Link to home
Create AccountLog in
Avatar of jaya31
jaya31Flag for United States of America

asked on

citrix

How do I install symantec antivirus corporate client on a citrix box. Below is link I found on symantec website, does that mean I install symantec antivirus using remote desktop? If not how do I access the server in Remote desktop mode. I would like it to install just the symantec client on the server and not the on every session that is connected. Thanks in advace for your help.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2002093014240148?Open&src=w
Avatar of BLipman
BLipman
Flag of United States of America image

Here is more current stuff:

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110719275748

http://www.symantec.com/connect/downloads/best-practices-symantec-endpoint-protection-citrix-and-terminal-servers

To directly answer your question of "how do I do this"?
Well, you can push the SEP/SAV client from your Symantec System Manager program or you can install it manually on the system.  To install it manually, either go to the server's console or RDP onto the desktop or Citrix into the desktop.  Then double click on the installer for SEP/SAV.  

Make sure you follow the best practices for tweaking the AV product.  For example, I don't enable Tamper Protection, I take away the TruScan and Network Threat Detection...just use core AV.  You can do real time and schedule scanning or just scheduled.  The choice is based on your comfort level.  I take the processor/RAM hit and do real time...infection risk outweighs the overhead of real time AV in my book.  

You can take steps to de-tune what runs in client sessions (ccApp for example, provides email scanning and normally runs for every user but you can keep it from running in user sessions).  By default though, you will get multiple processes but they aren't redundant IMO.  The scheduled scans will run in a single instance, not with every user so it isn't as bad as you might imagine.

I do recommend changing the advanced options to scan when files are modified, not mod and opened.  Also, I take away network drive scanning.  This can be all configured in your Symantec console; make a new group/profile-thing that is just for TS/Citrix systems and then you can push the client to all of your TS/Citrix systems at once.  

Did this answer your question?  Basically, you install it like any other system but there are some tweaks.  
Avatar of jaya31

ASKER

Thats a very detailed answer, and answers all my questions. I just want to be clear on one thing, what is remote desktop mode in windows 2003. Is it using remote desktop from another machine. I called symantec before posting the question and they advised that remote desktop mode is "session 0", which is the same as being in front of the console. Thanks again, you answered all my questions including follow questions I had. Thx
ASKER CERTIFIED SOLUTION
Avatar of BLipman
BLipman
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of jaya31

ASKER

Got it. Thanks much for help and detail, details are great!. Thx
Avatar of jaya31

ASKER

Excellent Expert Advice