Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

SEPM 12.1.3 Download Definition Secondary Page for File-Based Protection "stuck" on 3/31/2014 with an invalid downoad link

April 10, 2014, 7:36 am
$
0
0
I do not need a solution (just sharing information)

Hello,

The main SEP 12.1.3 download definitions page, at

http://www.symantec.com/security_response/definitions.jsp

 

shows current definitions and dates.  When you click on the Definitions link on the "File-Based Protection" section of the SEPM 12.1.3 "Virus Definitions & Security Updates" page, you are directed to the "Symantec Endpoint Protection / Symantec Antivirus Corporate Edition" page at:

 

http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=savce

 

This page appears to be stuck in the past - it displays definition Creation Dates of 03/31/2014, and invalid definition file download links.

 

There does not seem to be an obvious way to communicate this to Symantec without a business support account.   If there is one, I apologize.

Search

Is SEP 12.1 MP4a (12.1.4023.4080) vulnerable to Heartbleed?

April 10, 2014, 8:13 am
$
0
0
I need a solution

Is SEP 12.1 MP4a (12.1.4023.4080) vulnerable to Heartbleed?

 

Currently, all hosts are internal, however the SEPM does go through squid proxy to capture daily virus updates.  

 

Are these systems vulnerable?

 

How about Symantec Critical System Protection 5.2.9 MP2? vulnerable?

OpenSSL

April 10, 2014, 8:17 am
$
0
0
I need a solution

Does Symantec use OpenSSL in any of their products?

1397148570

Upgrade using a different server

April 10, 2014, 8:19 am
$
0
0
I need a solution

I am carrying out a upgrade from Sep version 11 on client pcs and servers to 12.1.4 and upgrading the from 12.1.2 to 12.1.4 on the console.I am have a new windows 2008 server. What advice can you give to keep the machines protected even when the upgrade is taking place

Computer Missing in Deployment Wizard Selection Screen

April 10, 2014, 8:37 am
$
0
0
I need a solution

I have recently upgraded my network servers and most of my clients from SEP 11 to 12 and I have a computer that the upgrade package didn't deploy on. I decided to try to use the deployment wizard to do a remote push and I am finding that the computer I want to push it to missing from the client selection screen. I am logged onto the client as administrator and am able to get on the network, and I can even see the computer under the client workstation list and it is showing "online".

How do I get this computer to show up on the client selection list in the deployment wizard?

SEP - Any protection for bluetooth?

April 10, 2014, 1:07 pm
$
0
0
I need a solution

We have some new endpoint machines with bluetooth enabled.  Does SEP offer any protection for bluetooth?

SEP, SQL 2012, and Always On

April 10, 2014, 1:35 pm
$
0
0
I need a solution

I know that SEP 12 supports SQL 2012 but our DBAs are asking if SEP will support its SQL database being configured for Always On.

Anybody know?

1397163456

Need advice on Heart Bleed Vulnerability

April 10, 2014, 2:24 pm
$
0
0
I need a solution

Hi All,

We are using SEP 12.1 RU3 . As per the qualys scan report we found vulnerable on few servers . But there is no activity detected on SEPM Reports or risk logs.

 

We need to block the vulnerable . Please advice

Search

Symantec Endpoint Recovery Tool

April 10, 2014, 6:35 pm
$
0
0
I need a solution

Hello;

I currentley have the "SERT" running off a bootable USB stick. I have a requirement to have the USB boot off a standalone computer with no hard drives. It's sole purpose is to scan other USB sticks. I have no problem when a hard drive is connected but when I remove the hard drive the system will reboot as soon as you select "continue loading recovery tool" and chose a language. Has anyone ran into this problem or come up with a work around?

Thanks

Jeff

SEPM Database Getting Down due to the size of DB

April 10, 2014, 8:59 pm
$
0
0
I need a solution

Hello Support,

 

We have Symantec Endpoint Protection manager installed on windows server 2003 and couple of Months back I have upgraded from 12.1.3 SEP manager to 12.1.4 Manager and updated the client versions too.

From Some days every three to four gap the Database goes down and Symantec Embedded Database service will stop and if we try to manually start then it will not start again.

After reading some where in support forum i have tried to shringk the database but shrink will stop at 10%.

Some where in forum mentioned like this

::::

1) Navigate to C:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\ within Windows Explorer.

2) Locate the sem5.log and rename it to sem5.log.old

3) Open a command prompt  and navigate to the following location: cd d:\Program Files\Symantec\Symantec Endpoint Protection Manager\ASA\win32

4) Issue the following command: dbsrv12 -f "d:\Program Files\Symantec\Symantec Endpoint Protection Manager\db\sem5.db

5) Start the Symantec Embedded Database service through the service control manager (services.msc).

Symantec need to create some Fix to solve this. ATM I try to install SEM again and save the DB to SQL Express. Then Restore my DB Backup to SQL Express.

::::

After doing this the database service will work for some hours like 2 to 3 hours then again same issue.

 

sem5.db Database size is 4.52 GB and sem5.log will go upto 400 + Mb in some minute then the database stopped suddenly.

 

11.x to 12.x

April 10, 2014, 10:29 pm
$
0
0
I need a solution

What is the latest version of 12.x from the upgradation of 11.0.7?

How can i shift the license of 11.x to 12.x?

How can i download the latest version for upgrade?

drive full

April 10, 2014, 10:56 pm
$
0
0
I need a solution

Almost C: drive is full in sep server. How can i create the space in drive?

Free disk space 350 mb. Used 97gb.

12.1.2 for window8.1

April 11, 2014, 1:12 am
$
0
0
I need a solution

I have newly prepare the window8.1 laptop for the user which is only pending for the symantec endpoint client, i am using sep 12.1.2, can i install sep 12.1.2 version?

Heartbleed bug on sepm consoles

April 11, 2014, 3:34 am
$
0
0
I need a solution

Hello Folks:

This is with regards to the heartbleed blog which was recently discovered. Any one found this vuln in sepm console ? since this is running in 8443.

New Risk Detected - File / Entry Unavailable

April 11, 2014, 9:06 am
$
0
0
I need a solution

Hey there -

 

About a month ago I upgraded to SEP 12.1.4 and I am loving the new feature to report risks as they are indentified.  Today I recieved a Risk Alert that was very vague and generic.  The Risk was a "WS.Reputation. 1 Malware" and the File / Entry was "Unavailable".

 

What would make it unavailable?  Is there any way to get around this in the future so we know when the alert comes in as to what file it is classifying as a risk?

 

Thanks!

Search

Create report of client version unsupported pcs

April 11, 2014, 10:45 am
$
0
0
I need a solution

Hello - please see my attachment.  IS there a way to create a report of those PCs that say "client version unavailable"  I am finding out that alot of these PCs listed this way in my SEPM are reporting to a SEPM that doesn't operate anymore.

 

Thanks

Symantec SEP 12.1.x and Servers (domain controllers)

April 11, 2014, 11:53 am
$
0
0
I need a solution

Hey guys,

I am seeking a bit of advice as it specifically relates to SEP NTP and production Windows servers (mostly virtual).  The main reason for this post results from an issue experienced early this week when we had 3 domain controllers that all became unresponsive to anything AD related. 

For about the past year we have had 12.1.2015.2015 installed on our domain controllers, all running full server protection, AV, PTP and NTP.  From what we can tell, everything has been fine as we have not noticed any trouble related to functionality.  While the specific date of installation is unclear, I know it was not this past weekend, 12.1.4013.4013 was installed on all 3 affected servers. 

Things were funtional and still nothing seemed out of the ordinary until Monday morning when a majority of domain services went offline.  Locally, ping times were high and even dropping, AD logons were excessively long and for about 6 hours, AD was essentially not working and applications were failing as a result of this.

In the end, we had to remove the NTP feature of SEP to get our AD services back online.  While I can understand best practices and the recommendation for high availability machines to not run NTP and to use basic protection (AV only), but that doesn't explain why things have been running without issue for over a year.

Essentially, my thoughts are that maybe the FW is messed up in 12.1.4 and is part of what is fixed in the teefer driver re-writes in 12.1.4.1, even if it is not directly documented.  If it is something that was not so random, I would understand that the best practice should be followed, but the fact that the behavior was random and that all three servers were running 12.1.4013.4013 indicates to me that potentially something else broke or failed to create the event.

In fact I have witnessed similar randomness on other non-DC systems that are running 12.1.4013.4013, where performance is just horrible until the FW is stopped.  However, unlike the case with the DCs, the issue will typically just go away and resolve itself.  Therefore, further making me think there is an inherent issue with the firewall in this version of SEP.  However, before making any real accusations, I wanted to ask if anyone else has seen similar behavior resulting from NTP in 12.1.4.  Not all systems are affected and the systems that are seem to be completely random.  I might have 8 application servers all doing the same thing and only one will go crazy, before randomly fixing itself.

I am probably searching for something that cannot be explained, but I still wanted to bring it to the community to see if in fact I am the only person seeing this issue.

Updating SEPM RU3 to RU4

April 11, 2014, 12:43 pm
$
0
0
I need a solution

Hello all. I would like to update our Symantec Endpoint Protection Manager to ru4. I know I need to create a rollback plan and backup my current database, but will I need to update the SEP clients (the workstations)? A message on the "MySymantec Licensing" dashboard reads like I will only update the SEPM running on our Windows Server 2003 r2 server.

"Symantec released a Security Advisory identifying a vulnerability impacting the Symantec Endpoint Protection Manager (SEPM).  The changes in the new version only address this vulnerability. These new versions will install over any previous version of their respective product. Clients do not require updating as part of the security update."

This seems contrary to the documentation I've read on updating to ru4 which tells me after updating the SEPM I will have to update the clients. We are currently running 12.1.3001.165 and would like to bump up to ru4.

1397246392

Latest from Symantec - unavailable after upgrading to SEP12ru4mp1

April 13, 2014, 4:15 am
$
0
0
I need a solution

Upgraded to Sep12ru4mp1 from SEP12ru4a and now the manager is updated but the latest from Symantec is showing "Unavailable"..Anyone else having this issue

1397455867

How to use LUA 2.3.2

April 13, 2014, 3:34 pm
$
0
0
I need a solution

Hi All,

We have one LUA 2.3.2, four SEPM 12.1.3 servers and 30,000 clients but disabled the "LiveUpdate" option in the client console.
Apart from scrpting for SepLiveUpdate.exe, how can we allow the user to access to LUA?

Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>