52Installing Symantec Critical System Protection on Windows

Installing a Windows agent

 

Table 3-4

Windows agent installation settings

 

 

 

 

Setting

Default

 

Description

 

 

 

Logs File

C:\Program Files\Symantec

The installation directory prefix for the <prefix dir>/scsplogs

Directory

\Critical System Protection

subdirectory.

 

\Agent

 

The installation creates an scsplog folder under the folder that

 

 

 

 

 

 

you specify.

 

 

 

 

Agent Name

Host name of agent

 

The agent name.

 

computer

 

After installation, you can change the agent name using the

 

 

 

 

 

 

management console.

 

 

 

 

Polling Interval

300 seconds

 

The interval that the agent uses to poll the management server

 

 

 

for policy and configuration updates.

 

 

 

 

Enable Intrusion

Enabled

 

Indicates whether to enable intrusion prevention.

Prevention

 

 

When enabled, the prevention features of Symantec Critical

 

 

 

 

 

 

System Protection are enabled for the agent. The IPS drivers are

 

 

 

loaded on the agent computer, and the agent accepts prevention

 

 

 

policies from the management console.

 

 

 

If you disable intrusion prevention and want to enable it in the

 

 

 

future, you must run the sisipsconfig.exe tool in the

 

 

 

\Agent\IPS\bin directory with the -i option, and restart the

 

 

 

computer. The -i option toggles the intrusion prevention service

 

 

 

on and off.

 

 

 

Symantec strongly recommends that you enable intrusion

 

 

 

prevention.

 

 

 

 

Enable Real-time

Enabled

 

Indicates whether to enable real-time notification.

Notification

 

 

In addition to using the polling interval, agents can use real-time

 

 

 

 

 

 

notification to obtain configuration changes. With real-time

 

 

 

notification, the management server sends a real-time

 

 

 

notification message to an agent as configuration changes occur.

 

 

 

Upon receiving the notification, the agent queries the

 

 

 

management server for the changes.

 

 

 

When real-time notification is disabled, the management server

 

 

 

does not send any messages to the agent and relies on the polling

 

 

 

interval to update the agent.

 

 

 

 

Notification port

2222

 

The port that is used to receive real-time notifications from the

 

 

 

management server.

 

 

 

You can change this port after installation by using the

 

 

 

management console to change the agent properties.

 

 

 

 

Page 51 Page 53
Page 52
Image 52
Symantec Critical System manual Windows agent installation settings
Page 51 Page 53
Top Page Image Contents