to give input, and silent is when it runs in the background with no user interaction.  You will also have to choose if you want the computer to restart after the install or not.  Another option is if you want to install it into the default location or a special one.  The last setting is for upgrading.  If you are deploying this to a client that already has SEP installed, you have to choose if you want it to maintain all logs, policies, and client-server communication settings.

Next select "Client Install Feature Sets". Right click in the window to the right and click "add".We are going to create the features that are installed.  Pick a name and choose your features you want installed.

Next select "Client Install Packages", then select the version of SEP you are trying to install.  Select "Export Client Install Package".

Click Browse and navigate to a folder that you want the deployment package to be stored.  You will want to click the drop down box below "Pick the customized installation settings below:" and select the custom install settings you created.  Do the same for "Select the features you wanted to use:".

The next step will be different for everyone.  If you have multiple groups in side of SEP manager, then you might have to do this several times.  You can have several packages or you can select the default package and move the client to the correct group once it shows up in SEP manager.  Click ok and your package starts to be exported.

Click close and close SEP manager.  Now open "Migration and Deployment Wizard".  Click Next --> Deploy the Windows Client --> Next --> "Select an existing client install package to deploy" --> Click Browse --> Navigate to the folder you exported your package to and select the exe.  Click finish.  You will then have to choose which machines you want to push it too.  Select the machines, select add, enter administrative credentials and hit finish.  You will be able to watch the progress of each machine.

If you want Symantec's explanation here is a link to their page:  Link