Hello,
I have a problem with symantec endpoint protection manager 12.1.6
After installing this version I noticed that the embedded database service crashes and remains in the starting state and the server becomes nonfunctional, I reinstall the symantec server again but the problem remains, and the empbedded database service crashes again
Could you please help me
Thanks
Remarque : OS: 2012 Server R2
Is there a way to exclude any attacks from generating notifications?
We have an internal security scanner that searches for vulnerabilities and generates a number of attack events. I would like to exlude these, so there is more meaningful data present sent to us when a real attack does occure.
I know I cant disable tamper notifications, but can i stop them from generating and emailing out notifcations?
Hi guys,
I just noticed that my clients do not have any scheduled on their computers and i was wondering what would be the best way to do it through SEPM.
Thanks guys!
Hello
We have SEP 12.1.6 on one server with 300 clients and we want to move SEP from this server to new server with new server name and new server IP. How we move SEMP server to another server and SEP client will also updated with new server name and IP
Thanks
hi,
i made an upgrade plan based on the official one.
I want to upgrade 2 Managers (12.1.6 MP1) without replication and both are connected two one shared SQL DB.
Step 1: Create an upgrade plan
Step 2: Back up and prepare for disaster recovery (critical)
- Disable the "Protect client files and registry keys" Application Control Policy
- Remove client packages assigned to the client groups
Step 3: Enable local authentication
Step 4: Stop the Symantec Endpoint Protection Manager service on both Managers.
Step 5: Upgrade the Symantec Endpoint Protection Manager (Primary First)
Step 6: Upgrade the Symantec Endpoint Protection clients
is there anything else to add or does this look good?
Thanks.
Dear All,
I am trying to install Symantec on remote computer using Client Remote.exe
1 . Finally SEP is installed on server, but the Log show not installed, could you advise ?
04/18/2016 23:13:26:065 SEPprep starting!
04/18/2016 23:13:26:284 Attempting to run: Autopcc.exe
04/18/2016 23:13:26:409 Exit code: 0
04/18/2016 23:13:26:409 Attempting to run: SEPsetup.exe /s /v"/qn /l*v "C:\Windows\TEMP\\SEP_INST.LOG" IDCENABLE=0"
04/18/2016 23:14:16:591 Exit code: 0
04/18/2016 23:14:16:591 Symantec Endpoint Protection is NOT installed.
04/18/2016 23:14:16:591 Added tool to local system RunOnce key, please reboot to run tool again.
04/18/2016 23:14:16:591 SEPprep stopping!
============
2. Also when i use the same SEPprep for remove Mcafee & VSE, its removing VSE and not removing Mcafee Agent ?
SEP - 12.1.6 , Mcafee agent - 5.0.2 , Mcafee VSE - 8.8
Hi all,
In our environment we currently have 7 different locations. We want our SEPM to be located at our datacenter (central to everything) although we the administrators are located at the Main Office.
My main questions are
Included is a general example of our network layout.
Any information would be great, thanks everyone!
Question:
Looking to upgrade our Domain from Windows 2008 R2 to Windows 2012 R2. Our Symantec Endpoint Protection Manager is a member server and I just need to know Symantec will still function if we upgrade our Domain?
All folders in my mapped network drives are change to shortcuts and it points to fuoawx.exe file. Does anybody encountered similar issue? How will i clean the affected frive. Need help. Thank you
Hello
We have 500 users and I want to implement SEP 12.1.6 what Database type I will select
embadded or SQL, and what is recommended from Symanted embadded or SQL
Thanks
Bonjour;
J’avais un serveur SEPM 12.1.6 MP3, avec une base de données intégrées, j'ai mis à niveau le serveur SEPM 12.1.6MP3 vers la version 12.1.6 MP4 et j'ai installé une base de données SQL 2012 ( OS Windows server 2012)
maintenant au niveau de la console, les clients ne sont pas connectés, et même si je force les clients manuellement à l'aide de SyminkDrop, les clients ne se connectent pas ; prière m'aider à résoudre le problème parce que j'ai plus de 2000clients
pour information : j'ai exécuter Symhelp au niveau des machines, mais il ne me donne aucune erreur , aussi au niveau de journal d'évènenement je ne vois pas l'onglet Symantec comme avant
Cordialement;
Dear All,
We have an environment of 7000+ Endpoints and two management servers. Currently we have SEP 12.1.6 MR3. Upgarde 2 months ago. Now we plan to upgrade to 12.1.6 MR4.
Please mention the steps and preparartion required.
Hi all. This is a request for clarification about how it is that malware can bypass SEP (or any AV). I'm not asking how to do it, rather I need to understand better how it happens in order to carry on intelligent discussions with colleagues and customers alike about how important patching is.
You see in IT security discussions/blogs all the time how they say some zero-day flaw exposes a host to infection, and you see statistics about percent of unpatched systems to known flaws, etc. That recent one from Talos about 3 million unpatched Internet-facing servers running Destiny (the middleware, not the game :) ) is a good example.
But what I never did look into was, is that a moot point if the computer in question is using a commercial endpoint security solution? Let's assume there is no network-level IPS or anything and we're talking just endpoint security. And I fully understand that AV and hostt-based IPS etc. is not 100% effective and that's fine, but does exploiting zero-day or unpatched known flaws somehow bypass endpoing security? I'm sure the answer is not black and white, so perhaps the question is more about proportion - how much more likely are systems with unpatched holes to get infected if they happen to also be running current and commercial grade endpoint security.
And again this stems from how I contiuously see artidcles that talk about how some unpatched flaw was used to allow infection to occur, yet these same articles never talk about how effective or not was the endpoint security. You almost have to wonder if endpoint security does anything at all in these situations.
Thanks, sorry if this request is long-winded, haven't had my coffee yet.
We are trying to perform an in-place upgrade from Windows 7 to Windows 10. We have SEP version 12.1.6318.6100 installed, which is supposed to support Windows 10, however it is still preventing the Windows upgrade.
Is there a way to pull a list of the client versions in a report format?'
I'm trying to see which servers are not up to date on their client
I have two, 2008 R2 servers that are both currently running version 12.1.6 (12.1 RU6 MP1) that I need to upgrade to the latest version. What are the steps to upgrade these two servers? Do I need to break the replication first and then upgrade each one and then re-setup the replication again?
hi
we have this problem :
we want to block all quick time plugins from starting on MAC OSX and WINDOWS 7 and 10
the quicktime program is allowed to run but not the plugin... is there a way to block it
/ Thomas
Scenario:
There's one main 2003 R2 domain server with say 40 or 50 workstations connected to it. The server has no internet connection.
Now I know I can manually get the new definitions from here:
https://www.symantec.com/security_response/definit...
And this page describes how to install them:
https://support.symantec.com/en_US/article.TECH102...
That's all fine and dandy. I've already done this, everything is working perfectly. Now my question is, the next time I want to update, and I inject this file into SEPM on the server, will all the workstations try to download a brand-new 500+MB .jdb file off the server, thus crashng my network (for lack of bandwidth)? Or will they only try to pull a part of the file for an incremental update?
Thanks
We have three SEPMS running 12.1.6 MP4 on Server 2012. I was feeling pretty confident about my knowledge of using exceptions but then we ran into the issue with Windows 2012 running on a Hyper-V cluster. They asked me to put in the exception for clussvc.exe as the workaround and so I monitored for the application and set it to ignore. However since it was for an ADC it needed to be a file exclusion. Makes me wonder if I'm missing anything else by excluding processes as per vendor documentation through an application exclusion instead of a file exclusion. At the moment I'm a little fuzzy on the difference if anyone can help me out with that.