I tried to upgrade SEPM 14 MP1 to MP2 but it rolled back. Then I backup all settings and uninstall all product with cleanwipe tool, after that I try to reinstall but it keep rolled back. so I try to install other version like SEMP 14 or MP1 but the result is the same. I attach SEPM_INST.log . Please help.
My system is Windows 2008 R2 Standard x64.
I am running Symantec Endpoint Enterprise Version 14 and would like to know how I can block McAfee Security Scan Plus from installing when someone tries to download and run it or when it comes with the Adobe Flash Player updates.
How do I setup the rule?
Tim
Hi Team
Please read carefully the following case description, I already reviewed the following documents before opening this discussion : HOWTO80848, HOWTO80849, TECH207935, HOWTO80859 , HOWTO80850.,
Customer Requirement: Apply System Lockdown to all computers in their environment.
Assumptions:
Steps:
Best Regards
After upgrade from 14MP1 to 14MP2, my both SEPM servers can't download/update IPS signatures automatically. There are warnings ID 7201 in event log with "Size(in bytes):-1" in the event text. Any other definitions are updated correctly.
If I download JBD file for IPS manually, update works OK.
Do you think what could I do with it?
Thanks.
Hi everybody
I am installing Symantec Endpoint Protection Mananger 14 MP2 on Windows Server 2016 Strandard
I have two network cards with one ip by card:
Card 1 : 10.0.0.4
Card 2 : 10.0.0.5
I have and IIS Server running only on the 10.0.0.4 ( by doing a netsh http add iplisten 10.0.0.4, now the IIS server run only on this ip. tested and verified)
I want that all the things needed to use network for SEPM to only run or binding on 10.0.0.5 and only on 10.0.0.5 beacuse this is making problems with other things running 10.0.0.4.
Looking in the policies settings, i can not delete (read-only) or disable the default rules in server management list, that let SEPM service running on all ip available.
Is there and any install parameter when i run the Setup.exe or anything else that force SEPM to use 10.0.0.5 and only on 10.0.0.5 ?
Thank you.
Hi,
Please help me to block USB except all type of dongle only allow to access.
We have created a Red Hat KVM Hypervisor that we are creating Windows Servers in. We have deployed two SEPMs with embedded databases but at random intervals they either hang or crash.
We currently have an internal investigation going on and are also engaging with Microsoft but in the mean time I wanted to understand if there are any known issues or potential problems with this type of configuration?
Thanks,
Tim
Hi,
We have Symantec Endpoint Protection Manager (v14 build 1904) installed on Windows Server 2008 R2.
I am trying to add the install package for V14 MP2 onto the sytem to test with a few Windows 10 systems.
However I am getting the error below:
- Reading the package contents...
- Adding the package into the management server...
- Disabling cancel operation as updating server database...
How do I fix this?
Hi everyone,
I have a weird problem that happened a few days ago. It seems that suddenly Windows stopped to recognize Symantec as a valid antivirus. That creates some weird events in Outlook in particular. We use Endpoint protection and it is working fine. All the PC I've checked are up to date.
I was wondering how to make Symnatec "accepted" by Windows again.
Thanks for your help in advance
Fred
Good day and thank you for looking at this!
Sorry if this is the wrong location, I tried finding something similar but may have missed it. Please feel free to redirect this to the right location if need be!
Problem: I am doing an install of SEP12 on a Server 2008 R2 machine. When I go to install SEP 12 I get the following error.
Header Reads: Symantec LiveUpdate Installer: LSETUP>EXE - Bad Image
Body Reads: LuComServer_3_3.EXE.config is either not designed to run on Windows or it contains an error.
This is a new Server 2008 R2 install with no previous SEP install. The installs are from Fileconnect and will install just fine on a 2016 server. Our previous SEP admin has never seen this issue before. I uploaded an image of the error so it can be viewed in its entirty. If anyone has any advice I am all ears! I thank you for your time and consideration in this!
Damien
Hello everyone,
We actually use a virtual server to manage our Endpoint Symnatec solution.
- Windows server 2008 SP1 64bits
- Endpoint Symantec 12.1.6 (12.1 RU6 MP4)
- SQL express 2005
We want to upgrade Endpoint to the version 14.
During my preparation, I found that our SQL databse is too old and is not supported by the last version of Symantec.
1- The SQL express 2005
For the version 14, Symantec requires an SQL database of at least 2008Sp4.
I was wondering if Symantec uses only SQL as a reference or if we could go to another solution to manage the data.
If it is SQL only, do you know if Symantec offers some kind of support to do that kind of upgrade? My knowledge in SQL is minimal and after hours of research and realized that it seems much harder to do than expected.
Thank you for your help in advance
Fred
Migrating systems from an old SEP server to a new one. I'm having issues with some of the Windows 10 systems.
Background is migrating from an older 12.1 server on 2008R2 to a new 12.1.6 RU8 on Server 2012R2. I have a new install package assigned to the group to update the clinets to 12.1.6 RU8, and most of the clients upgrade smoothly after updating their sylink.
Where I'm having issues is with some of the Windows 10 systems, under the restart required column, they are showing "Yes, The Application and device control component has a driver configuration change to apply". Restarting the computer never clears this mesaage. I have removed and re-installed with no success on these systems.
I'm gathering more information this evening regarding exact Windows 10 version that are working and that are not working, I can't interupt users during the day at this client.
Any information would be appreciated!
Thanks,
Brad
I would just like to ask about WannaCry ransomware 2.0 latest news? Is there any new variant for this threat? and are we still protected from it specially for those that still using SEP 12 (I'm currently using 12.1.6 MP5)?
Thanks in advance.
Dear,
I want to know, what if SEP with pattern 06/21/2017 r18 can detection Code-injecting SOREBRECT Ransomware ?
Thank you.
Hi i want to make auto upgrade on some 12 clients (Windows7 in domain) and i think i have a problem.
- server is installed as 12, then updated to 14. All seems to be OK, i can manage all clients with 12 and 14
- I prepared new OU for 14 clients with the same policies like for old 12, policies are created from very begining
- now i just move few clients to new OU, and prepared new upgrade package,
When i applied that package i see in the console (after double click on client) that package is accepted and ready to installation (see screen)... but that is from few days, update does not starts :( (package is set to install without user interaction).
When i make it with option 'Install a client' using the same package and remote push option, client is installed without problems. When i make it wit upgrade clients there is no any question from Upgrade Groups Wizard about user with admin rights on en clients... is it OK?
Any ideas?
Hi All,
I'm looking at the possibility of using Application and Device control to prevent users from running any applications not deemed necessary.
How can I prevent access to all applications with the expection of required windows apps and a set list(Office etc?)
Thanks
Dean
Hi i just noticed bug... or it is somehow only in my environment.
I installed java SEPM console to manage clients from my PC, prepared package and deployed it by email with link to that package, links are not correct, host name is not server host name but my PC host name :)
When i click on link and edit it manually in browser, change hostname to Server hostname it works. See screen :)
hi,
we have alot of macspoofing attacks from a device (printer) lately.
In the alarm message SEP sends out about the event it says the packet details can be found in the right window.
Can someone tell me where i can find the right window?
It doesn't show the packet data on any right window, also not on the details view on monitors->network and host exploit mitigation for the alert.
Thanks
Dears,
I have a question about licensing for example if we have two license files each with 1000 seat and one of them will expire soon, my questions are if the first license expires will the SEP manager continue to download definitions and update from symantec? if yes, will all the clients be able to get the defintions from the manager even the ones that had their license expire?
Thanks in Advance
Dears,
I noted that while upgrading to SEP14 it asks for the sa DB account and when trying the sem5 account it shows error, I just need to know why specifically it needs the sa credentials?
Thanks in Advance.