?

Symantec Endpoint Protection

Bookmark
2 people launched
Solution Overview
WWT's Symantec Endpoint Protection Lab exists to provide a sandbox environment that can be used to evaluate the Symantec solution suite across a wide variety of endpoints, including both Windows and Unix-based operating systems. There is also an attack machine, running Kali Linux, with which to test the efficacy of these tools using benign, non-weaponized malware. 
 
Symantec offers a complete and integrated endpoint security solution to prevent, harden, detect and respond to emerging threats across traditional and modern devices – all implemented using a single agent and single cloud console architecture. 
 
Symantec Endpoint Security’s innovative approach of interlocking defenses at the device, the app and the network level coupled with modern AI-guided security management, supported by Symantec’s Global Threat Intelligence Network, delivers the most effective protection at a low total cost of ownership. 
 
You will access the environment using a Windows-based jumphost from which you can browse web consoles, open RDP/SSH sessions, etc. (see topology below). 

Goals & Objectives

The purpose of the sandbox lab is to help you develop proficiency in deploying, managing and monitoring the Symantec Endpoint Protection (SEP) Cloud solution. The lab guide provides a flexible framework for evaluating the solution, its installation and behavior in a sample customer environment.

The lab environment will allow you to:

  • Access the ESA Baseline Sandbox environment
  • Login to the cloud-based portal
  • Navigate the portal's interface and workflow
  • Deploy agents on Windows systems
  • Deploy agents on Linux systems

Hardware & Software

This lab consists of the following hardware and software:
 
Software 
  • Symantec Endpoint Protection Cloud (Current version) 
  • Symantec Endpoint Protection 15 (Current version) 
 
Server Devices 
  • 1x Windows Jumphost (Windows Server 2016) 
  • 1x Generic Server (Windows Server 2012) 
  • 1x Generic Server (Windows Server 2016) 
  • 1x Generic Server (Red Hat Enterprise Linux 7) 
  • 1x Generic Server (CentOS 7) 
  • 1x Generic Server (Solaris 11) 
  
Client Devices 
  • 1x Attack Client (Windows 10 Enterprise) 
  • 1x Generic Client (Windows 7 Enterprise) 
  • 1x Attack Host (Kali Linux 2018) 

Technologies