So far, to mitigate flooding the entire network, we have throttled the SEPM traffic externally (at VM and switching level), which works to prevent congestion at the head-end network.
However, that won't guarantee any bandwidth for management traffic.
You can add IPS using the Endpoint Protection Manager under add/remove programs and full Symantec IPS instructions are available here.
As for firewall, in version 12.1 and later firewall is a separate function that does not need to be installed for IPS to function, however, for version 11 you must have the firewall running for IPS to work.
Also, tune the scheduling frequency down to one hour.
For all other locations, make sure you use the SEP Manager to distribute product software and content updates.
Powered by an automated data collection process, it generates a report that provides baseline evaluation of your security posture.Unfortunately, Symantec doesn't appear to have a built-in way to throttle bandwidth on the remote clients directly, only on the GUP clients.In this post I identify helpful links and tips from Symantec experts and reveal how to get a fast expert-led analysis of Symantec Endpoint Protection for free – before you switch.We'd like to implement some change at the OS or application level to throttle the traffic without needing some heavyweight Qo S deployment at 100s of offices.Ideally we would like to be able to throttle the amount of traffic used per client for SEP updates.The article covers things like ensuring all SEP clients and SEPMS are running the latest maintenance release, using the Group Update Provider (GUP) for content distribution, and how to ensure out-of-date SEP clients to still get incremental updates.It even explains the best way to use a MS-SQL database for large environments.Scan the headers below for best practices in all areas of SEP and lots of links to helpful guides, as well as a way to get a free analysis of your SEP environment at the bottom using Symantec’s Best Kept Secret.Installation is a big topic, so I encourage you to read Symantec’s Top 10 SEP installation best practices.There are twelve best practices for security you should consider with SEP, I will list the top three here and link to the rest.Get nine more best practices like disabling and blocking service access, configuring email server to remove attachments and isolating compromised computers here: SEP top twelve security best practices.