Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

SEPM (SEP14) is fully compatible whit Azure Plattform?

February 19, 2018, 12:36 am
$
0
0
I need a solution

Good morning,

Is it possible to install and manage SEP Manager from an Azure server?

I have read that it is possible, but according to this Symantec article https://www.symantec.com/connect/articles/sep-14-microsoft-azure-compatibility , in its final conclusions it is said:

“Symantec Endpoint Protection Manager is not fully supported with the Microsoft Azure cloud platform due to SQL Azure not supporting the installation of the SEPM database. This is easily worked around by creating another virtual server in Azure and installing your own version of SQL, however this method is unfortunately inconvenient and you no longer get to utilise the real benefits from using Microsoft Azure.”

This article is dated on December 2016. Is it possible that with the new versions of SEP14 this issue is solved and SEP Manager is fully compatible with Azure?

Regards

Félix Garrido

0
Search

Saturn Ramsomware - are defintions available?

February 19, 2018, 3:05 am
$
0
0
I need a solution

Hi All, quick question. Do the SEP definitions have in place/available detections for Saturn Ramsomware yet?

Cheers

PaulC

0

"Silent" Network Application Monitoring and Mixed Control Mode

February 19, 2018, 8:26 am
$
0
0
I need a solution

Hello SEP wizards!

So for years we have been running our SEP 12.1.x consoles with the Client User Interface Control Settings in "Mixed Control" mode. For the same amount of time, we have had "Network Application Monitoring" set to "Enabled" with "Allow and Log".

During those SEP 12.1.x years, with many Windows IPU's, I have NEVER received a notification from the SEP client that an application had changed...exactly as expected. So now we are moving toward SEP 14, and low and behold, with the above settings set exactly same way, I get popup after popup when doing a Windows IPU (In Place Upgrade) that an application has changed, and do I want to allow it. In this instance I went from Win 10 1703 to 1709.

So, is there a check box somewhere that I'm missing?? I checked the notifications on the Firewall Rules, their unchecked. Anywhere else I should look?

I realize that all the documentation suggests that for "Allow and Log" to function, the SEPM must be running in "Server Control" mode, but we cannot do that, and it has been working as expected with SEP 12.1.x for a very long time.

What am I missing??

Thanks for your suggestions,
-Mike

0

SEP Clients are not showing on SEPM14?

February 20, 2018, 1:19 am
$
0
0
I need a solution

Hello everybody,

I installed SEPM14 on a VM machine which OS is Windows 12R2. After making *.msi and *.exe packages from SEPM14, installed them into separate physical machine but none of them are not showing on SEPM14.

Both Sever and clients can have each other ping.

Wish to have a good solution soon.

Thanks in Advance

@Riyad
 

0

Question on SQL Licensing

February 20, 2018, 5:31 am
$
0
0
I need a solution

Hi all,

we are currently planning the Upgrade from SEPM 12 to 14.

During the Update Process the Installer closes in error because the SQL Database is not patched to the latest Version.

Now we are thinking babout using the SEPM off of our SQL Cluster to another independent SQL 2016 Server. But the question arised on how to license this Server. 

In My Opinion the SEPM is counted as ONE Client, other Colleagues think we need to have a license for every single SEP Client connected to the SEPM.

Can someone point me to the right direction here?

Thanks in Advance

Stephan

0

Exception Logs

February 20, 2018, 11:53 am
$
0
0
I need a solution

Hello,

I'm trying to determine what user added exceptions in the Symantec Endpoint Manager (SEPM 14). I dont see a log of who made the change, is it possible to enable this type of logging?

0

SEPM Auditing

February 20, 2018, 12:22 pm
$
0
0
I need a solution

Pre upgrade to 12.1.6MP9, we had a Limited Administrator account that was used for access control auditing. It had Read Only Access to policy and could view and bring up the Access and Policy Rights of all other Administrators in the SEPM, however after upgrade, the auditing account can only see other limited-administrators, So far the only way I can get that account to view higher admins is to set that account to the same or higher level admin... Is there a way to configure that limited admin to view the access rights of the other admins on the manager? Thanks.

0

Risk name = file name?

February 20, 2018, 2:06 pm
$
0
0
I need a solution

What does it mean when the Risk name is just the filename without the extension?

eg:
Risk name: CrmUiWpf 
File path: c:\users\jdoe\downloads\crmuiwpf.exe 

0
Search

SEPM vs LiveUpdate Administrator

February 20, 2018, 2:23 pm
$
0
0
I need a solution

I'm trying to figure out whether LiveUpdate Administrator makes sense to deploy.  On the surface, I can't see any benefit.  Within SEPM, I see there are tweaks to allow for installing client patches via LiveUpdate, but this isn't working.  Would LiveUpdate administrator allow for pushing client patches to managed clients or am I still up against using other tools for getting them deployed?  With nearly 2k clients, I have about 20 different builds represented and am trying to get them all updated to the latest build.  Assigning Install Packages for each of my groups has about a 50% success rate, so I more heavily rely on client patches.

Thanks,
Joel

0

Network browse issue after patching SEP clients on Server 2012 R2

February 20, 2018, 2:45 pm
$
0
0
I need a solution

I have seen an issue only on Server 2012 R2.  After a restart, you cannot browse UNC paths to any resource.  At first, it seemed completely random.  Then, as I began tracking each month, I found that it was about 40% of Server 2012 R2 servers behaving this way after taking a SEP upgrade and then restarting.  It doesn't seem to matter if the upgrade was from an install package was pushed from SEPM or if the client patch was applied. 

When I find the issue of not being able to browse a UNC path, I find that Event ID 4202 is logged. 

Event ID: 4202
Srouce:  iphlpsvc
Unable to update the IP address on Isatap interface isatap.{7E4F31EF-659F-46FE-9D1C-12B983DE5510}. Update Type: 0. Error Code: 0x57.

I have gotten into a routine that after every maintenance window, I run a powershell script to look for this event ID on all 2012 R2 servers, and then log in to see if the server is OK or exhibiting the symptom of not being able to browse UNC paths (Group Policies won't apply either, as they are unable to access the share on the domain controller in this condition).  If I cannot browse, I either reboot the server, or if I can't reboot the server, I restart the Workstation service and hope the dependent services don't lock up.

The only solution I have been able to find is to disable the isatap adapter:

netsh int isatap set state disabled

I have not yet gotten approval to disable this on all servers.

Has anyone else experienced this issue, and if so, what have you done to work around this?  Did you completely disable IPv6, or disable the isatap adapter or ???  This has to be a timing thing with both the sisnat-{GUID}.exe processing at the time the isatap interface is initializing. 

Thanks,
Joel

0

Compatibility issues between Symantec Erase Control Driver and Windows Server 2016

February 20, 2018, 7:29 pm
$
0
0
I need a solution

Dear Support,

We have encountered a Compatibility issues between Symantec Erase Control Driver and Windows Server 2016.

Current OS Version: Windows Server 2016 Std (64 bits)
Current SEP Client Version : 12.1.6 RU6 MP6 (12.1.7061.6600)

Anyone can help on this issue and how to fix it ?
 

Thanks
Kidd

0

Windows 10 do not get 1709 fall creators

February 21, 2018, 12:23 am
$
0
0
I need a solution

Hello all,

My customer distribute update with SCCM. Computers do not get update when sep installed. There is not any old symantec folders in any disks.

I even deleted the files that need to be deleted below. 

 C:\$WINDOWS.~BT\Sources\Panther\setupact.log & C:\$WINDOWS.~BT\Sources\Panther\_APPRAISER_HumanReadable.xml

Could you recommend something else? 

Information below thanks & regards.

Symantec Endpoint Manager 14 RU1 MP1

0

error when trying to export client install package

February 21, 2018, 12:53 am
$
0
0
I need a solution

Dear All,

I have upgraded quite sometime back SEPM from 12x to 14.0.0 MP2 and everything went through fine

I even exported the new clients (almost 100 % users are windows users ) and installed them on some client pcs

everything was working fine.

Then i required to change setting and export again but suddenly i realised that when i try to export client install package it gives me an error

the error is object cannot be found (0x16010000) .

also attached the error image ( filename sepm1)

when i try to export a linux or mac client install package there is no issue  happens only with windows 32bit and windows 64 bit

I also found that if I try to install the client package on a new pc or a  formatted pc the client pc icon never becomes green and i see that the virus and spyware protection dont get updated

but the clients which had the client package installed before this issue occured are being updated normally from the SEP manager.

just to further check i uninstalled SEP client which was green and working fine from one of the client pc and reinstalled the client but it refuses to update the virus and spyware protection but the proactive threat protection and network and host exploit mitigation work s fine and is updated with no issues

I am running sepm manager 14.0.0 MP2

googling arround found that this seems a database issue and as suggested did the below

reconfiguring the management server

installed new client install package from the download new version sep 14.0.1 MP1

no luck

also i tried to upgrade but was getting error when upgrading schema error occured

attached this pacture also ( filename sepm-db )

Since my SEPM is a VM i made a clone and backed up the database and restored on the clone machine and then ran the upgrade whcih completed with no errors but the problem still persists

apprecite your kind help and advice

im running out compeletlyof ideas

also attached a pic after i succesfully upgraded the SEPM server to 14.0.1 MP1

( filename is sepmnew )

thanks in advance

regards

simon

0

How to monitor Endpoints applications to create exception

February 21, 2018, 3:03 am
$
0
0
I need a solution

Hi All,

I there any way to monitor Endpoints applications to create exception based on that reports.

0

Timestamp for client log files?

February 21, 2018, 3:08 am
$
0
0
I need a solution

Among SEP 12.1 client logs, we find records like the one below. Can you explain where to find the corresponding timestamp? We appreciate the help.

300104150133,7,3,8,[computername],[username],,,,,,,16777216,"New virus definition file loaded. Version: 180204003.",0,,0,,,,,0,,,,,,,,,,,{448DCC9A-72B2-47EC-BFC1-5E77A8DBE693},,,,[domain],6C:0B:84:A7:95:2A,12.1.0.0,,,,,,,,,,,,,,,,0,,,,,,,,,,,,,,,,,,,,,,0,300104150133,,

0
Search

Windows-Update auf Fall Creators funktioniert nicht

February 21, 2018, 5:57 am
$
0
0
I need a solution

Hallo,

mein System: Windows 10 (Version 1511) mit installierter Symantec Endpoint Protection-Version 12.1.6 MP4, Build 6860

Ich möchte mein System auf Windows 10 Fall Creators-Update (Version 1709) aktualisieren.

Da die auf meinem System installierte SEP-Version nicht kompatibel zu Fall Creators-Update ist, habe ich zunächst SEP auf die Version 12.1.6 MP9, Build 7369 aktualisiert (mittels der "Sep64_6860To7369_clientDAXMSI.exe" aus dem "SEP_To_7369_GE.zip").

Trotzdem schlägt das Windows Fall Creators-Update fehl. Es erscheint die Meldung, dass SEP deinstalliert werden muss.

Gib es dafür eine Lösung?

Danke!

Kai

0

Diferences between endpoint security and endpoint protection.

February 21, 2018, 6:14 am
$
0
0
I do not need a solution (just sharing information)

Hi everyone

My doubt is about which are the diferences between endpoint security and endpoint protection.

Thank you for your help

Regards.

0

Unable to apply policy to device groups (error code: 5070)

February 21, 2018, 7:17 am
$
0
0
I need a solution

I'm trying to take advantage of  SEP new features, using the blacklist policy,

but i'm having this error when applying changes on Default Blacklist policy to Device Grups, this is a 14.1 the Cloud Portal.

I would appreciate any help.

0

Action:Left Alone and File Path: Unavailable

February 21, 2018, 9:56 am
$
0
0
I need a solution

We're receiving detections within our SEPM that are showing the action taken as left alone and the file path as unavailable. I'm unsure what to make of this. I've seen threads saying that if it says quarantined/deleted the file was removed before it was ever in the file system so I'm assuming that is the case here but I'm concerned about the "left alone" action taken. Does anyone have some insight as to why this is? 

0
1519240126

Best Practice for adding exclusions from Manager

February 21, 2018, 11:10 am
$
0
0
I need a solution

I currently have my clients group populated by location. Now I have a request to create an exception, should I create a new group called Exceptions and subgroups for each exclusion?

What is the best practice for adding exclusions through the SEPM? Is there any Symantec documentation?

0
Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>