Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

Symantec touching files even with exclusions set?

August 31, 2018, 7:43 am
$
0
0
I need a solution

We have an exclusion set for F:\Imagenow and all subdirectories in Endpoint Protection.  I see the exclusion in HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\AV\Exclusions\ScanningEngines\Directory\Admin.   However, on the server we see ccSvcHst.exe (Symantec) touching a ton of files in the F:\Imagenow directory.  Our onsite Symantec support tells us that "Symantec touches the files anyway even though the exclusion is set".  It is using 4x the disk IO of our application!  Is this statement correct or have they configured the exclusion wrong?

0
Search

new Sylink.XML only moves parts....

August 31, 2018, 11:25 am
$
0
0
I need a solution

We changed domains on our network. I added the new domain to the SEPM. I exported the communications settings for the new domain and imported them to my client, but it only part way worked. My clients are reporting to the correct server, but it did not change the Group the PC are in to match the AD. I used the “Import” function in the SEP client and the “SylinkDrop” with the same results.

Thakns

0

Boot. Malmo Virus detected but no action

September 1, 2018, 1:39 am
$
0
0
I need a solution

Dear Team,

Boot.Malmo is detected but no action is taken by symantec ( left alone). Need your help please!!! Thanks in advance ...

0

SEP clients length of time to update Virus Definitions.

September 1, 2018, 11:38 am
$
0
0
I need a solution

Hi All,

I was wondering how long it generally takes for new clients to download content from Group Update Providers.

I have installed new clients and it has been around 4 days where the logs show that the client has been downloading new content successfully. However, I still have the error indicating that the Virus Definitions are out of date on the SEPM and on the Client, it indicates that the Virus definitions are missing or corrupted. As indicated there are new installs and has so far happened on a number of PCs.

Can anyone assist?

Corey. 

0

Symantec blocking printer

September 2, 2018, 2:43 am
$
0
0
I need a solution

When i try to print something from mac machine its not getting printed. And cheked the traffic log in Sepm it shows outbound connection is getting blocked by block all ip traffic... i have 70 printer servers i will not be able to add all 70printer serer ip adress as exclusion wat can i do other than creating exception and exclude host

0

Killing the SEP service

September 4, 2018, 5:52 am
$
0
0
I need a solution

Hello everyone, recently we had a PT assesment in our SEP enviroment and the PT team had reported that they were able to succuesfully kill/bypass the SEP service. They also had a tool which they run and it disables the SEP. Also they used the taskkill command in cmd with local admin privalages and they bypassed it. Even though we already have the below enabled on the SEP side

  1. Password protection is enabled to stop the service. Verified it if someone tries to do smc- stop, we are prompted to supply the pasword.
  2. Password protection is enabled to uninstall the agent. Tried to uninstall from control panel, we are prompted to supply the password.
  3. If we try to go the task try right click on SEP shield, Disable Symantec Endpoint Protection is greyed out.
  4. Temper protection is enabled and the action for it is to Block and Log.

I also came across the below article and it works like this.

https://www.symantec.com/connect/forums/how-preven...

I am wondering how they SEP service can get killed even though temper protection is already enabled. 

0

Symantec Stencil for Visio

September 4, 2018, 6:47 am
$
0
0
I need a solution

Does anyone knows about any visio stencils for different Symantec products?

Appreciate it.  Thanks

0

User-defined exceptions during upgrade

September 3, 2018, 9:44 am
$
0
0
I need a solution

Hello,

I would like to know what happens to user defined exceptions on a SEP Client when the client is upgraded?

Is it maintained or removed?

Thanks,
 

0
Search

Does SEPM 14.x support SQL 2017 in cluster mode.

September 3, 2018, 8:51 pm
$
0
0
I need a solution

Hello Team,

We are setting up new SEPM 14.x on windows 2016. Does it support SQL 2017 as database ?

Is there any specified configuration or setting which need to taken care (compatibility) while installation.

0

left alone and partially repaired

September 5, 2018, 3:03 am
$
0
0
I need a solution

Dear Team,

IN our environment some clients not able to clear its showing left alone and partially repaired for this  virus W32.Chir.B@mm and W32.SillyFDC still 

please help me to resolve..

0

"Leave Alone" status on Mac malware/PUA

September 4, 2018, 6:25 pm
$
0
0
I need a solution

Hello all, I am recently using SEP in my work environment. Some MacOS machines have been hit by different malware and PUA strains that are detected by SEP, but when checking the logs, the vendor actions shows "Left alone". Is there any reason for this to happen? Is there any way, such as console configuration, to ensure this threats are properly detected/deleted/cleaned?

0

Very slow boot device control (block USB) on MAC

September 5, 2018, 2:15 am
$
0
0
I need a solution

Hello all.
I have problem whith MAC devices. Very slow boot SEP on MAC devices and for this resason my users can get access for USB devices during 10-60 sec. from start OS. Can you help me with it ?

0

SEPM "Unexpected server error"

September 5, 2018, 7:46 am
$
0
0
I need a solution

I am having trouble when attempting to view any page from the SEPM server that are sent through port 8443.  When I attempt to log on to the SEPM program, I get "Unexpected server error" .

When a log on is successful, I have a 100% chance of getting "Unexpected server error" when I click on a task, such as clients, or admin.

0

SEPM trigger remote scan with API

September 5, 2018, 10:17 am
$
0
0
I need a solution

I am creating python code to trigger a remote scan on a computer using this API.

       https://apidocs.symantec.com/home/saep#_run_a_scan...

I am wondering if there is any way to do this without Advanced Threat Protection.  Something like setting the date on the computer as having an out of date scan so it triggers SEPM to start another scan on its own.

Also, the documentaion references the eoc.wsdl

       "The evidence of compromise command in XML. See eoc.xsd in the Remote Management and Monitoring documentation for the proper     format."

I am having trouble finding this wsdl file.  Can anyone help me find it?  I have searched extensivly for Remote Management and Monitoring documentation but have not found the eoc.xsd.

0

SEPM SQL Query for client

September 5, 2018, 10:54 am
$
0
0
I need a solution

Been looking everywhere to see if this is even possible, after diving into the SQL schema I dont even see where this would listed.  I am looking for every client's "Server Connection Status" Server name and which port it is connecting via.  Anythoughts on excatly where this info is hidden?

Thanks in advance

-T

0
Search

Centralising the configuration of exclusions

September 6, 2018, 5:13 am
$
0
0
I need a solution

Hi, has anyone successfully configured folder exclusions on Linux via SEPM?

TIA, Derrick

0

I cannot delete *.dmp file from SEP folder log.

September 5, 2018, 7:45 pm
$
0
0
I need a solution

I am facing some issue with multiple client, include my server ( Windows 2012 R2 ) that already upgrade version from 12.1.5337.5000.105 to 14.0.3897.1101.105.

I cannot delete all log ( .dmp files ) in C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\Install\Logs\ *.dmp , Taking more that 60 GB from my C drive.

because this server already running SEP version 14.

Please advise.

This is the folder that take 60GB on my C drive.

0

List of Gups change

September 6, 2018, 12:18 pm
$
0
0
I need a solution

Hello,

Recently I start to monitoring the SEPM console and I runing the content Distrubution Monitor because ths client have a few branch Office and the wired is the list of GUP change many times in a day, for example, start with 30 gups and hours later the number is 40 gups and later the number increase to 86 gups.

This is correct? 

And how is possible to clean the list of gups? I like to the number of Gups always stay the same.

Thanks for your assistance!

Regars

Miguel Angel

0

how to create host integrity policy to check all of definitions are up to date

September 7, 2018, 1:39 am
$
0
0
I need a solution

I want to create a host integrity policy which will check the requirements below:
1. virus and spyware protection definitions are up to date
2. proactive threat protection definitions are up to date
3. network and host exploit mitigation definitions are up to date

What policy that is needed to be created to check these requirements?

0

SEP services stoping automatically

September 7, 2018, 2:53 am
$
0
0
I need a solution

Hi, Few systems in our organization are showing this error "Symantec Endpoint Protection cannot open because some Symantec Services are stopped. Restart the Symantec services, and then open Symantec Endpoint Protection". Is this problem from Symantec side or system side. Thanks

0
Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>