Dear All,
Recently I have installed symantec endpoint protection manager 12.1.6 (RU6 MP1). After successfull install i have found that home, monitors and reports page are not displaying in the management console software but i can able to see through web console.
Please advise what should i do.
Hello,
Whats the ideal usage of Ccsvchst? If ccsvchst is causing high cpu usage, whats the troubleshooting steps?
SEP version : 14 mp2
I am installing the latest version of SEP 14 MP2, when I go to LUA to pick the download it gives me two choices. 14 or 14RU1. I am assuming its 14 RU1 but wanted to make sure. Thanks
Hi all,
Current Configuration:
1) Server A (First Server) on Remote SQL DB server (MS SQL 2012)
2) Server B - To configure to become replication partner for Server A
Both servers are on SEPM 14
My objective is create a replication partner with my current primary SEPM 14 server.
During the setting up of my SEPM partner replication server, would you create a new SQL or use back the existing SQL DB for replication? Because whenever I select the lattter option I will be prompted with the following dialog box:
If I initialize the DB my primary SEPM server DB schema will be wipe out thus unable to login. Therefore I am wondering should I create a new SQL DB for my replication partner server instead? Anyone encounter such issue before?
I'm following the below article to build the replication partner: https://support.symantec.com/en_US/article.HOWTO81217.html#v9336553
Thank you in advance.
Cokex
Hi everyone,
This is NOT about the procedure around Changing the host name of Endpoint Protection Management server -- that works just fine and there have been multiple posts and tech notes on how to do it. The procecdure does work as described.
What I'm posting about is a post-change issue with the root certificate which as one would expect was created during the original SEPM server install under the old host name.
It appears that the SSL certificate retains the old host name even after the SEPM host name change even though there are no signs of any abnormality or defect. Everything works just fine with one exception:
One must use the old FQDN in order to hit the web GUI on SEPM (that's the xxx:9090 web interface), doing all the CNAME and other DNS finagling does not work, the browser would not allow https unless the old FQDN is used. I've testtred this with Chrome and IE and simply those browsers would not allow me to load the content of the web manager.
I either get an internal server error (screen shot) or it would load but would not populate the inside of the main page.
Is there a way around this issue?
Thank you
B
Hi all,
A question that has been asked a million times, but I cannot see anything that relates to the 32bit to 64bit.
We have a Windows 2008 32bit DC that I am decomissioning that is also our SEPM server. I am wanting to move SEPM to our Windows 2012 R2 64bit Application server.
I have seen that I can do DR etc, but as the server I want to move it to is already up, has a different NETBIOS name and different IP address, I do not think this will work.
So I looked at replication, but I want to be able to do this again in the future if I need to, and as I will be taking the 2008 machine offline this would pose me an issue, plus would this work replicating from SEPM 32 to 64 and vice-versa?
So which would be the best way to do this with the lease amount of pain?
Thanks.
Bonjour,
J’ai un serveur Symantec Endpoint protection manager 14MP1, avec des clients SEP 12.1.6MP4,
Mon problème, le client Symantec bloque les utilisateurs à accéder à l'internet,
est-ce que quelqu'un peux m'aider pour débloquer la situation
Currently running SEPM 14 MP2, the LiveUpdates on the server were last update on 29th September.
I have attached my Log.LiveUpdate file.
Thanks for any help!
Hi,
We noticed that when SEP is running, I can't access internal websites taking a long time to access. If I disable browser intrusion it's working
Also when I uncheck disable script debugging in advanced options, it's working
Is there any permanent fix rather than workaround?
We are depoloying SEP 14 MP2 during Operating system deployment and somehow this causes the the deploymnet to timeout
Does nayone deploy SEP 14 MP2 msi as part of the OSD task sequence
Any tips
I have extracted sep64.msi from SEPM console and then made it as an application to deploy.
It does get installed but somehow prevents Task sequence form completing.
Any tips
We have updated our device control policy to allow a piece of internal Laptop Hardware.
After pushing out the policy the laptops are still not able to use the harware until we manually enable it in device manager.
Once we do that SEP kicks in and recognises this as allowed and leaves it as enabled.
We tested trying to enable a black listed device via device manager, but SEP stepped in and kept this blocked (as it should)
Any ideas why the newly whitelisted hardware isnt enabled from the start?
Thanks.
Hi
I am trying to get SEP 14 to work on our XenApp 7.8 environment based on Windows 2008 R2. The servers are booting up on Provisioning Service so the vDisk are non persistent.
In SEPM I have imported the Active Directory OU where the servers are located. Then I am sure the servers gets the required exceptions and policies. This works fine in Sep 12
Now when I test SEP 14 the servers are always located in Default Group.
This is what I do:
When the Citrix vm starts up, sephwid.bat are running and cleans the sephwid.xml and communicator.dat files. Starts up the service
The I can find the server in Default group
Should be located here:
Any sugestions ?
Thanks
Torsten
Is there a way to script the output of clicking on ViewDetails (that runs SecurityStatus.php) to a text file? Alternatively is there a way to schedule a quick report, as I can't find the same reports in scheduled reports. thanks in advance.
Hi,
I was trying to install node packages like Angular CLI etc using NPM in my Windows 2010, but always getting the same error messages as below mentioned. It looks like Symantec Endpoint Protection has something to do with it. I have configured NPM config in any way, but problem couldn't be resolved. Can anyone with the knowledge please tell me what is going on? I really need to install packages using NPM as well as run Symantec Endpoint.
The error is :
D:\Rahul\AngularMVCProjects> npm install -g @angular/cli
npm ERR! Windows_NT 10.0.14393
npm ERR! argv "C:\\Program Files\\nodejs\\node.exe""C:\\Program Files\\nodejs\\node_modules\\npm\\bin\\npm-cli.js""install""-g""@angular/cli"
npm ERR! node v6.11.4
npm ERR! npm v3.10.10
npm ERR! code ECONNRESET
npm ERR! network tunneling socket could not be established, cause=connect ETIMEDOUT 74.122.238.10:8080
npm ERR! network This is most likely not a problem with npm itself
npm ERR! network and is related to network connectivity.
npm ERR! network In most cases you are behind a proxy or have bad network settings.
npm ERR! network
npm ERR! network If you are behind a proxy, please make sure that the
npm ERR! network 'proxy' config is set properly. See: 'npm help config'
npm ERR! Please include the following file with any support request:
npm ERR! D:\Rahul\PRACTICES\Node\npm-debug.log
Thanks,
Rahul
Hello!
For the past few months we have been attempting to troubleshoot an issue here, and I believe I may have found out today that Symantec is the root of the problem.
The problem: We use a patch deployment application (Shavlik) to distribute Windows Updates to various computers. For the past few months (very intermittent), we have been having issues where a few patches will become installed and then the rest will completely fail, and Windows will attempt to roll back all of the patches that had failed. As Shavlik merely copies the patches and creates a batch file to install them, we became pretty confident that this wasn't a Shavlik issue. We have been attempting numerous fixes, but today was the first time I tried to do something different with Symantec.
The Windows Error Code: 0x80070020 (too generic to really get a handle on).
We have a server that this is currently an issue on, and I decided to setup a Win7 test box (since the OS version didn't seem to matter). I installed Symantec Endpoint Protection 12.1.6168.6000 (same as the server version), and of course when attempting to deploy ~150 Windows Updates, they failed in epic fashion. I then decided to install SEP 12.1.6867.6400, re-ran the patches, and everything seemed to install pretty smoothly. I've been parsing over the SEP and SEPM logs and haven't found anything indicative of Symantec blocking it, but that is the only thing that changed (that, and the group that the machine sat in on SEPM).
Has this been a known issue? Are there any specific logs I should be looking in to see if this was blocked for any reason? I already checked Tamper Protection and came up empty.
Thanks!
Windows 10 Anniversary edition 1607
After installing SEP client 12.1.7004.6500
You have to eject USB Thumb drive exactly twice.
The first attempt to safely eject gets, "Windows is unable to stop the Device"
The second attempt just moments later allows for safe removal of the device.
Hi,
I am trying to install Symantec Endpoint Protection (12.1.7004.6500.105) onto a PC running Windows 7 Enterprise (SP1) 64 bit.
When I run the installer it takes a while but eventually shows the Windows Installer, which then eventually disappears and that's it.
I am logged in as an Administrator, have tried using CleanWipe, and have tried turning off Defender also. I have attached the SEP install log.
Any help would be much appreciated!
Thanks,
Jack
Hello I would ask about some issue .I recently read about Kaspersky collaborate with Russian FSB .My question is about Symantec product as SEP Norton .The Symantec software has capability to check our file at computer .This is not blame but normal question what very curios people in Poland like to know .
http://www.bbc.com/news/world-us-canada-41262049
olek Poland
Hello any one started using SEP 14.0.1 that has been released recently.
They say it has new features like cloud portal to manage things.
How is it different from the on-premises one?
What is your feedback and impression on this?
Hi,
I want the information on following:
1) How exactly Trojan.Zeroaccess comes in Endpoint?
2) Possible Attack Vectors of Trojan.Zeroaccess
3) Does third party unwanted application plays a part in infection of Trojan.Zeroaccess??
4) I have one endpoint with possible presence of Trojan.Zeroaccess, Is there any way to pull info about infection of Endpoint with Trojan.Zeroaccess from SEPM Console?
Prmopt reply will be appreciated.
Thanks & Regards,
Tejas Shardule