What is Symantec Endpoint Protection? #
Symantec Endpoint Protection (SEP) is a client-server solution that protects laptops, desktops, and servers in your network against malware, risks, and vulnerabilities.
Why Should You Use the Symantec Endpoint Protection Connector? #
The Symantec Endpoint Protection connector provides visibility into the assets in your environment. You can use this visibility to:
-
ensure assets are managed per your security policies
-
find vulnerabilities quickly and remediate
How Does This Connector Work? #
Lucidum executes read-only requests to the Symantec Endpoint Protection REST API and ingests only meta-data about Symantec Endpoint Protection assets. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum #
|
Field |
Description |
Example |
|---|---|---|
|
URL |
The URL for the SEP API. |
|
|
Username |
User name for an account with read access to Symantic Endpoint Protectin |
lucidum_api |
|
Password |
Password for the user account. The password must include a semicolon (;) character. |
******************* |
Source Documentation #
Creating Credentials #
-
To create a user with system administrator permissions, see https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/managing-groups-clients-and-administrators/managing-administrator-accounts-v17364367-d1e6/adding-an-administrator-account-and-setting-access-v8135056-d1e469.html
-
To generate an API token, see https://apidocs.securitycloud.symantec.com/#/doc?id=identity
Required Permissions #
Only System Administration accounts can access the Symantec Endpoint Protection APIs.
