Deployment For Mac
Creating an Office 2016 package for Mac Deployment; Creating an Office 2016 package for Mac Deployment. Software Deployment Software Systems Management Supporting Mac Microsoft Office Apple Mac OS.
Before you deploy Symantec Endpoint Protection from Symantec Endpoint Protection Manager, you must take steps to prepare the computers to ensure a successful remote installation. These steps pertain only to remote installation. You can reverse these changes afterward, but you must apply them again to perform another remote installation. Lists the tasks that you must perform on all computers to which you plan to remotely deploy the Symantec Endpoint Protection client. Lists the additional tasks that you must perform on Windows computers. See your Windows documentation for more information on any tasks you do not know how to perform.
Lists the additional tasks that you must do on Mac computers. See your Mac documentation for more information on any tasks you do not know how to perform. Table: Tasks to prepare all computers for remote deployment Task Details Have administrative rights to your client computers If the client computer is part of an Active Directory domain, you should use domain administrator account credentials for a remote push installation. Otherwise, have the administrator credentials available for each computer to which you deploy. Modify firewall settings Modify firewall settings to allow communication between Symantec Endpoint Protection components. Uninstall existing third-party security software Uninstall any third-party security software currently in use. For Windows computers, Symantec Endpoint Protection version 12.1 RU1 MP1 and later includes a tool to help automatically uninstall select third-party security software.
You must separately uninstall any security software that this tool does not uninstall. Note: Some programs may have special uninstallation routines, or may need to have a self-protection component disabled.
See the documentation for the third-party software. You configure this tool before you deploy, and the uninstallation occurs before Symantec Endpoint Protection installs. Uninstall Symantec Endpoint Protection clients that do not uninstall normally As of 14, you can uninstall an existing installation of the Symantec Endpoint Protection client for Windows. You should only use this option if the existing Symantec Endpoint Protection installation does not uninstall normally. You should not use this option as part of a standard deployment. You configure this tool before you deploy, and the uninstallation occurs before Symantec Endpoint Protection installs. Uninstall unsupported or consumer Symantec security software Uninstall any unsupported Symantec security software, such as Symantec AntiVirus or Symantec Client Security.
Migration directly from these products is not supported. You must also uninstall any consumer-branded Symantec security products, such as Norton Internet Security. See the documentation for your Symantec software for information about uninstallation. Note: This limitation does not apply to computers that are part of an Active Directory domain. You may also need to ensure that the Administrator account does not have a blank password.
Prepare Windows Vista, Windows 7, or Windows Server 2008 / 2008 R2 computers Windows User Account Control blocks local administrative accounts from remotely accessing remote administrative shares such as C$ and Admin$. You do not need to fully disable User Account Control on the client computers during the remote deployment if you disable the registry key LocalAccountTokenFilterPolicy.
Deployment For Current Logged In User
To disable UAC remote restrictions, see: Perform the following tasks. Disable the Sharing Wizard. The Sharing Wizard prevents more advanced sharing options from working during Remote Push. Enable network discovery by using the Network and Sharing Center. Network discovery lets you browse the network. You do not need it to search the network.
Enable the built-in administrator account and assign a password to the account. Remote Push fails when the local administrator account has a blank password. If the Windows client computer is part of an Active Directory domain, use domain administrator account credentials with local administrator privileges for Remote Push. Verify that the account with which you push the installation has administrator privileges. Enable and start the Remote Registry service. Disable or remove Windows Defender.
Consult the operating system's documentation for guidance on how to successfully complete these tasks. Prepare Windows 8 / 8.1 or later, or Windows Server 2012 / 2012 R2 or later computers Before you deploy, perform the following tasks. Click System Preferences Sharing Remote Login and either allow access for all users, or only for specific users, such as Administrators.
If you use the Mac firewall, disable stealth mode. With stealth mode enabled, the remote push installation cannot discover the client through Search Network. To disable stealth mode on the Mac, see the following article that applies to your version of the Mac operating system. (10.13; Symantec Endpoint Protection 14.0.1) (10.12; Symantec Endpoint Protection 12.1.6 MP6 - 14.0.1) (10.11; Symantec Endpoint Protection 12.1.6 MP2 - 14.0.1) (10.10; Symantec Endpoint Protection 12.1.5 - 14.0.1) (10.9; Symantec Endpoint Protection 12.1.4 - 14 MP2) (10.8; Symantec Endpoint Protection 12.1.2 - 12.1.6.x) For other versions of Mac OS X, see. Ensure that the firewall does not block the port that Secure Shell (SSH) uses. By default, this port is TCP port 22.
Sophos Deployment For Mac
This port allows the required communication for remote logon. The Bonjour service does not support IPv6 networking. To ensure that Browse Network or Search Network displays these Macs, ensure that they also have IPv4 networking enabled. IPv6 networking is supported as of 14.2.