The solution also helped give us visibility into compliance within our whole system and ensure everything is updated. We're not relying on the central intrusion detection system. Symantec centralized our intrusion detection system while creating additional layers of security at the endpoint level. That is the normal architecture for Symantec. Any time people connect to the network, the system will update automatically. They talk directly to the management server to get the updates regularly because the servers are always on the network at the data center, the workstations that people shut down at the end of the day. The servers in the data center don't need to talk to any distribution points. This one makes ensures my assets, ATMs, workstations, and servers can update as soon as possible.
These different locations have their own IP subnets, so I will configure the update data so that the IP within that subnet can talk to it and no other IP outside the subnet. I will have the updated data at location one, and I have other data at location two. Let's say I have two different locations. These distribution points in Symantec record the data needed to update all the other systems When I need to send a file to update all the other systems, I send it to these distribution points. The ATMs are always on the network because they're connected with other points at every branch and location. I set up distributional points on systems and ATMs. To centrally manage the antivirus, I have to set up distribution points because I have more than 14,000 endpoints altogether distributed across more than 250 branches in Nigeria. The activities on servers and ATMs are dynamic, so the antivirus must also be very light. It's a stripped-down version that removes some of the components and add-ons that are not part of the endpoint protection engines, so the agent is lighter and can be deployed faster. The agents for the ATMs and servers aren't as heavy as the ones for workstations. I have three different kinds of agents on the endpoint that I can use to control access. The management server will give me the current status. If I want to check the status of any asset, I need to get the details like the IP address and the hostname of the system. There's a central management server we use to manage all the endpoints, regardless of the categories, and we install an agent on all the endpoints that reports to the management server. Symantec Endpoint Protection is an antivirus with anti-malware and application control capabilities that we use to protect assets like servers, workstations, and ATMs.
0 kommentar(er)
