This guide explains how to install, configure, and work with Symantec Protection Engine for Network Attached Storage.
1. Introducing Symantec™ Protection Engine
About Symantec™ Protection Engine
for Network Attached Storage
About Centralized Console
What's new in Symantec Protection Engine 8.1
What's changed in this release
Components of Symantec Protection Engine
How Symantec Protection Engine works
About automatic load balancing
About supported protocols for Symantec Protection Engine
What you can do with Symantec Protection Engine
Where to get more information
Information collected by Symantec Protection Engine
Onboarding to a centralized cloud console
2. Installing Symantec Protection Engine
Before you install Symantec Protection Engine
System requirements
System requirements to install Symantec Protection Engine on Linux
About installing Symantec Protection Engine
About authentication modes in Symantec Protection Engine
Installing Symantec Protection Engine on Linux
Upgrading Symantec Protection Engine on Linux
Symantec Protection Engine post-installation tasks
Verifying, stopping, and restarting the Symantec Protection Engine daemon on Linux
Clearing the Java cache
Accessing the Symantec Protection Engine console
Enhancing security for the HTTPS servers and SSL servers
Changing the console settings
Editing user information
Managing user accounts
About security notice
Allocating resources for Symantec Protection Engine
Migrating to version 8.1
Uninstalling Symantec Protection Engine
3. Activating licenses
About licensing
About license activation
If you do not have a serial number
Obtaining a license file
Installing the license file
About removing license files
Checking the license status
About transaction-based metering
Viewing the metering information on the console
4. Configuring scanning services for client applications
About the communication protocols
Supported services by protocol
About working with ICAP
Configuring ICAP options
About secure ICAP support in Symantec Protection Engine
5. Protecting against risks
About scanning for risks
About threat categorization and risk ratings
How Symantec Protection Engine detects risks
Configuring antivirus scan policy in Symantec Protection Engine
Ways to test threat detection capabilities
About quarantining files in Symantec Protection Engine
Configuring the quarantine in Symantec Protection Engine
About preventing potential threats in Symantec Protection Engine
Configuring file name filtering in Symantec Protection Engine
Configuring true type file filtering in Symantec Protection Engine
Configuring file size filtering in Symantec Protection Engine
About container files in Symantec Protection Engine
About unscannable files in Symantec Protection Engine
Customizing notifications in Symantec Protection Engine
About Symantec Insight™
How does Symantec Protection Engine use Symantec Insight™
Enabling Symantec Insight™ policy
Configuring the scanning aggression level
Excluding files from scanning based on file size
About Android Application (APK) Reputation
6. Monitoring and tuning the performance of Symantec Protection Engine
How to monitor Symantec Protection Engine performance
Monitoring scanning requests
Monitoring Symantec Protection Engine resources
Ways to improve Symantec Protection Engine performance
Deployment considerations and recommendations
Enhance performance by limiting scanning
Configuration settings that can conserve and enhance performance
7. Filtering URLs
About filtering URLs
About categories
How to filter a URL
About the filtering modes
Denying access to URLs in URL categories
Managing local categories
Overriding a URL categorization
Customizing the access denied message
About URL Reputation
Configuring URL Reputation
8. Logging data, issuing alerts, and generating reports
About logging data
Logging destinations
Logging levels and events
Specifying the log bind address
About configuring local logging
Specifying the local logging level
Changing the directory where log files are located
Changing the length of time that log files are maintained
Enabling statistics reporting in Symantec Protection Engine
Configuring logging to the Linux Syslog
About configuring alerts
Activating SMTP alerts
Activating SNMP alerts
Configuring outbreak alerts
About reports
Viewing the local log data
Exporting local log data to a file
Viewing statistics log data
About summary report on Symantec Protection Engine home page
9. Keeping your product up to date
About content updates
About definition updates
About updating your protection
About LiveUpdate
Configuring LiveUpdate to occur automatically
Performing LiveUpdate on demand
About editing the LiveUpdate XML file
About LiveUpdate logging
Rolling back URL definitions
About on demand rollback
10. Working with the Core server only mode
About the Core server only mode
About XMLModifier tool
XMLModifier options
Accessing the XML modifier command-line tool
Inactive XPaths
Configuring ICAP options in the Core server only mode
Configuring the antivirus scan policy in the Core server only mode
Configuring APK Reputation in the Core server only mode
Configuring the quarantine server in the Core server only mode
Configuring file name filtering in the Core server only mode
Configuring file size filtering in the Core server only mode
Configuring true type file filtering in the Core server only mode
Configuring Symantec Protection Engine to handle encrypted container files in the Core server only mode
Configuring in-memory file scan cache size in the Core server only mode
Customizing notifications in the Core server only mode
Enabling Symantec Insight™ in the Core server only mode
Configuring the scanning aggression level in the Core server only mode
Excluding files from scanning based on file size in the Core server only mode
Monitoring scanning requests in the Core server only mode
Enabling resource consumption logging in the Core server only mode
Specifying the maximum file or message size to scan in the Core server only mode
Setting container file limits in the Core server only mode
Enabling URL filtering in the Core server only mode
Enabling URL Reputation in the Core server only mode
Denying access to URLs in URL categories in the Core server only mode
Customizing the access denied message in the Core server only mode
Specifying the log bind address in the Core server only mode
Specifying the local logging level in the Core server only mode
Changing the directory where log files are located in the Core server only mode
Changing the number of log file to be maintained in the Core server only mode
Enabling statistics reporting in the Core server only mode
Configuring logging to the Linux Syslog in the Core server only mode
Activating SMTP alerts in the Core server only mode
Activating SNMP alerts in the Core server only mode
Configuring outbreak alerts in the Core server only mode
Configuring LiveUpdate to occur automatically in the Core server only mode
Performing LiveUpdate on demand in the Core server only mode
About editing the LiveUpdate XML file
A. Performing a silent installation
About silent installation and upgrade
Implementing a silent installation in Linux
Creating the response file
About initiating a silent installation using the response file
Generating an encrypted password
B. Using the Symantec Protection Engine commnad-line scanner
About the Symantec Protection Engine command-line scanner
Setting up a computer to submit files to Symantec Protection Engine for scanning
C-based command-line scanner syntax and usage
Supported command-line options for C-based command-line scanner
About specifying the Symantec Protection Engine IP address and port for C-based command-line scanner
About specifying the antivirus scanning mode for C-based command-line scanner
About obtaining scan results for C-based command-line scanner
About requesting recursive scanning
About disposing of infected files when an error occurs
Excluding files from scanning
Redirecting console output to a log file
About scanning files in Symantec Protection Engine using different services/APIs
About using Insight command options with C-based command-line scanner
Java based command-line scanner syntax and usage
Supported command-line options for Java based command-line scanner
About specifying the Symantec Protection Engine IP address and port for Java based command-line scanner
About specifying the antivirus scanning mode for Java based command-line scanner
About obtaining scan results for Java based command-line scanner
About scanning files in Symantec Protection Engine using different services/APIs with Java based command-line scanner
About using Insight command options with Java based command-line scanner
C. About editing configuration data
About editing the Symantec Protection Engine configuration files
About configuration options
Configure the ICAP response
Configure the ICAP preview option
Configure the secure ICAP options
Enabling client certificate verification
Control the dynamic thread pool
Disable the ICAP threshold client notification
Change the LiveUpdate base time
Configure the LiveUpdate server details
Specify a replacement file name
Modify the ICAP options attribute-list extension
Access scan error files
Disable automatic self-test scanning
Enable nonviral threat categories information
Specify maximum file size for extracted files
Specify maximum cumulative file size for extracted files
Specify the maximum socket timeout value
Specify file size threshold for scanning exclusion
Include category information from ICAP response in URL filtering
Enable threat categories information
Specify file path exclusion for scanning in Symantec Protection Engine
Configuring the additional parameters of URL Reputation
D. Return codes
ICAP return codes
E. Common LiveUpdate error codes
Common LiveUpdate error codes
F. Command-line Reference Guide
About this document
Protocols
Resources
Logging
Proxy and Quarantine Server
Miscellaneous
LiveUpdate
Threat policies
Insight Scanning
APK Reputation
Actions
Exclusion policies
Notifications
URL Reputation
URL Filtering
Containers
File Attribute
Thanks for your feedback. Let us know if you have additional comments below. (requires login)