Symantec Endpoint Protection Sandbox

9 Launches
Solution Overview
WWT's Symantec Endpoint Protection Lab exists to provide a sandbox environment that can be used to evaluate the Symantec solution suite across a wide variety of endpoints, including both Windows and Unix-based operating systems. There is also an attack machine, running Kali Linux, with which to test the efficacy of these tools using benign, non-weaponized malware. 
Symantec offers a complete and integrated endpoint security solution to prevent, harden, detect and respond to emerging threats across traditional and modern devices — all implemented using a single agent and single cloud console architecture. 
Symantec Endpoint Security’s innovative approach of interlocking defenses at the device, the app and the network level — coupled with modern AI-guided security management — supported by Symantec’s Global Threat Intelligence Network, delivers the most effective protection at a low total cost of ownership.
You will access the environment using a Windows-based jumphost from which you can browse web consoles, open RDP/SSH sessions, etc. See topology design above and to the right.

Goals & Objectives

The purpose of the sandbox lab is to help you develop proficiency in deploying, managing and monitoring the Symantec Endpoint Protection (SEP) Cloud solution. The lab guide provides a flexible framework for evaluating the solution, its installation and behavior in a sample customer environment.

The lab environment will allow you to:
  • Access the ESA baseline sandbox environment.
  • Login to the cloud-based portal.
  • Navigate the portal's interface and workflow.
  • Deploy agents on Windows systems.
  • Deploy agents on Linux systems.

Hardware & Software

This lab consists of the following hardware and software:
  • Symantec Endpoint Protection Cloud (current version). 
  • Symantec Endpoint Protection 15 (current version). 
Server Devices 
  • 1x Windows Jumphost (Windows Server 2016). 
  • 1x Generic Server (Windows Server 2012). 
  • 1x Generic Server (Windows Server 2016). 
  • 1x Generic Server (Red Hat Enterprise Linux 7). 
  • 1x Generic Server (CentOS 7). 
  • 1x Generic Server (Solaris 11). 
Client Devices 
  • 1x Attack Client (Windows 10 Enterprise). 
  • 1x Generic Client (Windows 7 Enterprise). 
  • 1x Attack Host (Kali Linux 2018).