Hello guys
I have in my environment with many clients with status: out of date. We have about 10 GUPs configured.
What do you recommend to reduce this out of date status? Has anyone had this problem, what actions have they taken?
Hello there,
I've been tasked with finding a way to automatically uninstall the SEP 14 client from a batch of PCs so another group can install other stuff, then reinstall the client.
Automated installs are easy. Automated uninstalls would be easy too, BUT.... I cannot find a way to pass the uninstall password to the client in an msiexec commandline. Is there a public property that can be referenced to pass the uninstall password?
SEPprep will not work and notes about removing a registry entry that holds the password that I've seen don't apply to version 14.
Any ideas or solutions?
Good afternoon,
Just looking to see if this is even an option or someything I can move to a good idea. Currently in our SEPM we have many exception groups that are created depending on individual application that the vendor requires them. From one standpoint it is convenient to have each group named by the application however, that means it is a pain to manage. So I am changing our groups to basically a standard SEP group, a group for exceptions, test group.....
I would like to be able to annotate what application each exception is for for tracking and audit purposes. However, I do not see a descriptionspace available when I create the individual exceptions. Has any had a better way of doing this?
Currently on SEP 14.2.770 on Server 2016. Environment uses mix of OS
Hi All,
We have two SEPM servers connected with a single SQL server.
We have configured MSL as Server with Priority1 and Server with Priority2.
We have configured Server1 as master logging server when we configured External logging.
When Server1 was down, all SEP clients started communicating with Server2 but this server did not send logs to Syslog server untill we make it as Master Logging server.
Is there any option to make the Passive server as Master Logging server automatically when the Active server is down?
Dear,
Acording this post https://securelist.com/keypass-ransomware/87412/ there is a new variant of the keypass ransomware
The hash is 901d893f665c6f9741aa940e5f275952 and symantec detect this as Trojan.Gen.2 (https://www.virustotal.com/#/file/ee74c63faa2eb970...)
My question is, this new variant and other is detect from Simantec (Sep and SMG) ? or a have to create a case to support ?
How I should proceed?
Regards
Miguel Angel
I want to create a new SEPM design based on 4 different security zones. We need SEPM servers in all zones, clients are not allowed to communicate across the zones. All zones are located at the same location and just a limited number of clients (the clients are mostly servers). I'm thinking of a distributed SEPM design with Central logging. Any tips / links? Thanks.
Hello,
there's a possibility, in the Symantec Console Manager, to add manual file to exsclusions without specifying the folder?
For example...i need to add to exclusions the file "abcd*.exe" for all windows folder (the characters after the symbol * may vary in letter o number).
Thanks
Hello,
I want to know if it's possible to migrate clients from SEPM 14 to another SEPM 14 server whithout uninstall and reinstall SEP client.
Any ideas ?
Hi All,
I am planning to import the license number from my office SEPM to my new installed SEPM in my personal laptop(for studying purpose-Policy editing and creation). Will it be a problem..?. Does the same license number is applicable to 2 SEPM. If I applied the same, what wil be the impact of the orginal SEPM (OFFICE).
Hi all,
In order to gain more free space, we want to remove Default Testing Distribution Center from the LUA server (it is not in use). We are following this tutorial https://support.symantec.com/en_US/article.TECH202..., but at the end we are getting message "Error while deleting configuration.". Is it possible to delete default DC at all and if it is, what is the correct procedure?
Thanks in advance!
Dejan
Hello:
I have one question, I am permissions of administrator in the Sep Console but I cant access via remote console , only via Web page.
I like to check if the access for console is denied but I only see Administrators and Install Packages options and no the servers options like this KB https://support.symantec.com/en_US/article.TECH147...
This is possible for the permission of my user in de AD ?
I am managing SEP 14 across 3 sites. In 2 of the sites there is a high security zone behind a DMZ. I have licenses for the 3 sites (3000 seats) and another set for the secure zones, which have a limited number of clients (no more than 200 devices, 800 seats purchased). What would be the best approach in terms of licensing the 2 groups?
I am implementing SEP14.x across 3 sites. I currently have SCCM, which is used for endpoint management. My device collection form SCCM has a huge descrepancy from my SEP implementation. I will be honest to say the inventory is not so clean.
Is there a script that i can run to check which PC's have SEP (or anyother antimalware) installed, so i can take it from there?
Your advise is highly appreciated.
Hi All,
I am planning to import the license number from my office SEPM to my new installed SEPM in my personal laptop(for studying purpose-Policy editing and creation). Will it be a problem..?. Does the same license number is applicable to 2 SEPM. If I applied the same, what wil be the impact of the orginal SEPM (OFFICE).
Hello:
I have one question, I am permissions of administrator in the Sep Console but I cant access via remote console , only via Web page.
I like to check if the access for console is denied but I only see Administrators and Install Packages options and no the servers options like this KB https://support.symantec.com/en_US/article.TECH147...
This is possible for the permission of my user in de AD ?
Hi,
I got this notification in SEP CRITICAL: 389 Network Virus Detected- Cleaned by deletion Auto-Protect
Risk Type- Heur.AdvML.C Malware
File/Entry- C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.2415.0200.105\SRTSP\Quarantine\APQ3517.tmp
Action Source- Cleaned by Deletion Auto Protect
I have received received these notifications almost twice since morning. Is there something that can be done. I have run a manual scan on the machine
I have windows 10 1709 Trying to install SEP 14.0 MP1 build 2332
Getting error can't install on this operating system.
Can someone help me with this issue.
Thanks,
Kenny
Hi,
We define "Multiple Group Update Providers".
In a branch the GUP is with IP 172.16.16.10. But some customers of this branch are in another 172.16.18.xxx network, for this different network do you need to define another GUP?
Would it be a GUP by network?
Hi,
Recently I trying to install SEP 12.1.16 trough SCCM Packege Deployment. I made a standard program installation, distributed to the distribution point, and started the deployment to 3 Windows 10 1803 machine, but after a period of time the deployment gives an error message which is called Error 1603. I don't know why it keeps poping up, because the user has full controll on the source folder and it's a domain admin.
If anyone has an idea what to do I would be grateful.
Best whises,
Peter
Hi,
We are using MAC OS 10.13 and we are getting all event notificaotion (Blocking devices, Scanning from another machine, Arp poisoning and etc) in Symantec managed antivirus which is 14.2. RU0.
We want to disable notification only, what is happening in my machine and Symantech agent it should not appear on User machine as it irritates user when we receive scanning/ARP poisoning events in bulk on a machine.
As per Symantec: they are able to block notification but unable to block action taken on this machine (Like file deleted or repaired).
We want to provide a solution for disable action notification also.
Case which I opened: Case Number 15305087
Article by Symantec: https://support.symantec.com/en_US/article.TECH134761.html
Regards
Krishan