Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

SEP 14 Clients Not Updating Definitions While Pending Reboot for Client Upgrade

January 23, 2017, 11:35 am
$
0
0
I need a solution

Recently upgraded to SEPM 14 and started migrating ~300 endpoints to the new version 14 client from 12.1.6. Since the migration started we started seeing a lot of new issues with clients getting out of date virus definitons. There seems to be a coorelation between clients that got the updated client, but haven't rebooted and those are have old virus definitions. Is this expected behavior? I'm hoping to not have to reboot my endpoints right after the client upgrade if I don't have to.

Running LiveUpdate on the clients does fix the issue as they get the definitions from the Internet instead of our local SEPM server.

I can validate that the SEPM server itself is getting the definition updates and is properly deploying them to most of our endpoints.

0
Search

[SEPM] Does not list Mac OS SEPM Client

January 23, 2017, 11:49 am
$
0
0
I need a solution

Good afternoon everyone,

I trying since several day to remotely set up (Push), a silent install for an EndPoint Protection on a Mac computer.

Installation seems to complete correctly, but I can't find the client in SEPM.

filter are correctly set up to "Show Windows" and Show Mac".

Please advise.

0

Quarantine an .exe for 32 Bit but not 64 Bit

January 24, 2017, 12:47 am
$
0
0
I need a solution

Hi,

We have a problem with the 32 bit computers. We have an application on windows mobile 6.0. when we run on 64 bit machine with symantec it works but when we run on 32 bit machine with symantec it does not work and it takes the exe to quarantine area and delete the original one. 

The symantec version 12.1.6 (12.1.RU6 MP5) Build 7004 (12.1.7004.6500)

What will the problem and solution. Is there anybody who have lived the same problem and somehow solved. We will be gratefull. Thanks. 

0

fullscan stuck / hangs on file

January 24, 2017, 12:50 am
$
0
0
I need a solution

Hello ,

i have upgrade my server to V14 and  same Clients to 14.0.1904 . 

Now its that some of the upgraded clients hangs or stuck in the weekly full scan.

The Files are random on clients

smc -stop not help

Only reboot  works as Workaround because its no solution

0

Log Error: "A content update package from the management server failed to unzip"?

January 24, 2017, 3:57 am
$
0
0
I need a solution

Hi all,

I have an issue affecting some of the application servers which act as GUPs.

some of them are unable to update their antivirus definitions and the log states the error:

"A content update package from the management server failed to unzip. The Update will be reattempted"

The servers download the content from themselves since the are GUPs, but the update package cannot be unzipped...

this is only affecting a few of the servers, the others are working fine.

Any explination on why this is occuring?

0

SSL Medium Strength Cipher Suites Supported vulnerability

January 24, 2017, 5:02 am
$
0
0
I need a solution

  Hi all,

 On our latest vulnerability scan of our SEPM 14 server we got this message:

 ---------------------

Description
The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 56 bits and less than 112 bits, or else that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.

 
Solution
Reconfigure the affected application if possible to avoid use of medium strength ciphers.
 
Output 
Here is the list of medium strength SSL ciphers supported by the remote server :

  Medium Strength Ciphers (> 64-bit and < 112-bit key)

    TLSv1
      EDH-RSA-DES-CBC3-SHA         Kx=DH          Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      ECDHE-RSA-DES-CBC3-SHA       Kx=ECDH        Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   
      DES-CBC3-SHA                 Kx=RSA         Au=RSA      Enc=3DES-CBC(168)        Mac=SHA1   

The fields above are :

  {OpenSSL ciphername}
  Kx={key exchange}
  Au={authentication}
  Enc={symmetric encryption method}
  Mac={message authentication code}
  {export flag}

-------------------

  These vulnerability issues are on tcp ports: 443 and 8445, ports that are used by Symantec Endpoint Protection Manager.

  Is there any solution to this issue?

  Thanks in advance!

0

Pushed policy to have workstations reboot at a certain day and time through SEPM - Didn't work

January 24, 2017, 12:22 pm
$
0
0
I need a solution

Hello,

I created a policy under the OU structure in SEPM to have computers restart at a certain time. I pushed SEP through SEPM. Once the time rolled around for me to reboot, I never received anything from SEPM to reboot on the workstation. Attached is a screenshot of my current configs. Did I configure something wrong? 

- Configured under parent OU

- SEPM version 12.1.6 RU6 MP6

- SEP version that was pushed was 12.1.7061.6600

Screen Shot 2017-01-24 at 3.16.13 PM.png

0

SEP 14 stops Docker Windows from working

January 24, 2017, 12:56 pm
$
0
0
I need a solution

I am running Windows Server 2016 with Microsoft Docker components installed.

I had to install SEP 14 (14.0.1904.0000) to be able to pull images.

Many people have reported problems with all manner of virus scanners & Docker:

  https://github.com/Microsoft/Virtualization-Docume...

With SEP 14.0.1904.0000 I was able to successfully pull images.

However, doing a simple docker run -it microsoft/windowsservercore hangs and never finishes.

Disabling SEP did not help. Only uninstalling it helps.

Is this a known issue? How to get it fixed?

0
Search

SEP 14 stops Docker Windows from working

January 24, 2017, 1:20 pm
$
0
0
I need a solution

I am running Windows Server 2016 with Microsoft Docker components installed.

I had to install SEP 14 (14.0.1904.0000) to be able to pull images.

Many people have reported problems with all manner of virus scanners & Docker:

  https://github.com/Microsoft/Virtualization-Docume...

With SEP 14.0.1904.0000 I was able to successfully pull images.

However, doing a simple docker run -it microsoft/windowsservercore hangs and never finishes.

Disabling SEP did not help. Only uninstalling it helps.

Is this a known issue? How to get it fixed?

(Sorry if this is a duplicate, couldn't find my first post)

0

Symantec License expired, Am I still protected?

January 24, 2017, 8:58 pm
$
0
0
I need a solution

Our Symantec License have expired, are our client still protecetd, if we recieeving latest definitions?

 SEP_Client_24Jan.jpg

0

Need to allow the files in the USB virtual CD/DVD Drive but block USB Drives

January 24, 2017, 10:16 pm
$
0
0
I need a solution

We are having CD/DVD Block policy on our groups.

We use DATA CARDS(USB DONGLE). We are unable to access the executable file in the data card.

As most of data card devices are having internal virtual CD/DVD drive which is blocking because of CD/DVD policy and user unable to access USB data card.

What shall I do?

0

file-level scanning exceptions

January 25, 2017, 4:10 am
$
0
0
I need a solution

Hi,  I'm running SEP12.1.6 Is it possible to exclude file level scanning on processes (.exe) ? I have a long list that I need to exclude. I think the proper way is to:

1. Open SEPM and go to policies

2. open Exceptions policie

3. click on add - windows exceptions- file

4. add the executable (.exe) example - EdgeTransport.exe

Thanks

0
1485347787

ccSvcHst.exe - Application Error : The exception unknown software exception (0x40000015) occurred in the application at location 0x78b2d6fd.

January 24, 2017, 11:44 pm
$
0
0
I need a solution

Windows XP SP3, Client SEP MP6 build 7061.6600. Sometimes in system logs  i see error ccSvcHst.exe - Application Error : The exception unknown software exception (0x40000015) occurred in the application at location 0x78b2d6fd., after that service SEP Master restarted, but service windows device service is stopped. Whats wrong with SEP?  Now i  solve that problem by restart computer.

0

Whitelist and sage 200

January 25, 2017, 6:18 am
$
0
0
I do not need a solution (just sharing information)

Hi,

I'm expirence some problems using SEP12 and Sage 200, just want to make sure that i'm doing the right thing!!

I add Sage200 to the whitelist exceptions allready, but I had a sage 200 file corruption and the after reporting the problem and having a  conversation with sage they saying that the problem is with antivirus (SEP12).

Im new to SEP12 and I dont have the Know-How to discuss it further with Sage. It causes a great deal of time to sort problems, with them. I'm posting here the snapshot taken, for that problem.

I wil apreciate if someone with more knowledge will be able to share some insights

Many thaks

0

Next update for SEP 12.1

January 25, 2017, 7:30 am
$
0
0
I need a solution

When is the next Update/Maintainence Patch scheduled for SEP 12?  I dont plan to go to 14 for a while.

0
Search

Free up SEP Seats used.

January 26, 2017, 7:05 am
$
0
0
I need a solution

Good morning, How can I free up licenses for endpoints? We are currently over-deployed for licenses and believe we may have licenses that we may be able to free up. Thanks  

0

GUP ruleset question

January 26, 2017, 8:39 am
$
0
0
I need a solution

Hi, 

what's the right way to config a list of GUP's?

I saw customers with config's like this with 1 rulesets for each IP:

gup1.jpg

and like this with many ips in one ruleset:

gup2.jpg

https://youtu.be/hHiBat6QIoU?t=215

in this video the GUP is configured like the first screenshot.

Both seem to be working the same way at first sight.

what's the difference and what is the right one to use?

0

Unable to get the Access Token and the Refresh Token in web service

January 26, 2017, 12:09 pm
$
0
0
I need a solution

Good afternoon,

I'm working on an integration between my SEP Manager and another security product via the web api and there are two values I needare the Access Token and the Refresh TOken.  

I have created the Web Application in the API and also authorized the API following the documentation.  I'm given a key value back that according to the documentation I should pass to this page: https:// : /sepm/oauth/token?grant_type=authorization_c ode&client_id= &client_secret= &redirect_uri=ht tp://localhost/&code= Where my access code is at the end.  When I pass my value for access code in the portion "http://localhost/&code=XXXXX" I get "This XML file does not appear to have any style information associated with it. The document tree is shown below." Returned in the web browser.  According to the documentation provided I should get a JSON string w/ the two values I need.

What am I missing?

PS LOL for copy and and paste formating problems here

0

New Webinar: Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning

January 27, 2017, 8:44 am
$
0
0
I do not need a solution (just sharing information)

Just raising awareness of a new resource: the first of our new 5-Part Webinar Series is now available on-demand!

Tackling Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
https://www.brighttalk.com/service/player/en-US/theme/default/channel/13361/webcast/223147/play

In 31 minutes this webinar explains and demos how SEP 14's new Advanced Machine Learning works against new and unknown threats.  This is time well spent for admins moving to SEP 14.

Future webinars may also be of interest.....



Part 1 of 5

Tackling Unknown Threats with Symantec Endpoint Protection 14 Machine Learning  (Register)

January 26, 2017

Part 2 of 5

Block The Risk Of Ransomware (Register)

February 23, 2017

Part 3 of 5

Achieving Zero-Day Attacks and What To Do About It (Register)

March 23, 2017

Part 4 of 5

Easy Ways To Improve Your Security Posture (Register)

April 20, 2017

Part 5 of 5

A Step-By-Step Approach for Endpoint Detection 7 Response (Register)

May 18, 2017

0

Unable to add Client Install packages

January 27, 2017, 10:20 am
$
0
0
I need a solution

I downloaded the SEPM 14 Full installationinstall but the SEP 14 clients were not automatically added. So when I download the SEP clients and try to add the install clients I retreive the error " failed to retrieve the build number for package" and the installation zip is deleted from my machine. are the builds in another directory within the SEPM folder or how can I fix this?

0
1485545170
Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>