spe cs getting started guide
TRANSCRIPT
-
8/13/2019 SPE CS Getting Started Guide
1/20
SymantecProtection Engine
for Cloud Services GettingStarted Guide
-
8/13/2019 SPE CS Getting Started Guide
2/20
Symantec Protection Engine for Cloud ServicesGetting Started Guide
Thesoftware described in this book is furnished under a license agreement and may be used
only in accordance with the terms of the agreement.
Documentation version: 7.0
Legal Notice
Copyright 2012 Symantec Corporation. All rights reserved.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec
Corporation or itsaffiliates in theU.S. and other countries. Other names maybe trademarks
of their respective owners.
The product described in this document is distributed under licenses restricting its use,
copying, distribution, and decompilation/reverse engineering. No part of this document
may be reproduced in any form by any means without prior written authorization of
Symantec Corporation and its licensors, if any.
THEDOCUMENTATION IS PROVIDED"ASIS" ANDALL EXPRESS OR IMPLIED CONDITIONS,
REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT,
ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO
BE LEGALLY INVALID.SYMANTEC CORPORATION SHALLNOT BELIABLE FORINCIDENTAL
OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING,
PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED
IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software
as defined in FAR12.212 andsubject to restricted rights as defined in FARSection 52.227-19
"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in
Commercial Computer Software or Commercial Computer Software Documentation", as
applicable, and any successor regulations. Any use, modification, reproduction release,
performance, display or disclosure of theLicensed Software and Documentation by the U.S.
Government shall be solely in accordance with the terms of this Agreement.
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
http://www.symantec.com
http://www.symantec.com/http://www.symantec.com/ -
8/13/2019 SPE CS Getting Started Guide
3/20
Getting Started
This document includes the following topics:
About Symantec Protection Engine for Cloud Services
Why you need virus protection for Web proxy/caching
How Symantec Protection Engine protects against threats in a messaging
environment
What's new in Symantec Protection Engine
About supported protocols for Symantec Protection Engine
Components of Symantec Protection Engine
About implementing Symantec Protection Engine for Cloud Services
Before you install Symantec Protection Engine
System requirements
Where to get more information
About Symantec Protection Engine for Cloud ServicesSymantecProtection Engine for Cloud Services replaces Symantec AntiVirus
for Caching, Symantec AntiVirusfor Messaging, and SymantecScan Engine.
Note: In this document, SymantecProtection EngineforCloud Services is referred
to as SymantecProtection Engine.
Symantec Protection Engine is a carrier-class content and URL scanning engine.
Symantec Protection Engine provides content scanning and URL filtering
-
8/13/2019 SPE CS Getting Started Guide
4/20
capabilities to any application on an IP network, regardless of its platform. Any
application can pass files or URLs to Symantec Protection Engine for scanning.
Symantec Protection Engine accepts scan requests from the client applications
that use any of the following protocols:
Symantec Protection Engine Native protocol (deprecated)
TheInternet Content Adaptation Protocol(ICAP), version 1.0, as presented in
RFC 3507 (April 2003)
A proprietary implementation of remote procedure call (RPC)
You can use the Symantec Protection Engine software development kit (SDK) or
build your own connector to integrate Symantec Protection Engine with your
application. TheSDK supports version 1.0 of ICAP, as presented in RFC3507 (April
2003). Symantec also has developed connector code for some third-party
applications to seamlessly integrate with Symantec Protection Engine.
The SymantecProtectionEngine SoftwareDevelopersGuideprovides information
about how to create customized integrations with ICAP.
See Components of Symantec Protection Engineon page 10.
About the connector code
The connector code handles the communication between the Symantec Protection
Engine and the messaging or caching solution. It sends the scanning requests to
the Protection Engine, and it interprets the scanning results.The connector code is either developed by the software vendor of the messaging
or caching solution or by Symantec. Depending on your messaging or caching
solution, you might need to obtain the connector code from the software vendor.
In some cases, the software vendor integrates the connector code into its product
before distribution.
For more informationabout the connector for your messaging or caching solution,
see the appropriate documentation.
Why you need virus protection for Web proxy/cachingThe HTTP gateway is an underprotected area of most networks.Corporate security
efforts have heavily focused on more traditional areas through which viruses can
enter. Enterprises typically have focused security around known viruses that
enter the network through more common means, such as CD-ROM or email, so
hackers now exploit the Web as a means to enter corporate networks. Many new
threats target port 80, which is usually open on corporate firewalls so that users
can browse the Web.
Getting StartedWhy you need virus protection for Web proxy/caching
4
-
8/13/2019 SPE CS Getting Started Guide
5/20
Dedicated virus scanning forWebtraffic is recommended forthefollowing reasons:
Scanning Web traffic lets you catch and block threats at the gateway, rather
than multiple times at each desktop. Users can potentially disable desktop
protection, which can leave your network vulnerable to attack.
Becausemany people now use Web-based email, email-born viruses that would
otherwise be caught by antivirus scanning at the SMTP gateway can slip
through to infect the network.
The industry trend has been to Web-enable many application environments
to include the use of technologies like ActiveX, JavaScript, and Java applets to
enhance the user experience. Many new threats are associated with these Web
technologies. Malicious mobile code viruses, such as Nimda and Code Red,
have entered networks as executables (for example, ActiveX, JavaScript, or
Visual Basic Scripts) that appear to be part of safe Web content.
Once a threat has been cached, malicious code can potentially be passed to
other users on the network, which can compromise additional computers and
data on the network.
Malicious code can result in lost, stolen, or corrupted files, which can result
in costly downtime to the enterprise.
How Symantec Protection Engine protects against
threats in a messaging environmentSymantec Protection Engine can detect the following types of risks: Threats (such as viruses, worms, and Trojan horses)
Security risks (such as adware and malware)
Denial-of-service attacks
Symantec Protection Engine protects your mail system from messages and
attachments that overload the system and cause denial-of-service. This includes
container files that are overly large, that contain large numbers of embedded
compressed files, or that are designed to maliciously use resources and degrade
performance. You can specify the maximum amount of time that the Protection
Engine devotes to decompose a file and its contents, the maximum file size for
container files, and the maximum number of nested levels to be decomposed for
scanning.
Symantec Protection Engine for Messaging uses the following technologies to
protect your messaging environment from threats:
Getting StartedHow Symantec Protection Engine protects against threats in a messaging environment
-
8/13/2019 SPE CS Getting Started Guide
6/20
Symantec engineers track reported outbreaks of risks (such
as viruses, Trojan horses, worms, adware, and spyware) to
identify new risks. After a risk is identified, information
about the risk (a signature) is stored in a definition file. Thevirus definitions file contains the necessary information to
detect and eliminate the virus.
Definitions
Symantec Protection Engine uses Symantec Bloodhound
heuristics technology to scan forthreats forwhich no known
definitions exist. Bloodhound heuristics technology scans
for unusual behaviors (such as self-replication) to target
potentially infected documents. Bloodhound technology is
capable of detecting as much as 80 percent of new and
unknown executable file threats. Bloodhound-Macro
technology detects and repairs over 90 percent of new and
unknown macro viruses. Bloodhound requires minimaloverhead since it examines only programs and the
documents thatmeet stringent prerequisites. In most cases,
Bloodhound can determine in microseconds whether a file
or document is likely to be infected. If it determines that a
file is not likely to be infected, it moves to the next file.
Heuristics
Symantec Protection Engine contains a decomposer that
extracts container files so thatthey can be scanned for risks.
The decomposer continues to extract container files until
it reaches the maximum that you specify.
Container file decomposer
Symantec LiveUpdate technologyensures that yournetworkis not at risk of infection from newly discovered viruses.
The updates are handled automatically without having the
restart services or redeploy software. This ensures no
interruption in scanning services during the updates.
You can also update risk definitions using Rapid Release or
Intelligent Updater.
Automatic product and virusdefinitions updates
What's new in Symantec Protection EngineTable 1-1describes the new features in Symantec Protection Engine.
Getting StartedWhat's new in Symantec Protection Engine
6
-
8/13/2019 SPE CS Getting Started Guide
7/20
Table 1-1 New features
DescriptionFeature
Previously, Symantec Scan Engine exposed a limited set of staticnon-viral categories like Adware, Spyware, and Other Risks. Also,
viral threats did not have any categories associated with them.
Fromversion7.0 onwards,SymantecProtectionEnginecategorizes
viral and non-viral threats more accurately. Hence, previously
unknown or new non-viral threats that were reported under the
generic 'Other Risks' category, would now be categorized more
accurately.
Enhancedcategorization of
threats
You can now access the Symantec Protection Engine console using
the following two types of authentication modes:
Symantec Protection Engine-based authentication mode
This legacy authentication method requires users to enter the
Symantec Protection Engine administrator password to access
the console.
Windows Active Directory-based authentication mode
Only users from the authorized Windows Active Directory
security group can access the Symantec Protection Engine
console using their Active Directory credentials.
Note: For non-Windows platforms, users only havethe Symantec
Protection Engine-based authentication mode for accessing
console.
Windows Active
Directory-based
Authentication mode
The Administrator can now create multiple user accounts for
managing Symantec Protection Engine. This feature is available
only in Symantec Protection Engine-based authentication mode.
Manage user accounts
Customers who use Symantec LiveUpdate Administrator (LUA)
to download definitions to their local LiveUpdate server for
distribution, must update their product catalog in the LUA. To
download new definitions, you must add "Symantec Protection
Engine 7.0" to the product catalog in the LUA.
New Product Catalog
for Symantec
Protection Engine
Symantec Protection Engine now provides granular policies to
handle unscannable files (malformed and encrypted containers),
along with statistical reports.
Better handling of
Unscannable files
You can now exclude files from scanning that exceed the
configured file size threshold value.
Scan exclusion policy
based on file size
Getting StartedWhat's new in Symantec Protection Engine
-
8/13/2019 SPE CS Getting Started Guide
8/20
Table 1-1 New features(continued)
DescriptionFeature
You can now choose to scan files in-place that are less than theconfigured file size threshold value. This feature is only available
over RPC protocol.
In-place scan policybased on file size
From version 7.0, Symantec Protection Engine is capable of
retaining cumulative scan data since installation in addition to
retaining data since last restart.
View cumulative scan
data on home page
From version 7.0 onwards, the data from the Resources page can
now be saved in log files for futher analysis.
Resource consumption
logging
Symantec Protection Engine 7.0 is equipped with strong ciphersupport.
Stronger ciphers forpassword
While previously Symantec Scan Engine used to block access to
infected MS Office files, Symantec Protection Engine 7.0 can now
repair and delete threats. Thus, you will be able to retrieve your
clean Office files.
Enhanced scanning for
MS Office documents
You can configure Symantec Protection Engineto display a custom
security notice thatcontains common security-related information
to all users before they log in to the Symantec Protection Engine
console.
Security notice
You can integrate Symantec ProtectionEngine events with System
Center Operations Manager (SCOM).System Center Operations
Manager is a central repository that can receive critical events,
errors, warnings, and other information from your Symantec
Protection Engine servers.
Support for System
Center Operations
Manager 2007(SCOM)
Pack
Symantec Protection Engine 7.0 supports the following new
platforms:
Windows Server 2008 Japanese (32-bit and 64-bit)
Windows Server 2008 R2 Japanese (64-bit) Windows Server 2012 (64-bit)
New platform support
Symantec Protection Engine 7.0 now supports JRE 7.0Java2SE Runtime
Environment (JRE) 7.0
Getting StartedWhat's new in Symantec Protection Engine
8
-
8/13/2019 SPE CS Getting Started Guide
9/20
About supported protocols for Symantec ProtectionEngine
Table 1-2lists the supported protocols that client applications can use to send
scan requests to Symantec Protection Engine.
Table 1-2 Supported protocols
DescriptionProtocol
Symantec Protection Engine implements a TCP/IP protocol to
provide scanning functionality to client applications. This
protocol is text-based, like HTTP or SMTP. It uses ASCII
commands and responses to communicate between the client
and the server.To scan a file, a client connects to the default IP port. It sends
the file to be scanned and then reads the results of the scan.
After the client receives the scan results, the client and server
disconnect and must initiate a new connection to scan each
subsequent file.
Native protocol
(Deprecated)
ICAP is a lightweight protocol for executinga remoteprocedure
call on HTTP messages. ICAP is part of an architecture that lets
corporations, carriers, and ISPs dynamically scan, change, and
augment Web content as it flows through ICAP servers. The
protocol lets ICAP clients pass HTTP messages to ICAP servers
for adaptation. Adaptation might include some sort of
transformation or other processing, suchas scanning or content
filtering. The server executes its transformation service on the
messages and responds to the client, usually with modified
messages. The adapted messages might be eitherHTTPrequests
or HTTP responses.
Internet Content
Adaptation Protocol
(ICAP)
Remote procedure call (RPC) is a client/server infrastructure
that increases the interoperability and portability of an
application. RPC lets the application be distributed over multiple
platforms. The use of RPC frees the developer from having to
be familiar with various operating systems and networkinterfaces.
Symantec Protection Engine uses a proprietary scanning
protocol with the MS-RPC protocol to interface with client
applications. This protocol is supported only on Windows 2003
Server/Windows 2008 Server/Windows 2012 Server. Any
appropriate client can use RPC to communicate with Symantec
Protection Engine to request the scanning and repairing of files.
A proprietary remote
procedure call (RPC)
protocol
Getting StartedAbout supported protocols for Symantec Protection Engine
-
8/13/2019 SPE CS Getting Started Guide
10/20
For more details on the supported protocols, seeSymantec Protection Engine
Implementation Guide.
Components of Symantec Protection EngineTable 1-3lists the components that are included on the product CD.
Table 1-3 Product components
Folder nameDescriptionComponent
Symantec_Protection_Engine\The software that you
install to protect your
network fromthreats (such
as viruses), security risks
(such as adware and
spyware), and unwanted
content.
Symantec Protection
Engine
Symantec_Protection_Engine\
Silent_Install\
The files that you can use
to perform a silent
installation or upgrade.
Also includes response
files for Red Hat and
Solaris.
Silent installation
Command_Line_Scanner\The software that acts asa client to Symantec
Protection Enginethrough
the Symantec Protection
Engine application
programming interface
(API). The command-line
scanner lets you send files
to Symantec Protection
Engine to be scanned.
Command-line scanner
Symantec_Protection_Engine_SDK\The tools and
documentation that youcan use to create the
customized integrations
that use ICAP.
Symantec Protection
Engine softwaredeveloper's kit
Getting StartedComponents of Symantec Protection Engine
10
-
8/13/2019 SPE CS Getting Started Guide
11/20
Table 1-3 Product components(continued)
Folder nameDescriptionComponent
Tools\Central_Quarantine\The tool that you use toquarantine infected files
that cannot be repaired
when you use the ICAP
protocol or RPC protocol.
Symantec Central
Quarantine server lets you
isolate unrepairable files
so that threats cannot
spread.
Symantec CentralQuarantine server
Tools\LiveUpdate_Admin\The utility that you use to
configure one or more
intranet FTP, HTTP, or
LAN servers to act as
internal LiveUpdate
servers. LiveUpdate lets
Symantec products
download program and
definition file updates
either directly from
Symantec or from a
LiveUpdate server.
For more information, see
theLiveUpdate
Administrator's Guideon
the product CD.
LiveUpdate
Administration Utility
Getting StartedComponents of Symantec Protection Engine
-
8/13/2019 SPE CS Getting Started Guide
12/20
Table 1-3 Product components(continued)
Folder nameDescriptionComponent
Tools\SCOM\Management_PackYou can integrateSymantec Protection
Engineevents with System
Center Operations
Manager (SCOM).System
Center Operations
Manager is a central
repository thatcan receive
critical events, errors,
warnings, and other
information from your
Symantec Protection
Engine servers.
Preconfigured rules are
automatically created
when you import the
management pack. System
CenterOperationManager
Agent monitors Windows
Event log for Symantec
Protection Engine events
based on criteria
mentioned in rules of
Management pack. When
a rule is triggered, the
Operations Manager 2007
Agent collects data about
the event and forwards it
to the System Center
Operations Manager.
For more information, see
theSymantecProtection
EngineManagementPack
Integration Guideon theSymantec Protection
Engine product CD.
System Center OperationsManager 2007(SCOM)
Pack
Adobe Acrobat Reader is required to view the reports that are generated in .pdf
format. You can download Adobe Acrobat Reader fromhttp://www.adobe.com/.
Getting StartedComponents of Symantec Protection Engine
12
http://www.adobe.com/http://www.adobe.com/ -
8/13/2019 SPE CS Getting Started Guide
13/20
About implementing Symantec Protection Engine forCloud Services
Implementation of Symantec Protection Engine for Cloud Services involves the
following process:
Ensure that your messaging or caching solution is properly installed and
configured.
For more information about the hardware and system requirements for your
messaging or caching solution, see your product documentation.
If applicable, install the connector code or plug-in for your messaging or
caching solution. You must install the connector on the computer on which
the messaging or caching solution is installed.
For more information about installing and configuring the connector, see thedocumentation for your connector.
Install Symantec Protection Engine on a separate computer.
Symantec Protection Engine is included on the Symantec Protection Engine
for Cloud Services 7.0 CD.
For more information about installing and configuring the Protection Engine,
see theSymantecProtection Engine Implementation Guideon the CD.
Configure Symantec Protection Engine.
Youmust configure the Protection Engine before you configure the messaging
or caching solution to send files to the Protection Engine.
For more information about integrating your messaging or caching solution
with the Protection Engine, see the appropriate configuration guide.
Configure the messaging or caching solution to send files to the Protection
Engine.
For more information about integrating your messaging or caching solution
with the Protection Engine, see the appropriate configuration guide.
Before you install Symantec Protection EngineInstall Symantec Protection Engine on a computer that meets the systemrequirements. Beforeyouinstall Symantec Protection Engine, install and configure
the operating system softwareand applicable updates for your server. Also ensure
that your operating system software and server work correctly. For more
information, see the documentation for your server.
See System requirementson page 15.
Before you install Symantec Protection Engine, take the following steps:
Getting StartedAbout implementing Symantec Protection Engine for Cloud Services
-
8/13/2019 SPE CS Getting Started Guide
14/20
On Windows operating system, if you want to use Windows Active
Directory-based authentication method to access the Symantec Protection
Engine console, you must ensure the following:
Create or identify an existing security group in the Active Directory thatwould be authorized to access the Symantec Protection Engine console.
The server (on which you plan to install Symantec Protection Engine)
belongs to the same domain or has trust relationship with the Active
Directory, that contains the security group authorized to access the
Symantec Protection Engine console.
Install Java 2SE Runtime Environment (JRE) 5.0 (update 13 or later), JRE 6.0
(update 21 or later), or JRE 7.0 (update 03 or later) on the server. It is
recommended to use JRE 7.0 (update 03 or later).
Note:Symantec Protection Engine supports only 32-bit versions of Java
Runtime Environment. Symantec Protection Engine cannot be installed with
64-bit JRE versions.
Disable any third-party antivirus products that are running on the server on
which youplan to install Symantec Protection Engine. Youcanturn on antivirus
protection after installation is complete.
Symantec Protection Engine scans the files that client applications pass to
Symantec Protection Engine. Symantec Protection Engine does not protect
the computer on which it runs. Since Symantec Protection Engine processesthe files that might contain threats, the server on which it runs is vulnerable
if it has no real-time protection.
Use an antivirus program to protect the server on which Symantec Protection
Engine runs, such as Symantec Endpoint Protection. To prevent scanning
conflicts, configure theantivirus program not to scan thetemporary directory
that Symantec Protection Engine uses for scanning.
Review the deployment considerations and recommendations. These
recommendations can enhance your overall performance.
After you complete the installation, perform the post-installation tasks.For post-installation tasks, see theSymantecProtection Engine Implementation
Guide.
Migrating to version 7.0
While installing Symantec Protection Engine, you can choose to upgrade from
the previous version to version 7.0
Getting StartedBefore you install Symantec Protection Engine
14
-
8/13/2019 SPE CS Getting Started Guide
15/20
Table 1-4describes the upgrades that Symantec Protection Engine supports.
Table 1-4 Supported upgrades
DescriptionPrevious version number
You can install the upgrade over the existing installation.
When you upgrade from version 5.2, Symantec Protection
Engine retains all of the settings and values that you have
configured.
5.2
You can install the upgrade over the existing installation.
When you upgrade from version 5.1, Symantec Protection
Engine retains all of the settings and values that you have
configured.
5.1
Upgrades from version 4.3x or earlier of theproduct are not
supported. If you want to upgrade a version 4.3x or earlier
installation, you must first upgrade your installation to
version 5.2x (which does support a direct upgrade from
version 4.3x), and then upgrade the version 5.2x installation
to version 7.0.
4.3x and earlier
Note:Symantec Protection Engine does not support upgrades from version 5.0.
You must stop the Symantec Protection Engine service before you upgrade thesoftware. If you cancel the upgrade on Solaris after selecting the upgrade type,
you must reinstall the previous version.
If you want to upgrade from version 5.2/5.1 and use security certificates, take the
following actions:
If youuse the default security files thatSymantec ProtectionEngine generated,
delete the keystore.public and keystore.private before youperform the upgrade
installation.
If you use custom security files, you can retain the custom security files.
Symantec Protection Engine automatically uses the existing files when youupgrade.
System requirementsBefore you install Symantec Protection Engine, verify that your server meets the
minimum system requirements.
Getting StartedSystem requirements
-
8/13/2019 SPE CS Getting Started Guide
16/20
See System requirements to install Symantec Protection Engine on Windows
on page 16.
See System requirements to install Symantec Protection Engine on Solaris
on page 17.
See System requirements to install Symantec Protection Engine on Linux
on page 18.
System requirements to install Symantec Protection Engine onWindows
The following are the minimum system requirements for installing Symantec
Protection Engine on Windows:
Windows Server 2003 (32-bit and 64-bit)
Windows Server 2003 R2 (32-bit and 64-bit)
Windows Server 2003 R2 Japanese (32-bit and 64-bit)
Windows Server 2008 SP2 (32-bit and 64-bit)
Windows Server 2008 R2 (64-bit)
Windows Server 2008 Japanese (32-bit and 64-bit)
Windows Server 2008 R2 Japanese (64-bit)
Windows Server 2012 (64-bit)
Ensure that your operating system has the latest service patches
available.
Operating system
Intel or AMD Server Grade Single Processor Quad Core systems or
higher
Processor
4 GB of RAM or higherMemory
5 GB of hard disk space
10 GB of hard disk space for using URL Filtering feature
Disk space
Network interface card (NIC) running TCP/IP with a static IP
address
Internet connection to update definitions
100 Mbps Ethernet link (1 Gbps recommended)
Hardware
Getting StartedSystem requirements
16
-
8/13/2019 SPE CS Getting Started Guide
17/20
J2SE Runtime Environment (JRE) 5.0 (update 13 or later), JRE 6.0
(update 21 or later), or JRE 7.0 (update 03 or later)
It is recommended to use JRE 7.0 (update 03 or later).
Note:Symantec Protection Engine supports only 32-bit versionsof JavaRuntimeEnvironment. Symantec Protection Engine cannot
be installed with 64-bit JRE versions.
Microsoft Visual C++ 2005 (SP1 or later) redistributable package
(x86)
One of the following Web browsers to access the Symantec
Protection Engine console:
Microsoft Internet Explorer 8 or later
Use Microsoft Internet Explorer to access the Symantec
Protection Engine console from a Windows client computer.
Mozilla Firefox 10 or later
Use Mozilla Firefox to access the Symantec Protection Engine
console from a Solaris or Linux client computer.
The Web browser is only required for Web-based administration.
You must install the Web browser on a computer from which you
want to access the Symantec Protection Engine console. The
computer must have access to the server on which Symantec
Protection Engine runs.
Software
System requirements to install Symantec Protection Engine on Solaris
The following are the minimum system requirements for installing Symantec
Protection Engine on Solaris:
Solaris 10 and 11
Ensure that your operating system has the latest service patches
available.
Operating system
UltraSPARCProcessor
4 GB of RAM or higherMemory
5 GB of hard disk space
10 GB of hard disk space for using URL Filtering feature
Disk space
Network interface card (NIC) running TCP/IP with a static IP
address
Internet connection to update definitions
100 Mbps Ethernet link (1 Gbps recommended)
Hardware
Getting StartedSystem requirements
-
8/13/2019 SPE CS Getting Started Guide
18/20
J2SE Runtime Environment (JRE) 5.0 (update 13 or later), JRE 6.0
(update 21 or later), or JRE 7.0 (update 03 or later)
It is recommended to use JRE 7.0 (update 03 or later).
If you install the self-extracting JRE, ensure that you note theinstallation location. You must provide the location of the JRE if
the installer is unable to detect it.
Note:Symantec Protection Engine supports only 32-bit versions
of JavaRuntimeEnvironment. Symantec Protection Engine cannot
be installed with 64-bit JRE versions.
One of the following Web browsers to access the Symantec
Protection Engine console:
Mozilla Firefox 10 or later
Use Mozilla Firefox to access the Symantec Protection Engine
console from a Solaris or Linux client computer.
Microsoft Internet Explorer 8 or later
Use Microsoft Internet Explorer to access the Symantec
Protection Engine console from a Windows client computer.
The Web browser is only required for Web-based administration.
You must install the Web browser on a computer from which you
want to access the Symantec Protection Engine console. The
computer must have access to the server on which Symantec
Protection Engine runs.
Software
System requirements to install Symantec Protection Engine on LinuxThe following are the minimum system requirements for installing Symantec
Protection Engine on Linux:
Red Hat Enterprise Linux Server 5.5 (32-bit and 64-bit) and later
Red Hat Advanced Linux Server 5.5 (32-bit and 64-bit) and later
Red Hat Enterprise Linux Server 6 (32-bit and 64-bit) and later
Red Hat Advanced Linux Server 6 (32-bit and 64-bit) and later
SUSE Linux Enterprise Server 11 (32-bit and 64-bit)
Ensure that your operating system has the latest service patches
available.
Operating system
Intel or AMD Server Grade Single Processor Quad Core systems or
higher
Processor
4 GB of RAM or higherMemory
5 GB of hard disk space
10 GB of hard disk space for using URL Filtering feature
Disk space
Getting StartedSystem requirements
18
-
8/13/2019 SPE CS Getting Started Guide
19/20
-
8/13/2019 SPE CS Getting Started Guide
20/20
Where to get more informationFor more information about using this product, the following resources are
available on the Symantec Protection Engine for Cloud Services 7.0 CD at thefollowing locations:
Symantec_Protection_Engine\Docs\Symantec Protection Engine for Cloud
Services Implementation Guide
You can visit the Symantec Web site for more information about your product.
The following online resources for Symantec Protection Engine and its supported
caching and messaging devices are available:
http://www.symantec.com/docs/HOWTO77303Latest supported caching and messagingdevices documentation
http://www.symantec.com/
enterprise/support/index.jsp
Technical support Knowledge Base, news
groups, contactinformation, downloads, and
mailing list subscriptions
http://enterprisesecurity.symantec.com/Product news and updates
http://www.symantec.com/
security_response/index.jsp
Virus Encyclopedia, which contains
information about all known threats;
information about hoaxes; and access to
white papers about threats
Getting StartedWhere to get more information
20
http://www.symantec.com/docs/HOWTO77303http://www.symantec.com/%E0%A5%AEterprise/support/index.jsphttp://www.symantec.com/%E0%A5%AEterprise/support/index.jsphttp://enterprisesecurity.symantec.com/http://www.symantec.com/%E0%B3%A5curity_response/index.jsphttp://www.symantec.com/%E0%B3%A5curity_response/index.jsphttp://www.symantec.com/%E0%B3%A5curity_response/index.jsphttp://www.symantec.com/%E0%B3%A5curity_response/index.jsphttp://enterprisesecurity.symantec.com/http://www.symantec.com/%E0%A5%AEterprise/support/index.jsphttp://www.symantec.com/%E0%A5%AEterprise/support/index.jsphttp://www.symantec.com/docs/HOWTO77303