We’ve done some research into making SEPM available over the internet, including review of multiple other forum posts and KB articles:
Based on this reading and those postings, we’re considering the following to allow clients to communicate both on- and off-network, as we have systems that come and go, some that are always on the company network, and others that are almost never connected to the company network. Our goal is to allow clients to continue to communicate as they come and go. We’ve considered setting up an instance in the DMZ and configuring replication, but I think there’s a better way to go about it.
Configure internal and external DNS entries for sep.company.com or similar. Those DNS entries will point to the internal address for SEPM for internal DNS and the external IP (to be NATed) for the external DNS entry. 8014 would be open for that one public IP. Clients would be left in push mode (is there a reason that pull is recommended for this?) as they should be able to reach the server as long as they have an internet connection; this would require a change in sylink for clients, which could be done remotely with other tools. None of the management and reporting ports would be open to the internet. Has anyone architected similar with success or gone about tackling this problem in a different way that they would recommend?
font-family:”Arial”,sans-serif;color:black”>We would like to know why when Cache load more than 100% it will causing traffic will be deep and what is the action taken by Bluecoat when Cache load is more that 100%. From my understanding it supposedly will not causing any impact.
I am new to the SEP product have been tasked to deploy it in a new envoirnment.
It has no access to the internet. I connect to an upstream server for updates.
I have managed to install and deploy the SEP client to a few servers but notice that they are not getting any definition updates. They are also looking to default sources for the live updates on the internet.
How can I configure my SEPM to provide live updates to the clients?
Can it provide Live Updates or do I need a separate installation of the Live Update Administrator (LUA)?
Does the LUA need a separate license? I already have one for SEP and SEP clients.
The environment has no Internet access and needs to have limited connectivity to the outside world.
The network is small. Less than 200 clients.
What are my options?
We are doing content filtering with the BlueCoat Proxy as well as doing SSL intercept with it.
We’ve been attempting to block Hulu and Netflix for a while now. Unfortunatley we’re not getting the results we’re expecting.
When adding the www to the URL I notice it does pull in a bunch of content servers which we also added to the block list but the site still loads. We tried the Application Control feature of Bluecoat and checking the Hulu box but still no affect at all and the site is still accessible.
Looking for insight from others that have successfully blocked these sites for HTTPS as well as HTTP.