I need a solution
Alright, I'll ask... which SEP virus def (if any) detect and quarantine WannaCry 2.0?
https://motherboard.vice.com/en_us/article/a-massi...
-Chris
0
↧
Wannacry 2.0?
↧
Traffic has been blocked from this application: (svchost.exe)
I need a solution
Hello all,
I have been getting this message on a client machine "Traffic has been blocked from this application: (svchost.exe)" and it's an incoming traffic.
Is there a way we can find out the source, as the remote IP has an IPV6 address...
Thanks,
0
↧
↧
Port 135 and 445
I need a solution
I am looking for your expert advice on blocking port 135 and 445 in our corporate environment on servers i.e 2008,2012,2003
What are the functionalities we will loose if we disable these ports on servers?
what are the best practices on these ports ?
regards
0
↧
HELP !!!
I do not need a solution (just sharing information)
I want to remove endpoint protection from my laptop but do not know how to do so ? can someone pls call me at +6588680659
0
↧
Trial SEPM license key
I need a solution
Hi Team , I would quickly needed SEPM V14 trial lversion key, please let me know how to download only license key. Because our production server going expired we have applied for reniwal as well its delay process so we need trail version for time being.
0
↧
↧
Ransomware Attack - WannaCry/Wanna
I need a solution
Hi Team,
Is there any updates further, when is the new definition going to release, at present it 05/12/2017 r9,
0
↧
to block exe and similar from SEPM
I need a solution
Hi Team, Can we block .exe and similar from SEPM being written to workstation - what are the steps
0
↧
DHCP Server shows SEP leases??
I need a solution
Setup a new Server 2016 with DNS and DHCP and the DHCP server lists all these leases with client IP addresses.
It looks like this: 192.168.0.40 SEP64XXXXXXXXXX.my.domain.com The X's are numbers and letters like a MAC address.
These never showed up before in server 2008 DHCP.
My computers show their own IP addresses.
Why does my DHCP seem to have IP's for SEP 14 clients?
0
↧
VPN connection freezes with SEP firewall on
I need a solution
I connect to a customer's site using Avaya VPN. I can access through the VPN only when SEP is disabled. Once SEP re-enables after 5 minutes (my employer's policy), the connection to the customer site freezes and I need to disable SEP again before the connection unfreezes. I've added exceptions for the VPN's IP and the Avaya folder and executable iteself, and have tried to add port exceptions in the SEP applications settings for the Avaya SEP, but I'm not sure this was done correctly. The customer says that the following needs to be set in the firewall rules:
Destination: 206.47.249.94 (added as an exception)
UDP 500 (by directional)
UDP 49000
ESP ( Protocol 50)
AH (Protocol 51)
0
↧
↧
If patch is NOT installed then block internet, and sometimes intranet
I need a solution
Hello all,
I've played with with this concept in the past, but never came up with a complete solution. I have a Custom IPS Signature that can block individual external sites, Google, Yahoo, etc...and I've played a bit with firewall rules to block port 80/8443, but I'm not sure of the "best" way to implement this control using SEP.
Essentially I would like to do the following:
1) Using a host integrity requirement, looking for the existence of a registry key value or an MS Patch.
2) If the registry key is 1, or the MS Patch is missing, then Block Internet access on the client.
3) If the registry key is 2, then Block Internet AND Intranet access on the client.
I thought that maybe I could run a script (every 5 minutes to offest the policy that the sepm sends down) that imports a custom firewall rule or a custom IP signature? But I'm not 100% sure the the content of those rules, I could use a little help authoring them.
I'm open to any other suggestions as to how I might accomplish this control.
Thanks for your time,
-Mike
0
↧
Symantec is crashing RDP services
I need a solution
We have recently started to just roll out Windows 10 and noticed some odd behavior with RDP with our test machines. Occasionally we are unable to get into a computer remotely through RDP. The service will stop responding and the person trying to connect will get a fatal error message or "An internal error has occured.". On rare occasions just trying to login to a domain user through RDP will crash and halt all future RDP connections. The only way to bring it back is to remote services and restart the RD service (or the computer). Sometimes it may take 10 minutes for the service to become unresponsive, or even up to a few days, there is no rhyme or reason.
We have a mostly Windows 7 environment and have been using that for years without any issues with RDP or connection issues. This is issue has only been noticed under Windows 10 Professional. For trouble shooting we have tried both version 12 and 14. We have tried all of the Windows updates up to the anniversary update. I have disabled all of the GPO's to that computer and tried with the same result. We have been unable to find a solution other than uninstalling Symantec. Once that happens, all of the connection issues stop.
Any suggestions or help? We effectively cannot deploy this as it currently stands. Thanks
0
↧
SEP queries
I need a solution
Hi All,
Just a quick queries related to SEP 14.
With the help of SEP Host integrity feature can we check vulneblity in OS application.
Also does SEP agent can be installed on Windows Server 2008 R2 Datacenter (This is cloud based server on Amazon.). i dont find in the system requirements.
Thanks,
Mustafa Shaikh
0
↧
Certificat Serveur 2008/2008 R2
I need a solution
Bonjour,
Nou savons des seveurs tournant avec un OS Windows Serveur 2008 64 Bits
Nous souhaitons une migration de l'OS vers Windows Serveur 2008 R2.
Cette plateforme contient un SEPM en version 12.1.6 MP5.
Y-a-t-il un impact genant pour le certificat embarqué ?
Merci de vos réponses
0
↧
↧
Client version unavailable
I need a solution
Hi,
I have 2 client's that their status is 'Client version unavailable' under 'Clients' in SEPM.
Although I did remote push to both of them the 14 client and it installed successfully.
In each of the computers under Troubleshoot, I see they connected to the SEPM server.
I sync the clients with active directory so I have the same folder for all of them.
0
↧
Need script to clear corrupted virus definitions
I need a solution
Hi All,
Since we have 1000+ computers with corrupted definitions, we cannot manually clear corrupted definitions on all computers.
Hence can somebody provide me a script file which we can use on Windows workstations to clear Corrupted definitions.
0
↧
New SEPM server and upgrade
I need a solution
I'm looking for the best way to set up a new server and upgrade to SEP 14 MP1. Currently, we have SEPM 12.1 on Server 2008 R2 using SQL 2012 remotely. I am setting up a new server for SEPM which will be 2012 R2 and will be SEP 14 MP1, but will continue to use the same remote db. This needs to be more of a gradual change instead of moving all clients at once. Looking for seamless solution and to retain all historical data, policies, groups, etc. Should I go ahead and upgrade our current SEPM to 14.1 and install 14.1 on the new server? Then redirect the clients to the new server. Or install our current 12.1 version on the new server, point the clients to it, and then do the upgrade. Any suggestions would be most appreciated. Thanks.
0
↧
Test new Endpoint Protection definitions before they are released to production
I need a solution
There is a KB article "Test new Endpoint Protection definitions before they are released to production", https://support.symantec.com/en_US/article.TECH246341.html , that describes how to test virus definitions before they got into production. I have three additional questions:
1. Does this KB article applies to SEP 14?
2. What is the time difference between Early Adopter Content Access defitions and Production definitions?
3. What is the difference between Early Adopter Content Access and Rapid Release definitions?
Regards,
Vladimir
0
↧
↧
SEPM stopped pushing client upgrades
I need a solution
We have finished testing 14 version and on Monday i have started the upgrade process. While testing i have upgraded our SEPM server to 14 and added 14 version as Client Packages for our testing group (~10 PCs with Win7-Win10). It has upgraded successfully on all of them. Now i have added 14 Client Packages (both 32 and 64 bit) to the main group. I have always done upgrades this way and i usually do not specify any schedule and leave the default 1 day interval to update. It takes 1-2 days to fully upgrade everyone. This time it started upgrading some of the machines and stopped.
I think that stopping occured after i have installed 14 client on the SEPM server itself and rebooted the server (Basic Server protection without firewall).
How can i troubleshoot and fix this? Any logs on the server/client to investigate?
0
↧
Need Help on creating Endpoint Firewall rule for blocking Website with Exception
I need a solution
Hi All,
Need Help on creating Endpoint Firewall rule for blocking Website with Exception.
Regards
USK
0
↧
.lof files
I need a solution
Hi community;
My antivirus prog. is not working
Can ı take log files information?
( another information :https://www.symantec.com/connect/forums/symantec-endpoint-protection-cannot-open-because-some-symantec-services-are-stopped-restart-2?cid=11824631#comment-11824631 )
Thank you.
0
↧