Dell PowerStore 1200T Using the Common Event Enabler 8.x on Windows Platforms - Page 23
Set Windows Service Control Manager options, Symantec Protection Engine, Setting exclusions
View all Dell PowerStore 1200T manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 23 highlights
Set Windows Service Control Manager options About this task For Symantec Endpoint Protection versions 11.04 and 11.06 only, perform the following steps: Steps 1. Open the Microsoft Windows Service Control Manager and navigate to Symantec Endpoint Protection. 2. Right-click Symantec Endpoint Protection and select Properties. 3. Click the Log On tab. 4. Set This account to the same EMC CAVA Service user who has EMC virus checking rights. 5. Click OK. Symantec Protection Engine Symantec Protection Engine resides on an AV machine and interfaces with CAVA by using the Internet Content Adaptation Protocol (ICAP) protocol. The application that requires antivirus scanning links to the Symantec library of scanning API calls by using this protocol. About this task NOTE: You must change the Symantec Protection Engine service from SYSTEM to the same user that is running CAVA, otherwise access problems can result. Domain user account overview provides more information about configuring the domain user and assigning access rights. Steps 1. Install the Symantec Protection Engine software. The Symantec documentation provides specific installation steps. 2. Navigate to the Symantec Protection Engine Status page. Click Configuration. 3. Select ICAP protocol, and type 1344 in the Port number box. NOTE: In order for Symantec Protection Engine to work with VNX or Unity, ICAP needs to accept requests from IP address 127.0.0.1. This can be done by either leaving the bind address field blank that includes all addresses, or by specifying 127.0.0.1. 4. Perform the following: a. Stop the Scan Engine Service. b. Open a command prompt, navigate to the directory where the scan engine has been installed, and run the following command: java -jar xmlmodifier.jar -s /policies/Misc/HonorReadOnly/@value false policy.xml c. Restart the Scan Engine Service. If the above setting is not specified, Symantec Protection Engine cannot delete the infected files because CAVA will not accept any scan requests. 5. Click LiveUpdate. Click LiveUpdate Now to get any new definition files. Setting exclusions When using Symantec Protection Engine and Symantec Endpoint Protection on the same machine, the temporary scan directory of Symantec Protection Engine must be set in the Exclusions section of the File System Auto-Protect configuration menu in the Symantec Endpoint Protection main console. This is to ensure that the AV engine takes action on all infected files that the virus scan detects. About this task Installing Third-Party Application Antivirus Engines 23