FREQUENTLY ASKED QUESTION
I believe the sole Frequently Asked Question (FAQ) should tell you what I am all about.
What do you do exactly?
Simple. Through using Symantec Corporation best practices and with critical and substantial real world experience and scenarios (RWES), through precision and due diligence plan and execute strategic solutions and resolutions to address, remediate, neutralize, deter and defend against Internet based attacks on endpoint assets (laptops, desktops, servers, and point of sale (POS systems). My clients/customers range from home small office home office (SOHO) end users, "mom and pop" shops, large businesses/corporations. I am actively pursuing and local, state and federal Government agencies and departments. It is that simple - period. Feel free to ask me for a copy of my operative service level agreement (SLA) regarding what I can do for you as a expert and seasoned consultant.
Under defined Statement of Work (SOW) and Service Level Agreement (SLA) mandates contractually assist clients and customers with their security initiatives on all endpoints in their operations and infrastructure with SEP/SEPM/SNAC. Mr. Payne consults and administers for clients/customers their Symantec Endpoint Protection (SEP) and Manager (SEPM) 12.1.6 with or without Symantec Network Access Control (SNAC) 12.1.6.
As duly certified and trained by Symantec Corporation and under a lifetime designation as a Symantec Certified Specialist (SCS) and Symantec Sales Expert (SSE&SSE+), apply best practices with real world experience and scenarios in a SEP/SEPM/SNAC 12.1.6 operational service and support role.
Brief client/customers on differences with SEP 11.0.x and SEP 12.1.6 when performing assessment of their endpoint security and encryption (full disk and removable media) solution.
Providing security assessments of computer systems (laptops, desktops, and servers) endpoints at the operating system level, file system and port analysis. This includes the new PGP powered encryption Solution offered by Symantec with their Endpoint Encryption 11.0 product (September 2014 release).
Deploy and configure SEP Spyware and Virus Protection (AV/AS), Proactive Threat Protection (SONAR), Network Threat Protection (NTP), Application and Device Control (ADC), Intrusion Detection/Prevention System (IDS/IPS), Host Integrity (HI), LiveUpdate and Centralized Exceptions policy configuration, application, deployment and enforcement from the SEPM to all SEP/SNAC 12.1.x endpoints.
With SEP 188.8.131.52 (RU6, MP4) implement and roll out HI policies for a more secure endpoint ensuring compliance with the three (AV/AS, SONAR and NTP) traditional protection technology components.
Conduct Load Point Analysis using Symantec’s SymHelp on endpoints as necessary and using ADC advanced logging to capture all Windows file and registry access during incident response.
Utilize SEPM/SNAC for incident response and advanced persistent threats (APT’s).
Review, clarify and explain daily/weekly SEPM/SNAC logs and reports with upper management and principals who have a vested interest in endpoint security.
Migrate clients/customers from other deployed or contemplated security solutions to RU6, MP4 including any upgrades from legacy SEP 11.0.x in a precise, tactical and strategic and with RWES.
Provide day-to-day administration of the SEPM and SEP clients acting as a Group Update Provider (GUP).
This includes specifically:
- Assist with ensuring any QA/Test/Development SEPM environment mirrors to the maximum degree possible the production SEPM environment which is critical for a successful design > development > test > production deployment phased approach.
- Ensuring SEP/SNAC functionality on all machines and features working as designed
Troubleshooting SEP with third party installation and interoperability.
- Configure SEPM policies ensuring compliance with SEP/SNAC clients.
- Create installation package for every type of client machines.
- Configure LiveUpdate process taking into consideration business uptime and core business hours for all endpoints (i.e. laptops, desktops, servers, tablets) and SEP clients acting in the role of a GUP.
- Checking regular SEPM to external Symantec LiveUpdate servers and deployed Group Update Providers (GUP) for synchronization and monitoring to ensure definition engines and signatures are updated on schedule. Further, help troubleshoot all issues related to definition and signature downloading or updating to the SEP/SNAC agents across the enterprise (domestic and international)
- Providing assistance to other teams and groups responsible for the network security function (i.e. Network, Information Security, Forensics, Legal, and Incident Response).
- Help troubleshoot all issues on virus infections/prevention with the SEP agent features and policies deployed from the SEPM. Further advocate and utilize SEPM advanced capabilities for incident response and recovery.
- Monitoring SEPM load balancing, failover, disaster recovery coverage and SQL Server database maintenance and backup, etc.
- Prepare and provide weekly reports out from the SEPM server as requested by management.