Hi,
I have a problem with SEP on Windows XP SP3.
After startup system, SEP service is closing with an error:
Faulting application Rtvscan.exe, version 11.0.6200.513, faulting module ccL608.dll, version 106.5.3.5, fault address 0x00016c00
szAppName : Rtvscan.exe szAppVer : 11.0.6200.513 szModName : ccL608.dll
szModVer : 106.5.3.5 offset : 00016c00
I need a solution.
thanks
There is a email alert for any client has the protection content older than 2 days. I capture the message for sharing this incorrect alert.
I do not know how Symantec count this 2 days difference. And the message says that "All online clients have been updated to the latest virus definitions". So, when is the latest virus definitions. I want to say the message is not clear and not correct at all.
I've imported the SEP 11 packages into my SEP 12.1 RU2 infrastructure.
Then I've exported the packages with the "All Content" option as I usually made; the "setup.exe" is 236MB for the 32bit and 240MB for the 64bit version.
I've installed one of this package in a Windows 2000 Server and I expected to have the latest definitions (referring to the moment of the creation of the package, yesterday).
The result is different: the 11 package seems to be deployed with, on board, a very old definitions set... as you can see in the picture.
I don't want the clients, just deployed, have to download the full content from the Manager...
So, what could I do?
Thanks in advance!
Hey,
We use Citrix XenDesktop VDI (that use provisioning services).
In the SEPM we see couple of hundreds computers that are Offlice, some of them are duplicated.
The main issue is that it took all our licensing and the "real" computers in the network not getting updates from the managment server.
Anyone knows how to deal with it?
Thanks!
Hi All,
I just need a comparison between 12. 1 and 12.1 RU2.
In which ways 12.1 RU2 is more secured than 12.1 RU1 MP1.
Hi all,
Has anyone moved their SEPM 12.x SQL Server database from one server or version to another successfully? Can I just have our DBA copy it from a SQL 2005 SP3 server to a SQL 2012 server? I found out that SEP 12.1.2015.2015 (RU2) requires a backend SQL of 2008 or higher. Before upgrading from SEP 12.1.1000.157 (RU1) to SEP 12.1.2015.2015 (RU2) I think I want to move the SEPM SQL database from 2005 SP3 to SQL 2012 first.
I've been reading through multiple docs but I wanted to ask for some clear advice on this upgrade procedure. Would these steps work? If not what should be changed?
Will simply having my DBA "copy" the SQL database work? Will I have to run the sylink updater for anything?
Thanks much, Tom.
SEP vulnerability
Impact - Attackers can exploit this issue to execute arbitrary PHP code in the context of the application.
This mail i have recieved from our team, what it meant and how to sort out?
what is current latest release in 11.0. from where i can get download?
is there a way for me to delegate ability to push pachages without giving site admin access, or permissions to modify pachages.
I just need Techs to be able to remotly deploy pachages without being able to modify
Some of my SEP clients for Mac appears as v12.1.0001.8888 instead of the v12.1.2015.2015.
All of the Mac clients are Mac OS X 10.8.2.
Any idea why is it happening?
I ran a scan on all nodes and several clients and log came back with the above error when reviewing the longs on the management console.
I also noted that when viewing the client locally - there appears to be multiple scans still running on the machine. I have rebooted the machine and stopped the rtvscan.exe service. No success.
Q: how can I get rid of these scans that appear to be running on the local client?
Q: What action will deal with the above error message when trying to start remote scan from management console?
I just noticed that if I sort by Client Version, 12.1.2015 does not show at the top of the list if I want to sort by newest client version. I know WHY, but don't agree... It sees 12.1.671 then 12.1.2015 then 12.1.1101 because 6 is larger than 2 I guess. It fails to understand that 12.1.2015 should be at the top of the list... Anyone else notice this?
I hope somebody can assist by answering or sharing a link that contains the info I require. I tried searching the net but cannot find the explanation I'm looking for.
I need to find out why Symantec only releases virus definitions every second day and the meaning behind the releases.
I understand what SONAR is used for, I need to find out why the updates are so far apart, for instance:
Latest update will be 2012/11/30 r11 and the previous is 2012/10/31 r11 (example)
And the same for IPS Signatures, why isn't it every second day like virus definitions?
Any explanation to the above would be greatly appreciated!
Regards
Hello all.
I have been struggling all morning to install a trial version of the Symantec Endpoint client application. I need the trial version for now, then will get the license off the IT guys when my office re-opens in the new year. Without Symantec, I can't log into my company servers and get to files, so can't work. It has been a frustrating day so far!
I went here: https://www4.symantec.com/Vrt/offer?a_id=117524&in...
and got this file: Symantec_Endpoint_Protection_12.1.2_Part1_Trialware_EN
It auto-extracted, so I didn't notice the setup.exe and just went into the folder that I had seen created. Unfortunately that was the SEPM folder, so I installed the Manager. Realised my mistake, uninstalled it, rebooted and used the setup.exe to install an unmanaged client. But that option ("install an unmanaged client") is greyed out. So I can only install the Manager, which isn't what I'm after.
I have ...
But still no good. Unmanaged client still greyed out. Is there something else that I need to do?
Thanks in advance.
Hi,
I have more than 20 GUP servers globally and one SEPM with more than 10 000 Sep clients and a SQL Server. All my GUP servers are configured as shown below, with all the options checked.
Questions:
Please advise as I am not sure whether to live these settings as they are or make changes.
RU2 clients that are installed with the Firewall component, but that have the Firewall policy withdrawn, are reported within the SEPM's Home Security Status (and Clients -> Protection Techonlogies) as having NTP disabled.
This does not affect 12.1RU1MP1 clients reporting to a RU2 SEPM, which report the Firewall is enabled even if the FW Policy has been withdrawn as per:
http://www.symantec.com/docs/TECH162868
From a technical view, I'd assume the above article is still correct as IPS is still in enabled and in use. But the way the client reports its status to the SEPM has changed.
Ideally we want the SEPM to be able to differentiate between a client's SEP firewall being disabled by the FW policy being withdrawn (SEP Administrator does not want the client FW to be on), and the FW being disabled by the end user (SEP Admin wants the FW to be on, but end user has disabled it and has the power to do so). I've created this as an "Idea" as below:
I folks,
I have a SEPM 11.x server which use SQL database on a remote server to host our database of our 3000+ AV Clients. I want to install SEPM 12.1.2 on a completly new Windows Server 2008 R2 (The current server is Windows 2003). The fact is that I don't want to upgrade the current server to SEPM 12.1.2. I would like to start a fresh new database but by keeping the current sites configuration, policy etc.
I know that I can import one by one each of my policies. But I would like to know if there is a way to start from fresh then import the complet current configuration to the fresh installed server.
I found this acticle http://www.symantec.com/docs/TECH104389 which look good, but in that way I'm force to install the version 11.x on the new server then upgrade to 12.1.2. I will use that solution if there is no simple way to achieve it they way I would like to.
Let me know if i'm not clear or some details are missing.
John
I have SEP 12 (Version 12.1.2015.2015) on a test workstation. It lost communication, but when I was attempting to replace Sylink.xml, I was unable to find the directory where Sylink.xml is located.
How to replace Sylink.xml on a SEP 12 client?
Can anyone point me to some documentation on the insight reputation lookups that go out to https://ent-shasta-rrs.symantec.com
I am trying to determine how much bandwidth my clients will use if I open this up, and how often they will go out to get new reputation data.
If I have 10,000 clients and push out a software update to all clients, will all clients in turn querry that URL for insight updates to check on the new files they just received? Or will one go out, see it is a known good file, and all subsequent clients will not need to query https://ent-shasta-rrs.symantec.com for updates?
Thanks.
Hi All,
I have a question regarding SEP agents and Site Recovery Manager (SRM) VMware technology for failover.
We currently have SEP 12.1 RU1 MP1 agents deployed on 18 servers that are about to go through failover testing. I wanted to know what will happen from both an agent and Console perspective when this occurs.
Background:
18 Windows 2008 R2 Servers will be SRMed over to an alternative site. During the SRM failover, the host names will remain the same, HOWEVER, the IPs will change.
I wanted to understand how this will impact the agents, licensing, reporting, and console.
Can you someone provide some insight into how this would work? Let me know if you have any additional questions. Thanks.
