Also, tune the scheduling frequency down to one hour.
For all other locations, make sure you use the SEP Manager to distribute product software and content updates.
The SEP manager updates are incremental, and smaller than the ones downloaded from the Live Update server.
You can add IPS using the Endpoint Protection Manager under add/remove programs and full Symantec IPS instructions are available here.As for firewall, in version 12.1 and later firewall is a separate function that does not need to be installed for IPS to function, however, for version 11 you must have the firewall running for IPS to work.To run IPS and not firewall, you must withdraw the firewall policy to ensure IPS is protecting your network without forcing the use of the client firewall.Scan the headers below for best practices in all areas of SEP and lots of links to helpful guides, as well as a way to get a free analysis of your SEP environment at the bottom using Symantec’s Best Kept Secret.Installation is a big topic, so I encourage you to read Symantec’s Top 10 SEP installation best practices.
The article covers things like ensuring all SEP clients and SEPMS are running the latest maintenance release, using the Group Update Provider (GUP) for content distribution, and how to ensure out-of-date SEP clients to still get incremental updates.
It even explains the best way to use a MS-SQL database for large environments.
According to Symantec, an upgrade to version 12.1.5 will take much longer than you expect (sorry).
It’s slow because the upgrade process converts all existing content to an optimized storage format, so plan for an extended upgrade time.
Make sure you review the benefits of upgrading to the latest version of SEP 12.1.x, and check out Symantec’s Help diagnostic tool to determine if your system meets the minimum requirements.
There are a lot of moving parts to admin work, so here is a list of Symantec’s guides to content revision configuration, server certificate updates, GPO, testing authentication, central deployment, Live Update, and clients with both SEP and Data Loss Prevention: If your users do not use a VPN, you should change the Live Update policy setting to use the default Symantec Live Update server – this allows remote clients to update any time they connect to the Internet.