For this demonstration, I will be using Symantec Endpoint Encryption 11.0.1 on Windows Server 2012 R2 Datacenter, 64-bit.
Image may be NSFW.
Clik here to view.
This demonstration assumes that you have a compatible database already created for use with the product. System requirements and compatible versions of MSSQL can be found here:
http://www.symantec.com/docs/TECH224478
This demonstration also assumes that you have properly prepared your server Roles and Features in preparation for installing the Symantec Endpoint Encryption Management Server. If you have not done so already, please check the following article for further instruction:
https://www-secure.symantec.com/connect/articles/symantec-endpoint-encryption-1101-initial-server-configuration
1. Download Symantec Endpoint Encryption from https://symantec.flexnetoperations.com
Image may be NSFW.
Clik here to view.
2. Right-click on the zip file, and select “Extract All...”. Choose a destination for the extracted files, and click “Extract”.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
3. Double-click on the SEE Management Server package. The same package is used for 32- and 64-bit systems. When prompted by Windows Security, click “Run”.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
4. Click “Next”.
Image may be NSFW.
Clik here to view.
5. Read the License Agreement. When you are finished, if you agree, select “I accept the terms in the license agreement” and click “Next”.
Image may be NSFW.
Clik here to view.
6. Next you will be asked to enter the database information for creating a new database instance to hold client system information. Click “Browse”. Select the database server you would like to use, and click “OK”.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
7. Enter the credentials of an account that has privileges on the database server to create a new database instance, and create and modify a database user account and account privileges. Typically the “sa” account is used, but depending on your setup, this may use Windows credentials or other database credentials.
Image may be NSFW.
Clik here to view.
8. In this example, we are creating a new database, but if your environment has an existing SEE database, you can select “Use existing database”. Using the default database name of SEEMSDb is recommended, but not required.
Image may be NSFW.
Clik here to view.
9. Next we will specify an account to be used for server communication to the database. It can be an existing domain account, or a SQL database account. The previous user credentials we used to create the database will also add this user to the database and assign proper permissions. In my example, I am using a Windows domain service account. Choose the account type and click “Next”.
Image may be NSFW.
Clik here to view.
10. Enter the credentials for the communication account and click “Next”.
Image may be NSFW.
Clik here to view.
11. In most cases the database configuration/size will not need to be modified. Click “Next”.
Image may be NSFW.
Clik here to view.
12. Create a management password for the Symantec Endpoint Encryption Management Server. This password will be used for a few specific things, detailed on page 31 of the installation guide. After you create the password, click “Next”.
Image may be NSFW.
Clik here to view.
13. Select an installation path for the product, and click “Next”.
Image may be NSFW.
Clik here to view.
14. To begin the installation, click “Install”. If you want to change any settings to this point, click “Back”. When you click install, the program installation will begin.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
15. When the product finishes installation, click “Finish”. After a few moments, the SEE Configuration Manager will appear.
Image may be NSFW.
Clik here to view.
16. Choose whether you would like to submit anonymous data to Symantec to analyze and help improve the product functionality, and click “Next”.
Image may be NSFW.
Clik here to view.
17. Enter the Web Server configuration data. It is recommended to use HTTPS, but for my purposes here I selected HTTP communication for client-to-server communication. A service account with a non-expiring passphrase should be used for access. The account only needs to be a standard domain user. When finished, click “Next”.
Image may be NSFW.
Clik here to view.
18. Click on the green “+” symbol to set up AD configuration.
Image may be NSFW.
Clik here to view.
19. Enter your AD Forest information. You will need to use an AD account to facilitate communication with a catalog server to complete AD Sync. We again recommend using a service account with a non-expiring password. TLS/SSL is recommended. When finished, click “Next”.
Image may be NSFW.
Clik here to view.
20. Click “Finish”.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
21. Open the IIS Manager. You should now see a web site with Symantec Endpoint Encryption Services. After verifying this, close the IIS Manager.
Image may be NSFW.
Clik here to view.
22. Next we will also do a brief walkthrough for a few component installations. Since everything else requires the Management Agent, we will start there. Double-click the SEE Management Agent appropriate for your server. Mine is 64-bit, so I have selected the 64-bit installer.
Image may be NSFW.
Clik here to view.
23. Click “Run”.
Image may be NSFW.
Clik here to view.
24. Click “Next” to begin installation.
Image may be NSFW.
Clik here to view.
25. Read the next screen regarding multi-factor authentication, and click “Next”.
Image may be NSFW.
Clik here to view.
26. Read the license agreement, and if you agree to the terms, select “I accept the terms in the license agreement” and click “Next”.
Image may be NSFW.
Clik here to view.
27. Select which authentication you wish your users to use, password or PIV (smart card) authentication. Click “Next”.
Image may be NSFW.
Clik here to view.
28. Select an installation directory, and click “Next”.
Image may be NSFW.
Clik here to view.
29. The next step confirms the location and communication for the SQL database that was set up in the SEE Management Server. Click “Browse”, select the appropriate database server, then click “OK”.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
30. During the installation process, some changes will be made to the SQL database. These changes require a valid login for the database server, which can either be the currently logged in user credentials, or a SQL account, such as the “sa” account. Since I set up no permissions for my current AD account, I chose to use the “sa” account, and entered the login ID and password. After selecting the login method, click “Next”.
Image may be NSFW.
Clik here to view.
31. Enter the current Management Password set up in step 12. Click “Next”.
Image may be NSFW.
Clik here to view.
32. Click “Install” to begin installation, or “Back” to make changes.
Image may be NSFW.
Clik here to view.
33. When installation completes, click “Finish”.
Image may be NSFW.
Clik here to view.
34. Install the remaining components that you desire. I have included screenshots for the Drive Encryption and Removable Media installs, and you can see that the remaining components are fairly straightforward, and require little input.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.