Search

All of Symantec All of Symantec Support Viruses & Risks Home & Home Office Small Business Enterprise Partners VERITAS

Question/Issue:
You need to run Symantec Endpoint Protection Manager with a custom HTTP port, either on a custom Web site or the Default Web site. This configuration is useful when you have other sites that run on port 80 that conflict with Symantec Endpoint Protection Manager. It also helps to secure sites if you run them on nonstandard ports.


Solution:
If you have already installed the Symantec Endpoint Protection Manager onto the default Web site, then skip to "Configuring Symantec Endpoint Protection Manager to use a custom HTTP port."
If it is a new installation, begin from "Installing Symantec Endpoint Protection Manager using a custom Web site."

Installing Symantec Endpoint Protection Manager using a custom Web site

1. Execute the Symantec Endpoint Protection Manager installer.
2. Select Create a custom Web site and proceed with the installation.

After the installation is complete, a site called "Symantec Web Server" exists in IIS.

---

Note: A change in the TCP port on your default Web site may affect other applications that currently run on that site.

---

Configuring Symantec Endpoint Protection Manager to use a custom HTTP port

1. Stop the "Symantec Endpoint Protection Manager" service.
2. Open IIS.
3. Right-click the Web site on which Symantec Endpoint Protection Manager resides.
4. Click Properties.
5. Under TCP port, enter the HTTP port number you want to use.
6. Click OK.
7. In a text editor such as Notepad, open the following file:
   
   C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tomcat\etc\conf.properties
   
8. Check for the following line in the conf.properties file. Add the line to the bottom of the file if it does not already exist. Replace <port> with your chosen port number:
   
   scm.iis.http.port=<port>
   
   For example, if you chose port 8080, the line should appear as follows:
   
   scm.iis.http.port=8080
   
9. Save and close the file.
10. Restart the server that hosts Symantec Endpoint Protection Manager.

Next, confirm whether the custom port has been configured in the Default Management Server List.

To confirm whether the custom port has been configured in the Default Management Server List

1. In Symantec Endpoint Protection Manager, click Policies> Policy Components> Management Server Lists.
2. Edit the Default Management Server List.
3. Confirm whether or not the custom port has been configured for the servers inside the list. If it has, then skip to Changing the Sylink.xml file to reflect the correct HTTP Port for existing clients. If it has not, then continue to Configuring Symantec Endpoint Protection 11.0 clients to use the custom HTTP port.

Configuring Symantec Endpoint Protection 11.0 clients to use the custom HTTP port

1. In Symantec Endpoint Protection Manager, click Policies> Policy Components> Management Server Lists.
2. Click Add a new Management Server List.
3. Enter a name for the new list.
4. Check Use HTTP Protocol.
5. Click Add> New Server.
6. Enter the IP address or computer name of the computer that hosts Symantec Endpoint Protection Manager.
7. Check Customize HTTP port.
8. Enter your chosen port number.
9. Click OK.
10. Right-click the new Management Server List, and click Assign.
11. Select the groups to which you want to assign the Management Server List.
12. Click Assign.

Change the Sylink.xml file to reflect the correct HTTP Port for existing clients.
If you do not have existing clients, skip to Changing the Sylink.xml file to reflect the correct HTTP Port for new clients.

1. Log on to the client computer.
2. Click Start > Run, type smc -stop, and click OK.
3. In a text editor such as Notepad, open C:\Program Files\Symantec\Symantec Endpoint Protection\Sylink.xml.
   
   

   ---

   Note: The folder may alternately be C:\Program Files\Symantec\Symantec AntiVirus\.
   

   ---

4. Locate the following line:
   
   <Server Address="X.X.X.X" HttpVerifyCA="0" Verify Signatures="1" />
   
5. Add the "HttpPort" string to the line as follows:
   
   <Server Address="X.X.X.X" HttpPort="<port>" HttpsVerifyCA="0" Verify Signatures="1" />
   
6. Save and close the file.
7. Click Start > Run, type smc -start, and click OK.
8. A green dot appears on the Symantec Endpoint Protection 11.0 icon in the notification area of the taskbar. This green dot indicates that it has successfully connected to the Symantec Endpoint Protection Manager.

Change the Sylink.xml file to reflect the correct HTTP Port for new clients

1. In Symantec Endpoint Protection Manager, on the Admin tab, click Install Packages.
2. Right-click the Symantec Endpoint Protection 11.0 32-bit package (or 64-bit if applicable), and then click Export.
3. Select a folder to which the package should be exported.
4. Uncheck Single Executable.
5. Select the group to which you want to install the client.
6. After the export completes, browse to the folder of the exported package.
7. Make a copy of the file Sylink.xml on removable media.
8. On the client computer, click Start> Run, type smc -stop, and click OK.
9. Copy the Sylink.xml file from the removable media into the Symantec Endpoint Protection installation folder, and replace any existing Sylink.xml file.
   The installation folder may be either C:\Program Files\Symantec\Symantec Endpoint Protection\ or C:\Program Files\Symantec\Symantec AntiVirus\.
10. Click Start > Run, type smc -start, and click OK.
11. A green dot appears on the Symantec Endpoint Protection 11.0 icon in the notification area of the taskbar. This green dot indicates that it has successfully connected to the Symantec Endpoint Protection Manager.

References:
This document is available in the following languages:

• Brazilian-Portuguese: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/br_docid/20080818105714935
• French: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/fr_docid/20080818105751935
• German: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/de_docid/20080818105816935
• Italian: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/it_docid/20080818105841935
• Polish: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/pl_docid/20080818105913935
• Hungarian: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/hu_docid/20080818105940935
• Russian: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/ru_docid/20080818110006935
• Czech: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/cz_docid/20080818110015935
• Spanish: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/es_docid/20080818110019935

 

Document ID: 2007111212591048
Last Modified: 10/27/2008
Date Created: 11/11/2007
Product(s): Endpoint Protection 11
Release(s): Endpoint Protection 11.0

Site Index · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements