I need a solution
Does SEP 14 has Anti-Ransomeware Feature?
0
↧
SEP 14 Question
↧
certification associate
I need a solution
Hi ,
I recently have achieved a certification of SEP and i have changed my company and i got a new partner ID for symantec . iwant to associate my certification with newly joined company ? what do i need to do ?
0
↧
↧
Remote Uninstall
I need a solution
Hi,
Is it possible to remotely uninstall SEP from client workstations? I have ~40 machines where I need to remove SEP however cannot find an option in the console. If not, are there any alternate solutions which would work asides from manually logging onto each machine?
Thanks in advance
0
↧
Excluding Heur.AdvML. alerts completely
I need a solution
Is there a way to exclude Heur.AdvML.A alerts completely? All files it is finding are false positives, and although we could submit those files to Symantec, or exclude them ourselves, we would be doing this for hundreds of files individually in numerous folders.
We just need to basically stop these alerts from doing anything at all until we can figure out a more permanent solution since we are getting spammed with false positive alerts.
0
↧
[APPLICATION] has changed since the last time you used it.
I need a solution
I have an unmanaged client for SEP 14.0 MP2. I do not have the licensing information.
I get the following message repeatedly:
"[APPLICATION] has changed since the last time you used it.
Name: [APPLICATION]
Application: [FILE NAME]
Do you want to allow it access to the network?"
Where [APPLICATION] is an application on the computer and [FILE NAME] is the executable file for that application.
There is an article about this on the Symantec website but the solution is not applicable to my situation since it is an unmanaged client.
https://support.symantec.com/en_US/article.TECH123331.html
When enableing and disabling Network application monitoring, I keep getting notifications every 5-10 minutes that Symantec has blocked svchost.exe until Symantec is reinstalled.
I have seen this issue in Windows 7, 8.1, 10. 32bit and 64bit.
0
↧
↧
Browser intrusion prevention is malfunctioning - Firefox
I need a solution
I just updated Firefox to the latest version (57.0.2, 64-bit). Now, whenever I open Firefox, I get a notification message that reads, "Browser Intrustion Prevention is malfunctioning. Check the System logs for details." The message also appears every time I open a new tab. I'm running SEP verison 14. I ran a Live Update and the problem still occurs.
0
↧
Scheduled report including IP, Host Name, and Definitions date
I need a solution
Hi All,
I have seen some older posts stating that this isn't possible to schedule but I figure it may have changed since these were posted and it couldn't hurt to ask.
What I'm trying to accomplish is an automated version of the monitors logs that contains Computer name, IP, OS, etc. Ideally it would have all of this information but minimum I need the Computer name, IP, Virus definitions, and the group name.
I've built out a powershell script that will run NLTest against all machines in the CSV exported through monitors and create a new CSV comparing the site from NLTest to the Group name. I'd like to turn this into a scheduled task to run every night and send out a list to my teams email distribution showing what machines are outdated by 30+ days. In order to do this I need to find a way of automating the process of generating the computer status logs and exporting them as a CSV and so far I haven't seen any method of doing this in the scheduled repots section. I know it would be possible to do something similar by creating a script to pull all of our machines by from our SQl DB and then comparing the dates associated witht he virus definitions but at the moment that is well outside of my skill level. I was wondering if anyone had a method of automating this process or could point me in the right direction. If any other information is needed please let me know. Thanks.
0
↧
Remote site is not connecting to management server
I need a solution
Hi,
I have recently installed one remote site(Coimbatore).When i am replicationg from remote site it is showing failed to connect.
Please assist..
0
↧
Upate agent via commandline
I need a solution
Hello everyone,
I'm trying to force udpates via commandline when the SEP Agent is not current. is there a command that I can run via terminal so I can script to do updates when the Agent is not current?
All the best
Ken
0
↧
↧
SEP API
I need a solution
Hello,
Is it possible to use the API to download the newest client?
thanks in advance,
Ken
0
↧
SEPM Web console Copy/Paste issue
I need a solution
I've been getting reports from users that use our SEPM web console stating that the have sparatic issues with fields being locked and not allowing them to copy the contents. Has anyone experienced this and can point me in the right direction to resolve this issue? I know the obvious work around would be to use the desktop client however I would like to see about an actual resolution for those users who prefer the web client. Any advice would be appreciated. Thanks.
0
↧
SEP 14 MP1 RU1 release date
I need a solution
Hi everyone,
Can you please let me know the release date for SEP MP1 RU1?
0
↧
files black list
I need a solution
i have MD5 hashes for 100 (hashes only) file and i need to blacklist them in SEP 14
please share how to acheive this
0
↧
↧
SEP Agent Issue
I need a solution
Dear all, I am having the below issues on SEP agents. Your kind support is appreciated in resolving this. Please feel free to ask me any additional queries.
1) I have many servers that are running SEP agent version 12.1.2 and 12.1.5. They are appearing as out of date. When I view the details I see that mostly only the " Download Protection Content Update" is out of date. These Server machines does not have internet access and they download the definations only from the SEPM. SEPM is running 14 MP1.
These problematic Server OS machiens doesn't have Sonar and Firewall installed on it. Only the AV and IPS component is installed on these servers.
2) I have many servers 70+ which are appearing as disabled on the SEPM dashboard. When I checked the details I find out that the Temper Protection is malfunctioning. I went into the group settings where these servers reside and under the temper protection locked the paddle lock which was previously not locked. Doing this would resolve the component malfucioning issue? if yes then how much time does it take in the report to show that temper protection is no longer malfuctioning after doing the above change?
Your comments and feedback is appreciated. Thanks
0
↧
Left Alone risk
I need a solution
Hi All,
I have received the single risk(Left alone) notification from a particular server. I have took the sample file and submitted to symantec to check the file legimacy and got the result that submitted was not malicious. Then I have submitted in false positive symantec portal.
Team have replied back to me saying that the detection(s) for the following file(s) will be removed from our products.
But still I am receiving the file as a single risk.
Kindly let me know how to troubleshoot further on this. I know clearly that the file was legitimate.
Regards,
S.R.V
0
↧
Virus affected in workstation.
I need a solution
Hi All,
Recently one of the workstion is being affected by the virus. I am not sure how to investigate the rootcause of the virus.
I have took the sample of the file and put in a virus total and found that the reputation of that file is very bad.
Immediately I have informed the concern team to remove the affected machine from the network and ask them to reimage.
Since it was workstation I have done this part as a soluction.
But if it is server affected by the virus or worm. How to find the root cause and handle the situation.
Kindly suggest.
Regards,
SRV
0
↧
IPS Signatures not updating
I need a solution
I have updated several of my desktop clients to 14 RU1 (Build 3752) as a pilot to make sure that there are no issues before rolling it out to the entire environment. I have noticed though that the IPS signatures on these clients don't seem to update though. Oddly the console took almost a month before it listed any of these clients as being out of date. I noticed that it is recommended to update the management server first. Is this an issue that would be resolved by updating the management server(It is still on build 1904) or am I just noticing a coincidence?
0
↧
↧
Device control, monitor not block
I need a solution
Hi,
We are looking to run device control to block USB mass storage.
We want to monitor what devices are being pulgin inh to see what impact this will ahve a users.
What I want is to be able to have a rule set that logs but does not block.
Or a way of getting a full week worth of logs that I can filter down to see what USB devices are being used.
0
↧
Trouble login in to Symantec endpoint protection manager
I need a solution
Yes i cant log in to the manager page just finished downloading endpoint protection it ask for user name and password i tried the email and password i use for symantec website but email dosnt fit obviously not the same as symantec webpage log in i have looke dat all emails symantec has sent and can find my user name and password in any of them not even a prompt to make a user/pass please help thank you
0
↧
SEP 12.1.6 compatibility on windows 10
I need a solution
Hi ,
I have a query revarding SEP 12.1.6 compatibility on windows 10 machines.
Specifically rurrounding the outlook plugin functionality, is this still supported on windows 10 operating system.
I am looking to migrate windows 7 desktops to windows 10 and am curious to see if any issues should arise with the 12.1.6 or if i need to upgrade SEP to 14
What are your opinions?
Thanks.
Jamie.
0
↧