I need a solution
Hello,
On SEPM 12.1xx search how to have complet list of disabled inherit group ?
With SQL request on database or other way.
Thk
How have complet list of disabled inherited group
↧
↧
Added files and domain to exclusion list, still showing as infected files
I need a solution
I have added the domain, and I get that warning about not being trusted, I have added the file. "printset.ocx" the directory AND the extension .OCX, and they are still being quarantined. I need these items NEVER to be quarantined, they are necessary.
↧
how to force "update policy" from SEPM?
I need a solution
Hello.
how to force "update policy" form SEPM?
how long time it take?
When i make changes in policy on SEMP and want to force this changes on client, comand:
right click on client -> run command on computer-> update content - doesn't work!
update policy work only from client, not from SEMP.
For example:
i need to turn off antivirus for testing purpose on client machine with non-admin account
how am i do that if all menu will be blocked by policy?
↧
Endpoint Manager console won´t open
I need a solution
Hello,
The Endpoint Manager won´t open after user & password is entered.
The window just freeze. Uninstall and Install the endpoint manager again and the problem stands.
Any help will be appreciated.
Thanks.
↧
Replication of SEPM for two different SQL Server version
I need a solution
Is it possible to replicate two SEPM (12.1RU4) using two different SQL Server. Does it matter? Scenario
SEPM A - 12.1 RU4 - SQL Server 2005 SP4
SEPM B - 12.1 RU4 - SQL Server 2012
thanks
↧
↧
Configuration s'un serveur SEPM pour télécharger la mise à jour
I need a solution
Bonjour;
je viens de finir la mise à niveau de mon serveur SEPM 11.x vers SEPM12.x ,j'ai supprimer LUA 2.2, et j'ai configurer le serveur pour télécharger la mise à jours de l'internet ,
prière m'indiquer comment configurer les autres Serveur de gestion Symantec Endpoint Protection Manager 11.x, installer à distance, pour télécharger la mise à jours à partir de ce serveur de gestion SEPM 12.x.
cordialement ;
↧
Error with SEPM Java console
I need a solution
Hi and Happy New Year,
As a Christmas present to my laptop I desided to rebuild it as the system performance was very poor. I attempted to install the SEPM console using the address; https://servername:9090
Everything appeared to install correctly, however I'm now in a situation where I can not uninstall and therefore re-install the SEPM console as the following error message appears;
I have even completely uninstalled and re-installed Java but receive the same outcome.
I can, of course, access my SEPM via a web browser but would like a solution/
Thanks
↧
SEP Client disabled inside rolled out OS images. How to re-enable..?
I need a solution
After rolling out Windows 7 images (with installed software) to PCs, the Symantec client is disabled. I am guessing that I disabled it at some point (using the taskbar icon, right-click, disable option) during preparation of the image and forgot to enable it again. At least I assume this is what happened.
So now I have a few hundred clients (rolled out with MDT) all requiring an administrator to manual right click and enable.
Is there a way that I can simple (re)enable these SEP clients so they run happily? I'm hoping for a command or scripted process that I could run from a group policy object.
(Incidentally, these clients are also not registering with the SEPM server so I don't think I can use the SEPM interface to issue instructions to them at the moment. This methodology of including the client in the image has worked in the past just fine. The priority is to get the SEP clients enabled. I'll worry about their registering in SEPM later unless it's important to have that happen too.)
Thanks
↧
Need solution to check port vulnerability with SEP
I need a solution
is there a way a port can be tested with SEP port scan ?
↧
↧
SMC service not starting after Install and reboot
I need a solution
Hello All,
I am trying to install SEP client on windows 7 ent SP1 and after the install when I reboot the system the SMC service does not start automatically and when I manually start it, it starts and stop immidiately.
I have tried enabling the SMC debug log and found this error
" StartEngine: FAILED to ImportIDS config "
can any one from symantec help me on this
Thanks.
↧
Configuring Multiple GUP's for on site servers
I need a solution
I am currently deploying SEP across my region of my company. in each of our 17 locations we have a server on site. and the SEP Manager is on a virtual server at our global headquarters. My intention is to have the server in each location be the GUP for the 30-40 computers in each location. and the 17 servers pull their updates from the SEPM. ive spent some time reading the forums and haven't quite spotted exactly what I needed yet so I wanted to post my own thread. this is my first real experience with SEP deployment so forgive me if I don't relay everything 100%.
so my current layout has My Company with 5 Groups,
Default Group
Mac Clients
PC Clients
POS Clients
Servers
At the moment I am really only concerned with the PC clients and the servers. now as it stands the goal was to have any pc client whos subnet matched the subnet of the on site server and pull the live updates from there. We have one policy set for the servers and one set for all the PC clients.
we set the live update policy server settings for the server policy with the following conditions. use default management server checked, use a live update server checked, the radio button for the default live server checked, use a group update provider, when you go to the definitions for that, multiple group update providers is checked, when you go to configure that the only condition I have set is each of the servers set by host name.
when going to the policy that is used on the pc clients live update policies server settings they are as follows:
use default management server is checked, use a live update server is checked, use the default symantec live update server is radio button is selected. use a group update provider is checked. the provider settings are as follows:
Explicit group update providers for roaming clients is checked and defined with each of the servers listed by host name.
from what I have read some people suggest moving the server clients into the same site location as its computers, some suggested uninheriting permissions and having each site location with a unique permission based off the original just having the one on site server listed. im a little past my area of expertise and would appreciate some help.
↧
Consistant SEP Errors, but no problem found.
I need a solution
I'm getting regular errors for Windows Events that SEP either keeps failing to update Virus definetions, or that none are present at all. Here are two examples:
PC Name: xxxxxxxx
PC Description: xxxxxxxx
Alert Description: Event - Application Error
Alert Condition:
Alert subject: Event
Log: application
Type: error
Alert Group: Server Alert Package
Generated: 1/7/2014 11:03 AM
----------------------------------------------------------------------
Computer: xxxxxxxx
Date/Time: 2014-01-07 05:02:43
Event Log: application
Type: Error
Source: Symantec AntiVirus
Category:
Event: 40
Message:
Symantec Endpoint Protection has determined that the virus definitions are missing on this computer. This computer will remain unprotected from viruses until virus definitions are downloaded to this computer.Application has encountered an error.
For more information, please go to: http://www.symantec.com/techsupp/servlet/ProductMessages?product=SAVCORP&version=12.1.671.4971&language=english&module=1000&error=0009&build=symantec_ent
----------------------------------------------------------------------
PC Name: xxxxxxxx
PC Description: xxxxxxxx
Alert Description: Event - Application Error
Alert Condition:
Alert subject: Event
Log: application
Type: error
Alert Group: Server Alert Package
Generated: 1/7/2014 11:03 AM
----------------------------------------------------------------------
Computer: xxxxxxxx
Date/Time: 2014-01-07 05:02:43
Event Log: application
Type: Error
Source: Symantec AntiVirus
Category:
Event: 80
Message:
Symantec Endpoint Protection has failed to load the latest virus definitions.
----------------------------------------------------------------------
I'm really scratching my head on this one. According to the KB, Symantec is aware of Event ID 40, but doesn't have a solution (and hasn't updated their research in 4 years). I can't find any help for Event ID 80. We seem to get these about every week or so. I log into our AV Server, and it detects nothing wrong with this particular server and says that everything is running fine.
Any ideas?
Thanks in advance!
↧
Upgrade SEPM and Clients to Correct New Vulnerabilities (CVE-2013-5009, CVE-2013-5010, CVE-2013-5011)
I do not need a solution (just sharing information)
Symantc has just posted the following notice:
Symantec Endpoint Protection Privilege Assumption, Policy Bypass, Local Elevation of Privilege
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00Affected Products
Product
Version
Build
Solution(s)
Symantec Endpoint Protection
11.x
All
Upgrade to SEP 11.0.7.4 or the latest release of SEP 12.1.x
Symantec Endpoint Protection Small Business Edition
12.0
All
Upgrade to latest release of SEP 12.1.x
Symantec Endpoint Protection
12.1.x
All prior to 12.1.2 (RU2)
Upgrade to latest release of SEP 12.1.x
Though Symantec is not aware of any malware or attacks which exploit these vulnerabilities at this time, please do ensure that your organization is upgraded to the latest releases (12.1.4 or 11.0.7.4) to remain invulnerable and to avail of the many other enhancements, improvements and fixes.
↧
↧
Centrally managed exclusions
I need a solution
Hello!
Regarding the following post:
Since it works to choose "[NONE]" as the Prefix and just type the application name, SEP will ignore the application wherever it finds it, Is it also correct to assume that it will work the same way for folder exclusions?
Let's say i have a folder that i want to exclude from scanning: "C:\Users\%username%\AppData\Local\Lotus\Notes\Data", and %username% is not an allowed wildcard, will it work if i set Prefix to "[NONE]" and Folder to "Lotus\Notes\Data", SEP should ignore the Data folder in the following example paths:
"C:\Users\John\AppData\Local\Lotus\Notes\Data"
"C:\Documents and Settings\Jane\Local Settings\Application Data\Lotus\Notes\Data"
Is my assumption correct?
By the way, i'm using the central exceptions Policy on the SEP Manager V12.
↧
Can't find database backup and restore
I need a solution
Hi,
I'm trying to go through the steps to upgrade Symantec to 12.1 RU4. I need to perform a backup of the database but I cannot find the Database backup and restore. I have looked everywhere on our Symantec server and can't find anything. I don't think we have been backing it up this whole time! Is there a link where I can install the backup and restore?
server 2012
↧
SEP 12.1.4 rollout
I need a solution
Hi All,
We have rolled out SEP 12.1.4 on workstations through adding package to the groups,
1) We got SEP installed successful on some
2) Rolled back on some
3) Restatring Pending error on some
4) and most are still shows "NO STATUS UPDATE" when we check in deployment status.
My concen is with not first 3, however with no status.
why is it still shows no status when there is already package added?
Can any one help please.
We also tried through Deployment wizard, however same result.
Thanks!
↧
Events coming from my router
I need a solution
Hi I have SEP 11.
Once in a while I get DOS notofications:
Denial of Service "UDP Flood Attack" attack detected.Description:An excessive number of User Datagram Protocol (UDP) packets are being generated on this computer causing 100% CPU utilization.
And then SEP blocks the traffic:
Traffic from IP address xxx.xxx.xxx.xxx is blocked from 10/01/2014 23:17:08 to 10/01/2014 23:18:08.
What makes me curious is that the IP address of all the attacks is my local wireless router.
Is is "normal" to have the attacks appear as the come from the local router?
Thanks in advance!
↧
↧
SEP 12.1.4 url filtering and content blocking
I need a solution
Hello all - this is a general inquiry to the community to solicit suggestions.
We have Windows 7 Pro SP1 64-bit clients running SEP 12.1.4.
1. Is anyone aware of any incompatibilities with Internet Explorer SmartScreen Filter(ing) (IE8,IE9,IE10,IE11) and SEP download insight? Or, any incompatibilities between SmartScreen Filter and SEP clients in general?
2. We like the concept of SmartScreen Filter to block malicious websites (malware, phishing, etc.) but there is no way to white list URLs other than placing them in the Trusted Sites zone and turning off SmartScreen Filter for that zone. Even legitimate sites get compromised from time to time so we're not real keen on putting sites we have no control over in the Trusted Sites zone.
So, we're looking for alternatives. Our network appliance can filter URLs, but there are drawbacks, ex. performance, to using the appliance. Other options we're aware of but haven't tested are 1) Norton ConnectSafe - sounds like a good idea - use Symantec's DNS servers to filter URLs - easy to set up, but don't know the cost or effectiveness. 2) Norton SafeWeb - looks like it is a toolbar, don't know if it works with SEP or if it will actually block a malicious website or just warn.
3. Given the spread of phishing attacks and the like, we would expect something like SmartScreen filter to be incorporated in to SEP. We like the flexability of configuring SEP's download insight, white lists, etc. and Symantec's reputation based filtering. URL filtering would be a great addition to browser IPS in SEP 12.1.
Any thoughts or further alternatives are welcome. Especially any experiences with SmartScreen filter implementations and SEP.
Regards,
Wally
↧
causing problem to outlook
I need a solution
Hi.
A client system running SEP 12.1 has problem communicating with Mail Server.
client machine stops pinging the mail server at any time.
for the solution, we restart PC, the problem is gone.
after some time it again stops pinging mail server.
After outlook and PC troubleshooting, I had to remove SEP from clinet machine and installed other free antivirus.
outlook is working fine all the time since then.
I am still skeptical on what is causing in SEP to occur tihs issue.
Please guide.
↧
LiveUpdate Administrator 2.x with SEPM x64
I need a solution
We have a an estate with LUA 2.3.1, SEPM 12.1 RU4 and a mix of Windows x86/x64 clients 12.1, 12.1RU1, 12.1RU2, 12.1RU3 & 12.1 RU4.
We currently download all components for each of those products on our LUA and it uses a tremendous amount of storage space. I know we don't need to download all of that having read support articles as we download definitions from the LUA, deliver to the SEPMs (which are all now 12.1 RU4 64-bit) and the clients download definitions from them.
I now know that I only need to download the "Manager" specific updates as our clients don't update from the LUAs however I need to know one thing. Do I still need to download the manager updates for all versions (i.e. 12.1, 12.1RU1, 12.1RU2, 12.1RU3 & 12.1 RU4 because I have all of those versions of clients) or do I just need to download the manager updates for 12.1RU4?
Thanks.
-
↧
More Pages to Explore .....
