How do I install symantec antivirus corporate client on a citrix box. Below is link I found on symantec website, does that mean I install symantec antivirus using remote desktop? If not how do I access the server in Remote desktop mode. I would like it to install just the symantec client on the server and not the on every session that is connected. Thanks in advace for your help.
To directly answer your question of "how do I do this"?
Well, you can push the SEP/SAV client from your Symantec System Manager program or you can install it manually on the system. To install it manually, either go to the server's console or RDP onto the desktop or Citrix into the desktop. Then double click on the installer for SEP/SAV.
Make sure you follow the best practices for tweaking the AV product. For example, I don't enable Tamper Protection, I take away the TruScan and Network Threat Detection...just use core AV. You can do real time and schedule scanning or just scheduled. The choice is based on your comfort level. I take the processor/RAM hit and do real time...infection risk outweighs the overhead of real time AV in my book.
You can take steps to de-tune what runs in client sessions (ccApp for example, provides email scanning and normally runs for every user but you can keep it from running in user sessions). By default though, you will get multiple processes but they aren't redundant IMO. The scheduled scans will run in a single instance, not with every user so it isn't as bad as you might imagine.
I do recommend changing the advanced options to scan when files are modified, not mod and opened. Also, I take away network drive scanning. This can be all configured in your Symantec console; make a new group/profile-thing that is just for TS/Citrix systems and then you can push the client to all of your TS/Citrix systems at once.
Did this answer your question? Basically, you install it like any other system but there are some tweaks.
jaya31
ASKER
Thats a very detailed answer, and answers all my questions. I just want to be clear on one thing, what is remote desktop mode in windows 2003. Is it using remote desktop from another machine. I called symantec before posting the question and they advised that remote desktop mode is "session 0", which is the same as being in front of the console. Thanks again, you answered all my questions including follow questions I had. Thx
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110719275748
http://www.symantec.com/connect/downloads/best-practices-symantec-endpoint-protection-citrix-and-terminal-servers
To directly answer your question of "how do I do this"?
Well, you can push the SEP/SAV client from your Symantec System Manager program or you can install it manually on the system. To install it manually, either go to the server's console or RDP onto the desktop or Citrix into the desktop. Then double click on the installer for SEP/SAV.
Make sure you follow the best practices for tweaking the AV product. For example, I don't enable Tamper Protection, I take away the TruScan and Network Threat Detection...just use core AV. You can do real time and schedule scanning or just scheduled. The choice is based on your comfort level. I take the processor/RAM hit and do real time...infection risk outweighs the overhead of real time AV in my book.
You can take steps to de-tune what runs in client sessions (ccApp for example, provides email scanning and normally runs for every user but you can keep it from running in user sessions). By default though, you will get multiple processes but they aren't redundant IMO. The scheduled scans will run in a single instance, not with every user so it isn't as bad as you might imagine.
I do recommend changing the advanced options to scan when files are modified, not mod and opened. Also, I take away network drive scanning. This can be all configured in your Symantec console; make a new group/profile-thing that is just for TS/Citrix systems and then you can push the client to all of your TS/Citrix systems at once.
Did this answer your question? Basically, you install it like any other system but there are some tweaks.