Hi all,
I'm manage SEP of my company and it was expire about 6 month. Now, i want to renew it and don't want to causing any downtime to EndUser.
I want to ask when i active new license do i have to re-install Agent or just update is enough ? Is there any article for this situation ? I was looking but it all about renew license when curent license still valid not when curent license expire.
Many thanks,
Quang
I install SEP 14.2 client on Rhell 7.5 but auto-protect mulfunction. How i can solve this issue?
I have a problem with the Symantec Enpoint Protection product.
The Symantec Endpoint Protection that we have runs within a VM, while for the datastore from symantec our protection endpoint is a different VM.
to connect Symantec Endpoint protection with the datastore we use the ISCSI initiator but the ISCSI Initiator cannot connect between Symantec Endpoint Protection and the datastore, so we have difficulty logging into our SEP console.
Please provide a solution to the problems we are facing, we have great hopes for the support you provide
Regards,
Ibn Rizal
When I go through the standard app -> pkg method presented by Symantec support artticles.
https://www.symantec.com/connect/forums/sep-14-mac
https://support.symantec.com/en_US/article.HOWTO92...
and Jamf support articles
https://www.jamf.com/jamf-nation/discussions/26885...
i get my package file but i cant upload it to jamf because it is not a signed pkg file. Can anyone help me out here? is the package suppose to be signed? does it not work only bceause i have Jamf Now Plus?
is there any way to get the package signed by symantec?
Hi,
I've tried pushing out outlook add-in manually and it works. I've tried pushing out outlook plug in remotely from GPO and also from a 3rd party application WITHOUT SEP installed and it works as advertised.
The issue happens only when SEP is installed - it fails to install the Outlook add-in. There are no error messages. There is nothing in the event viewers for the span during which I try to push the installation. I've added the exceptions as directed by the company that created the add-in.
I've also foolishly spent 1 week with Symantec support team reading through procmon logs and there is nothing captured there either.
Anyone on earth experience an issue similar to the one I've described? Solutions?
Windows 7 Pro, Outlook 2013.
Thank you,
Jerry
After the issue with memory exploit from bad IPS signature, I know have 130 computers whose SEP service is stopped. With the service stopped they arent reporting into console and wont get defs, updates. Has anyone writtien a script that they can run from third party tool, like SCCM, to remotely start services on these types os issues? I dont really want to send an email asking 130 users to reboot. Appreciate any ideas.
P.S. i did open a case, not helpful, they just said to run liveupdate, which doesnt run with sep service stopped.
Holly
Hi Team,
I need a solution on how to disable email monitoring notification. It's flooding my customer' mailbox
I have removed notification but still the email is being sent to the customer's mailbox.
Thank you
Hello,
Since few days our newly deployed SEP client have corrupted definition...this issue is happening with the same packages we are using for 2 month now (the package dont containe definition), even when using nely exported packages the issue still the same
The GUP is getting updates from SEPM and old clients have no issue getting updates
any idea about what could be the reason
Thanks
Hi All,
We have SEPM14.1 on Windows Server 2012.
We have installed SEPM with local Admin account.
Now we have logged in with domain admin account and unable to access D:\Program Files(x86)\Symantec\Tools folder.
Error Message: "You don't currently have permission to access this folder."
We are able to access all other folders except "Tools" folder.
Please help us to resolve this issue.
We recently got latest definitions pushed to our systems. Post this activity our users are getting Outlook pop-ups everytime when they try to access external mails with images or templates.
There are no other change point other than this on these machines. If I run procmon it shows so many symantec entries in the list.
I have attached the snapshot, could anyone confirm if these behaviour has got anything to do with the updates?
Issue happening for both onprem and o365 users.
Hello All,
I recentley upgraded to the latest version on our SEPM servers “14.2.1031.0100” now when I try to run a report from the console. Reports>Computer Status>Client Inventory Details>Default. Then under advanced time range does not matter and choose a specific computer> SVR.123.1234 that has 14.2.1031.0100 installed. Click Create report on the bottom and it shows a blank page. If I do the exact same thing with a computer with an older version, it works fine?
Thanx
windows server 2012 r2
We support a full SEP secured network which was attacked by a ransomware trojan which is long known by SEP.
The first infected machine stopped the client but the others noticed the attack by the network and Host exploit mitigation part right away. Seems like a good job.
BUT then nothing happens. In my opinion SEP should now have isolated that machine right away, so that the ransomware isnt't able to spread itself.
Instead - nothing happens. The trojan is able to infect all fileshares, despite SEP knowing what he is doing.
How can that happen?????????
Support told me there is no mechanism to stop it. Every port scan triggers a 600 seconds block of the attacker, but a trojan can do its encryption without any action by SEP?!? That doesn't look right.
We hardend our network to withstand an attack like that, but still SEP should be able to take an action after a finding like that.
Any Idea?
So I have a number of clients that slowly fall out of date in regards to virus definitions and definitions for other parts of SEP. These are managed clients, and I have GUPs assinged to my clients based on the clients' particular network. Most clients update just fine, but I have a few that will not update on their own. Checking the logs, I see where it runs liveupdate and returns this message:
A LiveUpdate session ran successfully. No new updates were available.
If I enable Sylink and restart smc, the client updates all definitions just fine. If I just restart smc, the client updates all definitions without problems. If I run symdiag on these clients, they don't return any problems. If I run liveupdate on the client machine, it goes through the process of updating, and then acts like there are no updates out there.
Why do the clients update without issue when I stop and start smc, but otherwise are unable to update? Since enabling sylink makes the client update, I can't really gather any significant data.
Thank you,
Patrick
I forgot my admin password and do not have email configuration setup. How do I recover this password?
I am trying to run a known virus (mimikatz) to test domain security, and I am using a machine with SEP installed. I have taken the time to disable SEP using "start smc -stop", which allows me to download and mess with the virus, but I cannot access the file as a user, admin or any other way.
I am not sure why the file would be locked, as I have disabled SEP, are there other sevices I would have to disable?
I assume that the file is being held in stasis by another subprocess of SEP that has not been stopped, but please correct me if it is not your products fault.
How would I go about freeing the file?
| User session logon and logoff |
Process | Launch and terminate |
Module | Loads and unloads |
File | Create, Read, Delete, Rename |
Folder | Folder operations |
Registry Key | Operations on registry key |
Registry Value | Operations on registry values |
Network | Actor process network |
Named object | Named object attributes |
Hi,
Is it possible if the 2 existing sepm can be a replication partner? When I hit "add replication partner" got this error "You must synchronize the local site's with data with its partner?
Details:
SEPM#1
Running v14.2
SQL DB
Windows 2016
SEPM#2
Running v14.2
Embedded DB
Windows 2016
bonjour;
j'ai un serveur SEPM 14MP1avec une base de données SQL (windows 2012); le disque au niveau de serveur affiche Espace Disque Faible
cordialement;