Hi, I am looking for a simple procedure for downloading and updating virus definition files on DeltaV workstations. Any help would be appreciated.
In reply to AdrianOffield:
There is a kind of support issue though. Symantec Endpoint Protection is by default only supported in unmanaged mode. If you need assistance from Emerson support with regards to your managed SEP installation, you need to opt for Advanced Services, which normally costs extra.
If you want to avoid managed mode, downloading the virus definitions from Symantec's webiste and installing them manually is your best option. It's about 300 megabytes which you would need to download maybe each month or so.
You can check KBA AP-0400-0004 and AP-0800-0025 for more info.
I would agree with Adrian on the benefits. I setup SEPM to provide up to date definition files for around 50 PCs and 10 servers several years ago. I didn't use automatic deployment of the application, but used SEPM to create an install package pointing back to the a server for definition file updates.
SEPM can be used to deploy the installation of SEP, keep the virus definition files up to date, and give a summary of the status on each PC.
- The SEPM software allows you to create an install package for SEP with all the correct settings as noted in the Emerson documentation. (PULL vs. PUSH, Email off, Network Threat Protection, etc.)
- Multiple different install packages can be created. This was useful as we used for non DeltaV PCs with different SEP settings.
- The installation on the workstations is much simpler at this point as the correct settings have already been predefined.
- The SEPM console manager gives a summary of installs, status of anti virus protection, status of firewall, date of virus definition signature file, etc.
You may not be able to call the GSC for step by step instructions on setting up, but I found the technical support through Symantec very good. I also talked with someone at our Local Business Partner office to get a few pointers before getting started.
Michael
Emerson has an Automated Patch Management solution that will provide a system for the automatic identification, download, and distribution of patches and hotfixes for Microsoft, DeltaV, and Symantec. If you contact your LBP/FSO, they should be able to provide you with more information about the solution and the options it provides you.
Service Prerequisites
Automated Patch Management Service prerequisites:
n DeltaV systems set up as a domain, running v9.3 software or higher.
n Enrollment in Guardian Support Service
n Annual purchase of the Automated Patch Management Subscription Service.
n A license to use Symantec Endpoint Protection Manager and clients (customer’s responsibility).
n Support contracts from Symantec and Microsoft for WSUS and SEPM are recommended (customer’s responsibility).
n A server class computer licensed for Microsoft Server 2003 or Server 2008, to be installed as a non-DeltaV node (Downstream Server) on the DeltaV control network.
n An Internet accessible server class computer licensed for Microsoft Server 2003 or Server 2008 (Upstream Server) to host applications that require Internet access.
n Customer-managed network infrastructure that allows the Downstream Server to securely access the Upstream Server.