I need a solution
I configured the console timeout setting in Admin > Servers > Local Site to 1 hour but it's still timing out after about 10 or 15 minutes. I need to configure this somewhere else perhaps?
0
↧
Console Timeout Setting Not Working
↧
ccSvcHst.exe crash - Symantec Framework error
I need a solution
I have been seeing this error repeatedly on a single server in our environment. The SEP icon is not showing in the taskbar, but I can open the client (from the All Programs menu) and it opens without issue. I've checked the SEPM and it appears as online and fully updated. However, this error re-occurs about once a day.
Error message below:
Problem signature:
Problem Event Name: APPCRASH
Application Name: ccSvcHst.exe
Application Version: 12.12.4.12
Application Timestamp: 599f4250
Fault Module Name: ntdll.dll
Fault Module Version: 6.3.9600.18895
Fault Module Timestamp: 5a4b127e
Exception Code: c0000022
Exception Offset: 0009d4e2
OS Version: 6.3.9600.2.0.0.272.7
Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=280262
If the online privacy statement is not available, please read our privacy statement offline:
C:\WINDOWS\system32\en-US\erofflps.txt
0
↧
↧
Control definition update when using GUP
I need a solution
We are using GUPs in our environment and we need to control the definition distribution time. Say we want the definitions to go to one group at 8 am and not after that. to another group at 8 pm and not at any other time. Can someone suggest something. Thanks.
0
↧
Please Upgrade! New Vulnerabilities Announced in SEP
I do not need a solution (just sharing information)
Just raising awareness of these newly-announced vulnerabilities in older versions of SEP:
Norton and SEP Multiple Issues
https://www.symantec.com/docs/SYMSA1468
Symantec has released updates to address issues that were discovered in the Norton, Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Small Business Edition (SEP SBE) and Symantec Endpoint Protection Cloud (SEP Cloud) products.
Upgrade to remain safe from attempted exploit of CVE-2018-12238, CVE-2018-12239,and CVE-2018-12245! Full details in the link above.
0
↧
What is the difference between Internet Email Protect and Outlook Email Protect in SEP 14
I need a solution
1. Could you please explain why there is separate option for Outlook and Lotus email protection when all outgoing & incoming emails could be scanned through 'Internet Email Auto-Protect' option? Why has Symantec separated Outlook and Lotus Notes from other email Programs?
2. Does Symantec "Outlook Email Auto-Protect" option scan encrypted emails that are sent on POP3 over SSL? I have read the following article which says that Internet Email Auto-Protect option DOES NOT scan encrypted emails. I want to know if Outlook Auto-protect also behaves the same.
https://support.symantec.com/en_US/article.TECH950...
0
↧
↧
The second site can't replication with the primary site.
I need a solution
I have the issue of replication between primary and secondary sites.
I installed secondary site guided by article https://support.symantec.com/en_US/article.HOWTO81... and installation finish well. After installation on the secondary site, I saw all endpoint clients. But replication status was Not Started. On the primary server, replication status was Failed.
When I view Admin -> Server tab on the secondary site I see that local server IP address 192.168.0.100, and IP address Replication Partners 172.16.0.100, and here everything is correct. But when I view Admin -> Server tab on the primary site I see that local server IP address 172.16.0.100, and IP address Replication Partners 172.16.0.1, and that isn't correct. 172.16.0.1 is a gateway for the primary site.
How I can change IP address for Replication Partners on the primary site?
0
↧
Upgrade the Linux Server 7.5
I need a solution
Hello Team,
Hope all are doing Well, As currently am going to upgrade the Linux And CentOs Clients(Servers) from the Version of 14.2.758 to 14.2.build 1023.
As my Question are below
1.We can install SEP without removing old version of SEP?
2. Or We have to uninstall old SEP and we have to install new version of SEP ?
3. So we are on Servers services only going to stop and restart right ,So no need of reboot right ?
kINDLY PROVIDE A SOLUTION ON ABOVE DETAILS
0
↧
SYMSA1468 - Is the build list accurate?
I do not need a solution (just sharing information)
I was reading about the SYMSA1468 that was posted in the link below. When going down to CVE-2018-12238 and 12239 it says everything prior to 14.2 is vulnerable, but when I click the Securityfocus reference link it doesn't list our build SEP14 Ru1 mp2 3929.1200.
I called support to get a clear answer, and they said its recommended to upgrade to the latest version, but I get that answer whenever I call in general. I asked if its recommended, or that its necessary we upgrade since we have thousands of clients that we would need to upgrade at potentially a moments notice.
The technican didn't sound confident at all that my version was vulnerable since it isn't listed, but obviously telling me to go to 14.2 would fix my issue. So thats good enough for her.
I need to know if that list is accurate, or that its possible maybe our build just hasn't been tested yet.
https://www.securityfocus.com/bid/105918
https://support.symantec.com/en_US/article.SYMSA14...
0
↧
PGP Devleopment Kit for .NET C#
I need a solution
Hi,
We want to use pgp development kit for .net in used c# language. Is there any library or api or document. We use PGP Encription Desktop Application,but we want to use pgp encription methods in our project. Can you help us? Also is there any sample?
Thanks,
0
↧
↧
Our software gets WS.Reputation.1 detected
I need a solution
Hello.
Some of our customers reported that Symantec detects our product as WS.Reputation.1 potential threat.
Currently, we have to make a whitelist request for every release. Is there a way to automate this, e.g. some certificate to include in our build process?
Best regards,
Benjamin
0
↧
How to block incoming traffic selectively in SEP firewall?
I need a solution
I need to block all incoming traffic and then allow select ports/sources to be openes, how do i do this? Can anyone point me to an article explaining this?
0
↧
Can I delete what I think are old scan logs on MacOS?
I need a solution
Greetings, I have a 2015 Macbook Air, 256gb HD that is almost out of space. It turns out that the Symantec AntiVirus folder is taking up nearly 180gb of that space! In looking at the AV folder, it appears that there are folders with what I suspect are scan logs dating back to March 8, 2017, all the way up to today. I'd like to know if anyone knows for sure what those folders are, and if the older ones can simply be dragged to trash and removed from my HD. The attached screen shot shows the first third or so of these folders. Thank you!
0
↧
Upgrading SEP Client Endpoint Devices.
I need a solution
HI All.
We are plaining to replace all the SEP Client Endoint Devices, At prresent we are using 14.2 as a SEP Manager. What will be the POA & SOW plan to complete the activety for this.
Best Regards.
Krishna
0
↧
↧
Symantec Endpoint Protection Health Check via script?
I need a solution
Does anyone know a good solution how to check is SEP client healthy via script? I'm writing a PowerShell script to do healthcheck but currently I'm not sure what I need to check to be sure that SEP client is healthy.
0
↧
Excluding folder which prefix variable to use
I need a solution
We want to exclude the below folder. Which proefix variable to use in exception . We used systemdrive. Please advice
S:\Cluster Witness\MSEXCHANGE\*
D:\Program Files\Microsoft SQL Server\*
0
↧
IPS Defs Not Updating Even After Running IU
I need a solution
Got an endpoint where the IPS definitions are not updating. I downloaded and ran the Intelligent Updater file but no joy. Ran SymDiag but there are no issues other than we're not on the very latest version. I thought I'd check here before running a repair on the software. Any suggestions?
0
↧
Unable to connect to database - Fatal Errors
I need a solution
This morning i had issues connecting to the SEPM console come to find that the SQL services on the remote database were stopped. I was unable to start the services. Had the DBA team investigate after i found multiple errors in the event viewer.
DBA found that Service Pack needed to be applied.. After reboot, services are able to start.
I have rebooted SEPM and remote database and now get the error Unexpected server error 0x10010000
and then late received the error "failed to connect to server"
Troubleshooting steps taken
Ran a Repair on the SEPM - Successfull
Configuration Wizard - Unable to connect to database
ODBC Connection Test - Fail
Error found in the reporting.log
2018-12-03 21:12:58 ERROR:fatal error at login: \r\nEXCEPTION block1: Error message: <b>Source:</b> Microsoft OLE DB Provider for ODBC Drivers<br/><b>Description:</b> [Microsoft][SQL Server Native Client 11.0]TCP Provider: An existing connection was forcibly closed by the remote host.
\r\nError code: -2147352567\r\nFile and line: D:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Php\Include\Common\ado.php(99)\r\n
also see attached scm server log - Severe errors
0
↧
↧
Is SEP 15 available?
I need a solution
I keep seeing references to SEP 15 with some documentation and a few videos. I understand it shifts your on premise or hybrid deployment to full cloud managed setup. I keep running in circles trying to find any information on whether this is included with current licensing for SEP 14 or there is a new SKU to purchase? The links on Symantec's portal just bring you to the generic SEP 14 page. It's very confusing. Can anyone comment on this?
0
↧
SamSam Ransomware
I need a solution
Hi ,
Does Symantec has protection for below threat
MAR-10219351.r1.v2 – SamSam1
MAR-10166283.r1.v1 – SamSam2
MAR-10158513.r1.v1 – SamSam3
MAR-10164494.r1.v1 – SamSam4
0
↧
After sep client migration it showing offline in sepm console
I need a solution
Hello Tea,
We are migrating the sep clients from sepm 12 to sepm 14 console version. am using MSL to clients migration from sep12 to sepm14. First time hear intervel sep client will come online in sepm14 and next heart intervel the client will go back sepm12 and client remains offline in sepm14.
0
↧