There are two types of licenses. There are ' workstation ' licenses and ' server ' licenses. Workstation licenses are consumed by systems running workstation OS's and Server licenses are consumed by systems loaded with Server OS's You may install the Console more than once as needed, but bear in mind that no single installation of the Console will keep track of all the computers being used with Ghost. This article outlines the licensing concepts and explores licensing scenarios.
Symantec Encryption functionality may be fully or partially disabled until a valid license number is entered. The process of entering a license number into Symantec Encryption software is called License Authorization and enables one or more seats or users of Symantec Encryption software. Symantec Enterprise Division reserves the right to audit systems for licensing compliance as per the End User License Agreement.
Symantec Endpoint Encryption license meter is per device such as number of laptops or desktops to be covered. For example, if SEE Drive Encryption is installed on systems, then a licence for seats would be needed. If an additional 50 seats was installed with SEE RME, then another 50 seats would be needed for a total of seats needed. Symantec Endpoint Encryption products do not employ the use of a license number as do the rest of the encryption products in this document.
Symantec Email Encryption Symantec Drive Encryption Symantec File Share Encryption All of these Encryption Desktop features listed above are licensed per user, meaning individual users actively using the Symantec Encryption Desktop software either on the same system or any profile on the same system.
The exception to this rule is Symantec Drive Encryption, which is licensed per device. Example 1: One user on one or more profiles per system must purchase one copy of Symantec Encryption Desktop.
Example 2: Two users on one or more profiles per system must purchase two copies of Symantec Encryption Desktop. Example 3: One user wanting to use Symantec Encryption Desktop on five different computers must purchase five copies. Example 4: Symantec Drive Encryption enables a user to encrypt the entire hard drive of a computer. After the system has been encrypted, the system cannot be booted until a passphrase password has been entered.
In some cases, this is the only encryption functionality that will be used. Symantec Drive Encryption will allow multiple users to be added to the software to boot a system. This applies for Administrators wanting to add themselves to the Symantec Drive Encryption software See the screenshot below to see the Drive Encryption shelf. The latter product does use license numbers and can be downloaded from the Broadcom portal. To understand how our products are licensed, see KB article Scroll down to the "Additional Information" section for many useful articles to help you get started with Symantec Encryption Products!
Click on "My Entitlements". This group has been pre-created in the provided firewall policy, you simply need to add your Citrix server addresses to it. It should be noted that administrators will only see multiple instances of SmcGui.
If published applications are used solely then there will be no multiple instances of these processes and there is no requirement to follow the steps in Appendix D. While it is possible to run the Symantec Endpoint Protection Manager on a terminal server, it is not recommended if the terminal server is to be hosting a large number of terminal sessions due to the performance overhead of the Manager services, particularly when updating definitions and running the Java console.
Future versions of Symantec Endpoint Protection are already in development and there are many changes being made to the code to provide better optimization in terminal services environments.
Until these enhancements are realized, the steps in this whitepaper will provide the same performance benefits. All the steps in this whitepaper have already been performed on several large Citrix deployments on Symantec customer sites and all participants have been extremely impressed at the performance benefits that these modifications bring about.
For the purpose of testing, anonymous access to Citrix applications was configured. Common business applications, such as Microsoft Word and Excel were installed onto the Citrix servers and were published through the Citrix Web Interface. In addition, a full desktop was also published.
The Windows firewall was turned off on all servers, as the SEP firewall was used, initially with the default firewall policy from In the same way, 10 anonymous sessions were established to each Citrix server — separate tests were performed for published applications and the published desktop.
In both cases, the task manager was observed from a console connection. Changes were then made to the clients on the servers and re-testing was performed to see the difference in performance and processes that were loaded. Each change was made separately, then tested. Once the process and AntiVirus and AntiSpyware optimization were complete, work was started on the firewall ruleset, with an initial ruleset being put in place that allowed all communication to and from the domain controller and blocked and logged all further traffic.
Rules were then created per each block rule that allowed the Citrix and Terminal Server processes until there were no more blocked requests related to Citrix or Terminal Services processes. All tests were then re-run with this new ruleset in use to confirm overall functionality. In addition, Citrix farm administration tasks were also performed from each Citrix server to ensure that server to server communications were still working correctly.
Once all performance changes and testing had been completed, functionality tests were run against the SEP clients running on the servers to prove that core functionality had not been affected by the changes put in place. Virus detections still occurred and users were notified, clients were able to be managed from the management console, and would accept commands and update content and policies successfully.
The following additional processes can be seen running on a Windows terminal server running SEP Client:. Diagnostic Facility COM Server — manages diagnostic facility tracing when used to diagnose problems with the Citrix server.
Provides information and notifications regarding licensing events on the license server if server is a Citrix License Server. Citrix Print Manager Service — handles the creation of printers and driver usage within Citrix sessions. Citrix Encryption Service — Handles encryption between the client device and the Citrix server.
Citrix Health Monitoring and Recovery — Provides health monitoring and recovery services in the event problems occur. Citrix Services Manager - Allows the components of Presentation server to interact with the operating system. Citrix Independent Management Architecture — provides management services within the Citrix farm. Citrix Licensing — Handles allocation of licenses on the license server if server is a Citrix License Server. Enterprise and Platinum versions to manage the Citrix Streaming Client when streaming applications.
Citrix License Management Console — provides the web-based interface for licensing administration. From this point onwards, SmcGui. There may however still be instances of ccApp. You can either kill these tasks from Task Manager or wait for the user to log off — ccApp.
0コメント