With the release of Symantec Endpoint Protection (SEP) 12.1.4 for Mac, you can configure policies for Virus and Spyware Protection, Network Threat Protection (Intrusion Prevention), and LiveUpdate. You can configure these policies on the client or from within the Symantec Endpoint Protection Manager (SEPM).
Within the SEP client's user interface, click Settings. There are tabs for Virus and Spyware Protection, Network Threat Protection, and LiveUpdate. These settings may be grayed out if locked down by your SEPM administration. In this case, these policies can be configured through the SEPM console, under the Policies tab.
- Virus and Spyware Protection: You can choose from the following options for configuration. Changing these settings require you to authenticate with Mac Administrator credentials. Credentials are cached for five minutes.
- Auto-Protect Settings allow you to enable or disable Auto Quarantine, Auto Repair, scans for data disks or other disks, and the scanning of compressed files (e.g. zip files).
- Scan Zone Settings allow you to define where SEP scans for threats. You can choose Scan Everywhere, Scan Only to restrict scanning to folders you choose, or or Don't Scan to exclude folders from scans.
- Scheduled Scans allows you to configure scans.
- Anonymous security data submission allows you to send selected information back to Symantec for analysis.
- Network Threat Protection: You can configure whether or not Network Threat Protection displays notifications for detections, and whether a sound plays with those detections.
- LiveUpdate: You can configure the schedule to run at a specific interval, to run daily, or to run weekly, then apply those changes. The default is every four hours.
Virus and Spyware Protection, and LiveUpdate: Policy configuration for Auto-Protect, scheduled scans, exclusions and LiveUpdate for Mac is unchanged. Please see the following articles for further information:
- "Customizing administrator-defined scans for clients that run on Mac computers"
- "Customizing Auto-Protect for Mac clients"
- "Excluding a file or a folder from scans"
- "Configuring the LiveUpdate download schedule for client computers"
Network Threat Protection: You configure Network Threat Protection for the SEP Mac clients with the Intrusion Prevention policy that applies to the group to which those clients belong.
To enable or disable Network Intrusion Prevention
Within the SEPM console, click Policies > Intrusion Prevention. Double-click the applicable Intrusion Prevention policy, and then click Intrusion Prevention. Check Enable Network Intrusion Prevention to enable it, or uncheck this option to disable it. Click the lock icon to lock the settings in server-controlled client groups.
Note: Browser Intrusion Prevention settings apply to Windows clients only.
To configure Intrusion Prevention Exceptions
Within the SEPM console, click Policies > Intrusion Prevention. Double-click the Intrusion Prevention policy, and then under Mac Settings, click Exceptions. Click the Add... button to add an exception. For more information on configuring Intrusion Prevention exceptions, see the following article:
- "Creating exceptions for IPS signatures"