How does SEP client or server behave when two identical SEP GUID tries to register to the SEP Manager?
If GUID is the issue, what can I resolve to do it? I was thinking of a logon script which would delete this registry key:
HKLM\Software\Symantec\Symantec Endpoint Protection\SMC\Sylink\Sylink\HostGUID
Hello,
Need your assistance regarding an issu with our SEPM wich is not able to get the latest Def automaticly.
We performed several operation to solve this but with no resultas
Thanks...
I am a privacy conscious user and i dont like to be fingerprinted by marketing websites, So i setup my symantec firewall and closed most of the ports that i dont use. I also disabled icmp requests. Now when i access facebook, google or some other websites i see they do icmp requests and god knows what not. But there is something that amazed me.They are able to access my windows kernel files. I scanned all of my pc files and everything came out clean but in firewall logs i see these sites accessing Ntoskrnl.exe everytime i visit facebook, google etc. How is that even possible? Is there something residing in my router/modem?
Some of these tracking urls that can access Ntoskrnl.exe are
aa.online-matrix.net (owned by device fingerprinting company called threatmetrix)
loadm.exelator.com
loadeu.exelator.com (Both owned by a marketing company www.nielsen.com)
I have also attachec a image file, please check out and give me your insight
Thanks
Has anyone else had an issue with setting up scheduled reports in 14.2 to be emailed to administrators in an HTML document, and not being able to expand the tabs when the report is opened in the browser? I tried on both Chrome and IE, and cannot expand the tabs on the report in either. I have no problem viewing the report when i generate it inside the SEPM console, and view it there.
When outlook scanning is enabled in the policies of Symantec antivirus server, users are getting “Symantec Email Proxy” error and same screen shot is attached. Requested to look into the issue pertaining Symantec Anti Virus Server at the earliest.
Operting System : Windows server 2016
Hello I would like ask about some ports .My SEP firewall allow to see scaner ports 1032/tcp iad3 1033/tcp netinfo
my firewall ruels don't allow any access for ports .All are block at individual rules.edition 14.2.770.0000 has some problem.
Symantec shouldn't allow pass acctes for my ports .
This situation was about 5 years ago the same .I don't need and alien acces to my station .
Plese fix it .
Hi. We have a SEPMv12 with Windows 2008R2. DB is local embedded DB. We plan clone the current SEPM for upgrade test with new IP and hostanme. And plan use 3 clients to connect to this test SEPM. To pervent impact prodcution enviroment .Please advise what tasks need to do on cloned SEPM and how to change SEP client setting for connect to cloned SEPM ?
Hello all,
I am looking for a way/page/URL to download all the definitions. So I don't want to update existing ones etc I just need to download the complete package of definitions seperatly.
Any help would be greatly appreciated.
Kind regards
Elias
Hello everyone, does any one of you tried installing SEP client with the Pdq deployment tool?
Does it work ?
Hello,
I am running SEP 14.0 RU1 MP2 Build 3929 on Linux redhat 7.5. The auto-protect is malfunctioning. Kernel version 3.10.0-862.3.2.el7.x86_64
● autoprotect.service - LSB: Symantec AutoProtect Modules
Loaded: loaded (/etc/rc.d/init.d/autoprotect; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2018-08-06 16:27:19 EDT; 14s ago
Docs: man:systemd-sysv-generator(8)
Process: 6006 ExecStart=/etc/rc.d/init.d/autoprotect start (code=exited, status=1/FAILURE)
Aug 06 16:27:19 oc8785678316.ibm.com autoprotect[6006]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-123.el7-x86_64.ko: R...available
Aug 06 16:27:19 oc8785678316.ibm.com autoprotect[6006]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-693.el7-x86_64.ko: R...available
Aug 06 16:27:19 oc8785678316.ibm.com autoprotect[6006]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-514.el7-x86_64.ko: R...available
Aug 06 16:27:19 oc8785678316.ibm.com autoprotect[6006]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-229.el7-x86_64.ko: R...available
Aug 06 16:27:19 oc8785678316.ibm.com autoprotect[6006]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-123.el7-x86_64.ko: R...available
Aug 06 16:27:19 oc8785678316.ibm.com autoprotect[6006]: symev: unable to load kernel support module (UNSUPPORTED-OS-rh-ES-7-3.10.0-862.3.2.el7-x86_64)
Aug 06 16:27:19 oc8785678316.ibm.com systemd[1]: autoprotect.service: control process exited, code=exited status=1
Aug 06 16:27:19 oc8785678316.ibm.com systemd[1]: Failed to start LSB: Symantec AutoProtect Modules.
Aug 06 16:27:19 oc8785678316.ibm.com systemd[1]: Unit autoprotect.service entered failed state.
Aug 06 16:27:19 oc8785678316.ibm.com systemd[1]: autoprotect.service failed.
Aug 06 16:12:00 oc8785678316.ibm.com systemd[1]: Starting LSB: Symantec AutoProtect Modules...
-- Subject: Unit autoprotect.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/syst...
--
-- Unit autoprotect.service has begun starting up.
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: Starting AP: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-oc.ko: Required key not available
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-693.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-514.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-229.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-123.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-693.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-514.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-229.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-123.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-693.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-514.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-229.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-rh-ES-7-3.10.0-123.el7-x86_64.ko: Required key
Aug 06 16:12:00 oc8785678316.ibm.com autoprotect[4548]: symev: unable to load kernel support module (UNSUPPORTED-OS-rh-ES-7-3.10.0-862.3.2.el7-x86_64)
Aug 06 16:12:00 oc8785678316.ibm.com symev[4914]: unable to load kernel support module (UNSUPPORTED-OS-rh-ES-7-3.10.0-862.3.2.el7-x86_64)
Aug 06 16:12:00 oc8785678316.ibm.com systemd[1]: autoprotect.service: control process exited, code=exited status=1
Aug 06 16:12:00 oc8785678316.ibm.com systemd[1]: Failed to start LSB: Symantec AutoProtect Modules.
-- Subject: Unit autoprotect.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/syst...
--
-- Unit autoprotect.service has failed.
--
-- The result is failed.
Aug 06 16:12:00 oc8785678316.ibm.com systemd[1]: Unit autoprotect.service entered failed state.
Aug 06 16:12:00 oc8785678316.ibm.com systemd[1]: autoprotect.service failed.
When creating an exceptions Policy, is there a good knowlege base article that highlights how to implement a policy?
Hello all,
I made a rule using classic blocking method but it didn't work.
Is there any other suggestion?
Thanks.
we normally average 20GB of LUA downloads but around 7/27/2018, it spiked up to 30GB and is staying in the 30GB range.
what changed?
Hello,
We have recently put new Symantec Endpoint Protection infrastructure in place. For our Linux and Windows machines, this has not been an issue at all. Things have gone smoothly, and we have been able to have both OSes get discovered via Symantecs AD sync, and apply policies by OU, etc... Great! But, an odd issue we came across, Mac OSX clients are not being discovered by Symantec. We have other programs/tools/scripts which have no issue seeing Mac OSX clients in the AD infrastructure. This is a problem because we now have to make 20 Installers for Mac clients, and a separate management hierarchy on the management server. Problem 1) if a Mac gets the wrong installer, it gets placed in the wrong group, despite AD design, 2) maintaining 20 installers is time consuming and clunky, 3) cleaning up old objects as they are decommed/rebuilt has become a clunky and time consuming issue.
Any help is appreciated
Thanks,
Thad
I'm running SEPM environment and users are experiencing their roaming profile not being removed from the client when they log off, some of the time. I noticed a SEP log at C:\Users\%username%\AppData\Local\Symantec\Symantec Endpoint Protection\Logs was still there. The log cannot be deleted or moved. It does dissapear after some time after some unknown event.
Is there a way to disable SEP from placing logs in the Users roaming profile AppData?
See https://www.symantec.com/connect/forums/local-profile-folder-cannot-be-deleted-due-symantec-endpoint-protection for more information on the log. Thanks!
I'm installing the latest SEP 14.2 on a Mac 10.13.6 adn i'm getting this error (Definitions are outdated) but it seems that it has the latest definitions already and the FIX button does not fix it.
Any ideas;
Hello guys, I have SEPM 14.2. I need to add exceptions for the below splunk processes from scanning, however in the exception policy I only see the file, folder and extension exception. I dont know the path for these processes. How can I add the exception for below processe? Appreciate your response.
I am unable to install any version of 14.x clients on windows 10 1803 machines on my domain. I receive the following error after reboot.
I have tried running cleanwipe and the re-installing with no luck. any help would be greatly appreciated.
Hi, I think a definition update which released yesterday affected one of our servers, I don't have internet access on Internet Explorer, but the other browser has access. we have a software on that server which uses Winsock and after that update, both IE and that software do not work properly.
Can you tell me how can I solve this problem? the server is windows server 2003.
Hi Everyone,
I need help, i success instal SEP client 14.2 on OEL 7.5 but i counter eror when install on RHEL 7.5. on RHEL 7.5 my system automatic reboot when installing on sepap-x64.rpm. i don't know what i must do... is everyone counter this problem ?
Best Regards,