Hi
Is it possible to exclude folders from Endpoint, i have different client groups, i am planning to remote push new package but i want to exclude some folders is there a way i can create a policy package to do that for a specific group.
Thanks
Hello everyone,
Over the past few days I notice that our Live Update Administrator has failed to download definitions scheduled, a certain point and it accuses error and I did not make any changes to the default settings
Message: Download request 705 started by administrator has failed.
Ubuntu 14.02. Yep, I'm a noob for Linux.
I've got the install package export on SEPM. I copied that to the Ubuntu desktop.
I tried this.
chmod 755 install.sh (no isssues)
sudo sh install.sh
I get this...
install.sh: 4: install.sh: Bad substitution
Also tried..
https://support.symantec.com/en_US/article.HOWTO10...
(Also brought the .zip file, unzipped it, ran this, no change.)
chmod u+x install.sh
sudo ./install.sh -i
I think that errored out. And then it saysfolder exists already, nothing written because folder written already....
I'm restarting. It's updated with apt-get update and upgrade already.
Hi all - when upgrading workstations and servers, they are put into pending restart state after.
While the servers and workstations are pending restarts to complete the update to the new version, does SEP still work in this state? Or must we restart before SEP protects the machine.
Cheers
hello,
the DB is down. i can't access to SEPM console. i think the problem is started during the last automatic db backup. any idea ?
sepm 14 RU1 MP1
Hello,
We are planning an upgrade of SEPM from 12.X to 14.X I have seen all of the articles outling what you need to do and I have found all of the files I am looking for. The only one I am having trouble with is the Recovery File. I can locate it without any problems, but all of the files themselves are from 2016. Being 2 years old is hardly new and I am hoping that someone could tell me a simple way of generating a new one. I have seen a couple of different methods from older threads but none of them were very clear, I am just looking for the simplest least intrusive method of generating a new recovery file.
Thanks!
Who is using deception and how are you testing the setup.
I have in installed in development and would like to test.
Thanks
is it possible to get a report showing which user disabled AV on a machine?
tried to google it but didnt find much :S
unexpectedly client began to be duplicated in the console with the same name but different hardware ID
Someone with the same issue?
Hi,
A newbiew question: What possibilities I do have to prove others that SEP is not the reason for the slow performance on the workstations/servers? I know there are exception rules for the files and processes. But if, some of the key director/processor has been forgot to be added on the exception list, how I could identify that is causing a problem? Is there a tool to identify that SEP is staying as gatekeeper for the regular processes?
Correct if I'm wrong, but when the process start, that is the only moment when the SEP could take care of the process, as that is the moment when it is read from the disk. Or, if I select one process into exception list, is it so that ALL of the actionos that processs does are excluded from the SEP?
Is it even a good idea to exclude e.g. word from the SEP?
So basically, I'm just hunting the some evidences that SEP is not reason for the performance issues on the workstation, and best practises for the exclusion management on the workstations.
Hello there,
I'm stuck at some point with a powershell script. I'm trying to create a group via rest-API but I don't know what is my mistake with that, I followed the RESTFUL manual and still getting http ERROR 400.
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $True }
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
$cred= @{
username = "MYUSER"
password = "MYPASSWORD"
domain = ""
}
#converts $cred array to json to send to the SEPM
$auth = $cred | ConvertTo-Json
$Authent = Invoke-RestMethod -Uri "https://MYSERVER:8446/sepm/api/v1/identity/authenticate" -Method Post -Body $auth -ContentType 'application/json'
$access_token = $Authent.Token
$body = @{
Name = "Testname"
}
$bodyJSON = $body | ConvertTo-Json
Invoke-RestMethod -Uri "https://MYSERVER:8446/sepm/api/v1/groups/2AD25F420AC54C82012E3FFA097A5EA7" -Headers @{Authorization="Bearer $access_token"} -Method Post -Body $bodyJSON -ContentType 'application/json'After instaling latest version in XP machines also stil agent not communicating to server it is shwoing offline
Hi everyone,
I'm having a hard time finding out what SEP's HIPS does and why it's beneficial for a company with 10,000+ employees. I know what a HIPS is, but how does HIPS within SEP work and why is it useful for big organizations?
Thanks!
Dear All,
just wondering how to create unmanged package for standalone installation with no SEPM configuraiton for small no of deployements. cust dont have inventory to provision for server. Hence any comment would be helpful.
Hi,
So currently I have an Endpoint Protection Server Manager of version 12.1.6, and I have the Endpoint Protection Clients of version 14.0.1.
The question is, can my server manager support the clients of the newest version?
Appreciate any help given! Thank you!
Windows Server 2012 R2 Datacenter Enterprise 64
Backend SQL Database
I upgraded my servers to SEPM 14.1 and must use a .jdb file to upgrade the definitions because there is no internet access. The clients have not yet been upgraded so they are still running SEPM 12.1.6 ... they will be upgraded very soon.
The clients are updating via the .jdb but the Home page in the manager does not show the correct definiton date. The clients are updated to the correct definition date via the .jdb file.
The servers are set up as fail over servers and both show Virus Definitions Not Available.
Is there a different set of definitions I need to be downloading for SEPM 14 or a different directory where the .jdb should be copied?
Currently the .jdb is being copied to C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming
Thanks for your help!
Hi,
Sorry but just to clarify, my company purchased Licenses for Symantec Endpoint Protection version 14.x,
However the clients just informed that they made a mistake and they require version 12.x
Are there any possiblity to get the archived version of Endpoint Protection?
Or do we need to get separate licensing for version 12.x?
Please advise and thank you!
Just upgraded our SEPM Server to 14 the other day. I tried using the auto-upgrade feature on a few clients. I did two the yesterday and they worked perfectly. I tired doing two of our servers today and nothing has worked. I tired rebooting a number of times hoping it would trigger the upgrade and nothing. Stumped on what I should try next. Thoughts?
I have an environment with 2 SEPMs with no internet connection.
To update the SEPMs we are using .JDB files. The SEPMs are accepting the SONAR and IPS .JDB files, however when the large AV definition .JDB file is dropped into the Incoming Directory a .err file is generated after about 15 minutes. The last time the AV Definitions were updated was in 2016. the IPS and SONAR are up to date.
On the SEPM Management console i can see logs reading "SEPM cound not Update rapid release content" and "Unexpected Server Error".
The only instance in the past where i have seen the Unexpected server error is where theres been an issue conecting to the backend SQL.
I have attemped uninstalling and reinstalling Liveupdate and restarting the server and restarting the services. This hasnt fixed the issue
Hello,
We recently upgrade our SEPM to version 14.0 RU1 MP2 Build 3929 (14.0.3929.1200). The 64-bit client was deploying for a few days already (without any problems) and this morning I added the 32-bit client package because we also have 32-bit Win7 installations. The moment the 32-bit install package was added to the clients group all the 64-bit client began to malfunction. All clients receive a message from windows notification center that the windows firewall was disabled and Symantec endpoint protection is disabled. SEP keeps trying to reïnstall itself but it keeps failling untill we remove the 32-bit install package from the group.
In the windows eventlog we see messages like:
SONAR has generated an error: code0:description: Definition Failure
Internal MSI error. Installer terminated prematurely
We can reproduced this issue by making a new group, then adding the 64-bit install package and then adding the 32-bit install package.
Any ideas?
Thx
Tom