Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

Download Insight Exceptions - Does not seem to be excepting folder

April 4, 2014, 11:41 am
$
0
0
I need a solution

We recently pushed out 12.1.4 to a subset of our user community and have been recieving false positives from download insight.  I am waiting for the team responsible for the application to get it to symantec but in the meantime we have been adding exceptions to the list.  However we continue to see risk detections on one folder that was added to the exceptions using a variable.  The folder is \users\%user%\appdata\local\assembly\dl3.  I've added using both [common_appdata] and %userprofile% for the users\%user% portion but we continue to see this folder detected for individual users.

1396642007
Search

tracking.teebic.com (loa.teebik.com)

April 4, 2014, 11:42 am
$
0
0
I need a solution

Hello,

I have a problem with the subjected sites which seem to auto-open regularly without my consent. Windows XP, Windows 7. It seems that Browsers are affected. Alrady tons of webseites with very recent dates posting "how to remove guides". However, this/these malwares seem resiliant toi ANY antivirus/antiadware/antimalware/... programs available.

Any positive experiences or maybe a Symantec solution?

Thanks in advance,

[SID: 55000] IRC Identification Signature attack detected but not blocked.

April 4, 2014, 12:29 pm
$
0
0
I need a solution

For some reason when I receive the IPS alert as seen below, it's not blocking the traffic. I searched and found an identical posted article but it contained so solution. After opening IPS policy, I opened the Exceptions to see what rule 55000 was set for by default. It shows it as Block and Log. So why is the logged alert showing it as detect only?

 

Version: 12.1.2015.2015

[SID: 55000] IRC Identification Signature attack detected but not blocked. Application path: \DEVICE\HARDDISKVOLUME1\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHPLAYERPLUGIN_12_0_0_77.EXE

Active Directory Queries via Proxy of Child Domain

April 4, 2014, 12:44 pm
$
0
0
I need a solution

Does SEPM have any issues with adding an active directory server that is a member of a child domain, where system and user OU's are held in a higher level parent domain and queries are handled via proxy mode from the child domain.

Need to know if this will work.

SEP client turns off frequently

April 4, 2014, 12:58 pm
$
0
0
I need a solution

Hi,

 

I have few SEP11.5 clients running in win7 and it turns off frequently, when i checked the status in the console it shows the last reporting time as few mins before.

 

This happens frequently can anyone help me on this, any help will be appreciated.

 

Regards,

Lokesh

difference between import acive directory and directory services on SEPM console

April 5, 2014, 4:30 am
$
0
0
I need a solution

what is difference between import acive directory (Client tab) and directory services (Server property) on SEPM console.

 

Bother place information are same...

if want to implement AD with SEPM what are steps... (please give info  in short)..

 

thank you very much for your time...

 

SEPM Virus Definition Issue

April 5, 2014, 9:55 am
$
0
0
I need a solution

Dear All,
 

We are using SEPM 11x and facing a very unique problem everyday (for me its unique though) :-

 

Everyday In SEPM Home Window . There is a new Virus Definition Distribution indicating Date. I dont know from where its getting update for  Virus Definition Distribution because server is not connected to internet. Is it making these definitions itself .  I have no clue. Please guide me.

Here is the snap fyr..

Snap.JPG

Thanks and regards,

Navii

 

problème de la mise à niveau vers la version 12.1

April 6, 2014, 7:35 am
$
0
0
I need a solution

bonjour;

j'ai lancé la mise à niveau des postes clients, mais quand le client se met à niveau ( à la nouvelle version), je reconnu les problèmmes suivantes :

  • Les PC sont devenus instables :
  • Outlook se bloque, impossible d’envoyer ou de recevoir des messages ;
  • Pas d’internet ;
  • Aucun accès aux partages ;
  • Impossible d’éteindre le PC, il faudra appuyer sur le bouton Off.

S.V.P , est ce qu'il y a une solution

salutation;

Search

linux verion

April 6, 2014, 11:13 pm
$
0
0
I need a solution

Hi mick2009

I’ve encountered problem upon enabling autoprotect in other rhel version.

[root@php-sshpa-localfse01-ibmhs21 ap-kernelmodule-1.0.14-13]# ./build.sh
Kernel release is not set, build the kernel modules for the current kernel release(2.6.9-42.ELsmp)
Kernel headers/makefiles directory is not set, use the default /usr/src/kernels/2.6.9-42.ELsmp-x86_64
Kernel headers/makefiles directory /usr/src/kernels/2.6.9-42.ELsmp-x86_64 does not exist.

Build was stopped due to error.

Can you provide us with the ap-kernelmodule-1.0.14-13 for the linux version below?

Linux version
RHEL 4.4, 4.7, 5.8, 5.5

Thanks.

0
1396868286

Can SEPM show OS 32bit or 64bit ?

April 7, 2014, 12:57 am
$
0
0
I need a solution

Hello,

We are using 11.0 SEP and SEPM, in client tab, I can't see OS is 32bit or 64bit, any another way to see ?

Thanks

Clients receiving full definitions continuously instead of deltas

April 7, 2014, 1:24 am
$
0
0
I need a solution

Our network is flooded with updates from either the SEPM or GUP's as all clients are receiving full.zip updates instead of deltas.

SEPM x 4 (28000 clients): SEP 12ru4a 

SEP clients: SEP12 RU1 thru SEP 12 RU4.

 

Any idea on what the cause could be?

 

Replace Sylink file for client that unable connect to SEPM

April 7, 2014, 2:34 am
$
0
0
I need a solution

Hi All,

 

I working in an enterprise enviroment that consist of 3 hq, 15 major site & 300 branch. My SEPM was 12.1.4, and my clients was various from 12.1.4 to 11.0.3

Lately i suspect my group of client had more than 20% having communicating problem with SEPM,

Their sympothoms are Last status change was within 24 hours but SEP client was not online at all, Virus Definition and Last Scan was Longer than 24 hours.

Example:

Last Scan: 2013.01.19 5pm

Virus Definition:2013.01.24 r2

Last Status Change:2014.04.07

 

Can i seek your pointer on your experience to replace the sylink file?

Below is the mathod that i had tried:

Sylink Replacer

Able to work for small scall & Local but having problem for branches for small bandwidth

 

Enabled policy for HI Check to run SMC -Start when detecting SEP Client not running

The Function was not run well as for among 10 pc only 3 to 4 pc was able respond to this HI Check. Other are still the same.

 

Reinstall SEP

Able to be a workaround but still consume time involve a lot of man power

 

Can i seek your advice and please do let me know if my troubleshooting steps was not right.

I am very apppreciate your advices & pointers

 

Thanks

CHHOWA

Matching products in Liveupdate Administrator

April 7, 2014, 3:19 am
$
0
0
I need a solution

Our Symantec Endpoint Protection Manager runs 12.1.4023.4080 version, but has no Internet connection. So, I have installed and configured Liveupdate Administrator to run on a server with Internet connection and serve updates for our internal SEPM server.

The problem is, I can not figure out which product to choose to match the requests from SEPM. With the SEPM version above, which product(s) should be configured in Liveupdate Administrator to allow a complete update of all definitions used in SEPM? Is there a document that describes this or this anyone out there who knows how this works?

Http redirect

April 7, 2014, 4:17 am
$
0
0
I need a solution

Hi,

 

I Configuring Gateway enforcer i set enable http redirect on client is not running

 

Currently Http redirect on clients is not working,

 

Thanks,

Jonell

 

How many SEPMS can connect to embedded database.

April 7, 2014, 4:40 am
$
0
0
I need a solution

Please suggest,

 

 

what is maximum nos of SEPM, we can connect to SEP 12.1 embeded database.

Search

srtsp64.sys cpu usage high

April 7, 2014, 5:19 am
$
0
0
I need a solution

Hi expert

SEP 12.1.2100 run in Win2k8 r2.

I found System Process usage over 25%.

My VM has 4vcpu so system process using 100% 1 of CPU(CPU1).

I use Process Explorer, srtspx64.exe using cpu.

Could you tell me what is srtspx64 and why srtspx64 using CPU high?

Thank you

Hiro

Replication server functionality

April 7, 2014, 6:04 am
$
0
0
I need a solution

Can anyone provide the Pro's and Con's using a Replication server and what does a replication server really do?

Will it provide a place where policies and logs get received and then sent to the primary SEPM later on? What is the impact on network bandwidth>will it assist or merely a backup if the primary SEPM fails?

Running SEP 12RU4a with +- 28000 clients, 4 SEPM's . Site A (HQ) and Site B(remote site with about 3000-5000 clients max)

What are the requirements? Can it provide definition updates as well?

SEPM Install database connection problems

April 7, 2014, 12:35 pm
$
0
0
I need a solution

So we're trying to install the SEPM on a Windows 08 R2 box and we're using the SQL database option.

The SQL database is running MS SQL 2012 SP1. The SEPM version we're trying to install is SEP 12.1.4a.

 

We are able to connect to the database during step one, we're able to create a new database, and make it to the end of the install.

We get to the "Preparing database" window at the very last step and it fails with a generic "Failed to connect to database". Firewall issues doesn't seem to be the issue, since connectivity has been verified by the DBA.

 

Can anybody advise?

 

Device Control policy - printer showing disabled when allowed via the policy

April 8, 2014, 4:14 am
$
0
0
I need a solution

Hello,

I have a question regarding Device Control policy. We are using it to block some devices. However I allowed USB printer from the policy and on the PC it was showing in Device Manager that the printer is disabled. User had to enable it manually and it was working.

Shouldn't device enalble automatically after it it allowed from Device Control policy or user will have to enable it then manually?

OpenSSL bug

April 8, 2014, 5:16 am
$
0
0
I do not need a solution (just sharing information)

Quick heads up, a vulnerability was announced yesterday for OpenSSL and registered under CVE-2014-0160:

https://www.openssl.org/news/secadv_20140407.txt

A SEPM on 12.1RU4a runs OpenSSL v1.0.1e and is presumably affected.  I've not had a chance to check RU4MP1 yet.

As with the previous SEPM vulnerabilty, this should only really affect those who allow communications with external endpoints.  If everything is internal, then your exposure will be limited.

Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>