Hi,
I have enabled the unmanaged detector and enabled the notifications for it. I get to see some 200+ machines in the Home Tab, I would like to know if i can pull a report explicit for unmanaged systems..
We have recently started to see this error during the kace image process.. Close the error and the image completes successfully and there is no further issues. SEP V12.
Any thoughts
Hello SEP Gurus,
I'm running parallel SEP infrastructures against the same Active Directory environment. On one side we have the SEP 12.1.6 MP10 environment, and on the other side we have the SEP 14.0.1 MP2 environment. The SEP 12 side takes roughly 5 minutes to sync with our backend AD, whereas the SEP 14 side can take 30 minutes to sync with the very same AD.
Any thoughts as to why?
Any logs I can check that may give me a clue?
Anything I can do speed it up?
Thanks for any input or suggestions,
-Mike
Hello,
We've done some research into making SEPM available over the internet, including review of multiple other forum posts and KB articles:
https://support.symantec.com/en_US/article.TECH930...
https://support.symantec.com/en_US/article.TECH178...
Based on this reading and those postings, we're considering the following to allow clients to communicate both on- and off-network, as we have systems that come and go, some that are always on the company network, and others that are almost never connected to the company network. Our goal is to allow clients to continue to communicate as they come and go. We've considered setting up an instance in the DMZ and configuring replication, but I think there's a better way to go about it.
Configure internal and external DNS entries for sep.company.com or similar. Those DNS entries will point to the internal address for SEPM for internal DNS and the external IP (to be NATed) for the external DNS entry. 8014 would be open for that one public IP. Clients would be left in push mode (is there a reason that pull is recommended for this?) as they should be able to reach the server as long as they have an internet connection; this would require a change in sylink for clients, which could be done remotely with other tools. None of the management and reporting ports would be open to the internet. Has anyone architected similar with success or gone about tackling this problem in a different way that they would recommend?
Hi all,
If I find a file that is legit and has been quarantined in the risk logs, and if in the SEPM I select "allow application" - does this release the file from
quarantine or how do I get the file to be removed from quarantined without the user re-installing the application or file?
Thanks in advance for any assistance.
Hello im using Symantec endpoint protection v 14 RU1 MP2 Build 3929.
Ive a application and device control policy, that blocks all usb devices with an exception of HID.
i wanna know if im able to temporarily unlock, USB devices with a password - through the Blocked prompt that appears.
Havent been able to find settings for that matter
Hi All,
We are building two new datacenters. At the moment the main DC host single SEPM server. We are looking for a solution in which a separate SEPM servers will be deployed in new DC's so SEP client will download definitions and configuration from SEPM in the same site not from the main DC. It is preferred to have the administration of all 3 SEPM servers completed from a single location so we will not have to administrate 3 separate SEPM setups
Any recommendatoions / solutions ?!
Thanks
Matt
Hi,
We are a small shop with approx 60 SEP client endpoints installed. All are running 14.0.RU1 MP2 build 3929. Today (May 18, 2018), the SEPM reported all but 1 of the clients out of date, The SEPM shows the latest Download Protection Content on the affected machines as 5/8/18 r3. The 1 machine not out of date shows 5/11/18 r18. All machines show Antivirus content as 5/18/18 r3. Everything else shows up to date as well in the SEPM. Due to the topology of our network, all clients pull updates directly from the Symantec Liveupdate Server. They do not download them from the SEPM. I have manually run Liveupdate on the several of the clients with no change in the issue and have rum SymDiag on a few with no indication of definition corruption. The clients themselves all show green with no indication of issues.
Where do I go from here? Any help is appreciated.
Thanks,
CQ
Hi All,
Any sample to create as per topic?
Below is my HI script, but seems like the HI script only run once....
Thanks
Hi all,
our company has more than 1000 computers. Some users have encountered an error in the image after the last upgrade. We implement 1 firewall policy. The current version is 14.0.3897.
I have a Outlook client rule running on a virtual machine that runs a VB script upon receiving mail. This script calls a powershell script that writes data from specific emails to a database. This worked great without fail for about a year. I'm not sure what exactly triggred the problem, probably an upgrade to the Symantec client or definitions I'm guessing, but now this script gets blocked by Symantec client. I have added exclusions to the file powershell.exe, but this does not seem to solve the problem. My only solution thus far has been to actually disable the Symantec client on that machine, and maybe that's ultimately the final solution. I realize there are a lot of dangers going around with malicious powershell scripts and Outlook which is probably the reasoning behind this heightened security, but I am careful with this one box that has these rules, and really need this script to function. Is there any way to green light powershell scripts or specific ones without disabling Symantec entirely?
hi everybody
1) i use windows 10 Version 1803 (build 17133.1) and when i try to install SEP , i got this message: Symantec End Point can't run on Windows , so please how i fix this ;
2) what is the naming convention of update releases ex: 20180521-003-v5i32.exe {date of release}-{integer}-{version or something}
so what is the integer (003) mean and the last part (v5i32), i know that i32 is for the system type but is (v5) .
thank you so much
Hello,
Is there anyway to Programaticaly move computers in the SEP console based on thier name?
Manually moving clients around into the correct folders can take up a lot of time here and we are wondering if a SQL script can be used to automaticaly moved?
I am trying to connect SEPM 14.01 database with our tableau BI tool for realtime view of threats and compliance.
i followed thik article and able to connect with dbeng16.exe but it is not accepting the admin password with dba ID. https://support.symantec.com/en_US/article.TECH102...
i recently changed the admin password of the SEPM consol and its working fine . Can you help m
Hi,
As several companies, I want to prevent my users browsing Internet without protection.
So, I have decided to force them to connect to VPN to use all the security devices when navigating on Internet.
To do that, i want to use Symantec Endpoint Protection, Firewall option.
At the moment, I am unable to get it work properly.
First, I have created 2 locations
Office vs Outside.
On office location, firewall is disabled. On outside location, firewall is enabled block everythings except the VPN server IP.
I have entered somes criterions, so, if an internal server responds to a ping, then you are in the office location.
The main issue of that, is when users are at the hostel, or in buisiness partner office, they have to use a Captive portal. The computer applied "Outside" location and firewall is enabled.
Symantec firewall sees captive portals as a hacker (man in the middle attack I guess) and blocks connections to the main portal page. Impossible to go ahead and get Internet access to use VPN.
Well,
I have decided to create another location "Captive"
In this location, the firewall is disabled, and it match this criterion if the computer gets a private IP (192.168.x.x) and cannot ping something on Internet (Google for example).
The main issue now, is that randomly the SEP does not switch from Captive to Outside to Office.
If I restart the smc service, the client takes the good location immediatly. But switching while running does randomly not work.
This is pretty annoying as I have to wait until 30 minutes to get the right location.
The "remember last location" is uncheck on the communication settings.
The location check is set to 30seconds.
I have enabled SMC debugging, Syling debugging, VP debugging, but still unable to find any location awareness log.
Does anybody has an idea to resolve my issue ? Or any idea to reach the target (prevent users to use Internet except through VPN)
Thank you.
Hi,
I am just getting started with this product, as I'm trying to help out my church with a few tecnical tasks. We are running version 14 build 2349, (14.0.2349.0100).
We have a Windows 10 Pro workstation that I recently updated and am trying to install an endpoint manager client. According to the endpoint server, I can create a client install package for Windows 64bit version 14.0.2349.0100, but when I attempt to install on the client, it is said to be incompatible.
Do I need to download new client versions to the server? Does the endpoint protection server maybe need to be updated? Any help you can give to put me on the right track is greatly appreciated.
Thanks!
Hi guys,
I have tried searching the forum but found no answers regarding my issue. Has anyone encountered any users trying to add the SEP firewall service via the network settings?
Appreciate your help on this guys. Thanks
Hi,
We have about 1000 +/- SEP12 managed endpoints (mainly windows while others are mac) pointing to our SEPM12 server and we have a new SEPM14 server setup with a different name and ip address. Rather than manually upgrade the endpoints from SEP12 to SEP14, is there a way to route the SEP12 endpoints to SEPM14 and then have them upgraded to SEP14? Please note we cannot perform SEPM14 Remote Push for security reasons. Thanks!
I recently updated my Dell 6440 laptop to Windows 10 version 1803 and am now getting a blue screen of death (BSOD) when I run Micro Focus InfoConnect Desktop 16.1. If I remove SEP, then no BSOD event occurs. I've worked with development and IT folks to narrow down the cause of the issue. When we review the minidump file in Windows (attached), the failure occurs when a Symantec file is being accessed when InfoConnect is in the process of connecting from Windows to a mainframe session . I searched on the Symantec forums, but don't see the problem show up on the list of issues. My SEP version is listed in Add/Remove Programs as 14.0.3897.1101. Thanks.
I got a Symantec Notification open window: Stating "unable to fix file" with an incomplete file adress in the Library with file ending with a cominaion of numbers/letters-blob.The opetion drop menu in this window doesn't offer any options. The full scan shows no threarts. What should I do/ do I need to worry? Thank you