Symantec Endpoint Protection
What is Symantec Endpoint Protection?
Symantec Endpoint Protection (SEP) is a client-server solution that protects laptops, desktops, and servers in your network against malware, risks, and vulnerabilities.
Why Should You Use the Symantec Endpoint Protection Connector?
The Symantec Endpoint Protection connector provides visibility into the assets in your environment. You can use this visibility to:
ensure assets are managed per your security policies
find vulnerabilities quickly and remediate
How Does This Connector Work?
Lucidum executes read-only requests to the Symantec Endpoint Protection REST API and ingests only meta-data about Symantec Endpoint Protection assets. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum
Field | Description | Example |
|---|---|---|
URL | The URL for the SEP API. |
|
Username | User name for an account with read access to Symantic Endpoint Protectin | lucidum_api |
Password | Password for the user account. The password must include a semicolon (;) character. | ******************* |
Source Documentation
Creating Credentials
To create a user with system administrator permissions, see https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-protection/all/managing-groups-clients-and-administrators/managing-administrator-accounts-v17364367-d1e6/adding-an-administrator-account-and-setting-access-v8135056-d1e469.html
To generate an API token, see https://apidocs.securitycloud.symantec.com/#/doc?id=identity
Required Permissions
Only System Administration accounts can access the Symantec Endpoint Protection APIs.
API Documentation