I tried accessing the: https://hostname:8443/console/apps/sepm web interface on an Android smartphone and the logon screen appears, but the on-screen keyboard just flickers for a milisecond then disappears. Not possible to enter any login credentials. Is the SEPM web console designed to work on mobile devices? Tried on both Edge for Android and Chrome. Thanks for any hints!
Hello Team,
Good Morning,
I want to know the diffrence between syamntec endpoint protection 12 , sep14 and sep15.
Hi,
Is it possible to check the client logs in SEPM console-
1) From which server or GUP client taking update
In short we are checking the communication\troubleshooting logs from user machine to collect these logs, I want- will we check these logs in SEPM console or not?
Hello,
I have been receiving an email notification showing a couple machines with old virus definitions. We have 200+ endpoints and about 4 or 5 of them are not getting new definitions. They have a reputation of not having ideal internet connection, but when the connection is good they still aren't receving the new definitions. I have tried sending an "Update Content" command, but it just sits at 0% in the Command Status interface. Is there a way to wuickly force an update to the machine without creating a new deployment package?
We're running SEP 14.2 MP1 and Win 7 Pro 64-bit UNMANAGED clients.
We have a simple question - just looking for an explanation of the error message - don't need any debugging assistance.
What is a "Post session callback error - code 208?"
Hi,
is it possible to deploy 14.2 client from 12.x SEPM?
Thanks,
Anver
Hi All,
Anyone else seeing this? On the SEPM homepage - under the Windows definitions , the "Latest on Manager" is not the same as the "Latest from Symantec"? Yet, when I check the definition download status, the current definition is correct?
Latest from Symantec: 2019/02/06 r23
Latest on Manager: 2019/02/05 r23
TIA
Can i configure the liveupdate policy to assign all clients to update from a GUP generated from another replication partner?
Hello,
Looks like Symantec again messed up with reverse proxy Apache modules. This was fixed in 14.0.1 MP2 (14.0.3929.1200) https://support.symantec.com/en_US/article.INFO4957.html but after upgrading to 14.2 (14.2.1031.0100) Apache starts crashing all over again. Of course, repair or cleanwipe with fresh installation and DB restore didn't help :(. Ended up with restore back to 14.0.1 MP2. At least they could not break what was already fixed !!! So all of You using reverse proxy be aware ;)) Of course I'm opening support case will see how it goes. Sadly I don't see perspective to fix this soon as they claiming to release new ver in March 2019 (maybe)
From time to time we have computers that end up being sent home with a former employee or for other reasons are no longer under our control, but still check in to the SEPM management console from wherever they may live now on the Internet. Because of this we end up receiving Risk alerts for computers that we no longer manage and sometimes have no way of contacting the end-user. We are aware that if we just delete the client from the console, it will come right back when the agent checks in next time. Is there some way to send a command via SEPM to specific clients to convert them from Managed to Unmanaged? Or possibly just send a message to the client agent with a popup message for the user so that we can either tell them to uninstall the SEP client or call our support team? In this particular instance, the SEPM is v14 and the SEP client is v12.1.6465.6200 on Mac OS X
I have been working with Symantec for a number of years now and our company has had Symantec products for well over 10 years, dating back to the days when we had Symantec Antivirus.
I've come to learn lots, get frustrated a heck of a lot, bang my fists on my table, and throw small things (like pens or pencils) because something with Symantec isn't working right.
For the last 3 days I've been fighting with our SEPM console because I keep looking at our Endpoint Status on the main page, where it tells me that 523 devices are out of date. 3 days ago this was 822 devices, and I had no clue why. It didn't just happen overnight, it's been an ongoing battle for several years. I got it down to 523 after re-installing from a pre-defined package but this was done by trial and error, and seemed to work.
Over the years I've upgraded version after version and on occasion, the number would fluctuate up and down, and it would never stay constant. This is because I've come to the conclusion that there are way too many factors causing out of date definitions. Machines are sometimes out of drive space, local firewalls are sometimes enabled and SEP can't communicate through the firewall and SEP won't install, or the definitions are corrupt. Who makes a product like this????
I've run the SymDiag tool many times, where it collected information about the SEPM console, and each time I ran it, it would find corrupt definitions, and when clicking "FIX" it would never fix it even after several attempts. Point here is, that no product created professionally would ever self-corrupt files. I know it's not intentional, and depending on network conditions, it should never happen, but it does and it's bloody frustrating when it does happen and sometimes I can't seem to fix it.
When we had a problem installing SEP 14.0 on a Windows 2013 server, we called Symantec who called back, did a remote connection to our computer, installed and uninstalled, rebooted, installed again, and every time we tried installing 14.0 on the server, it simply would not install. In the documentation however, it says that SEM 14 is compatible with 2013 server, but obviously in our case it was not. So that made us scale down to Windows server 2012, where installation occurred flawlessly, but Symantec Support did not help us discover this. I discovered it on my own.
We have over 3500 devices in our network and today I sit here with 2910 that are up to date, 523 that are out of date, 70 that are offline, and 355 that are in a "Disabled" state, whatever that means. To date I have never actually been able to figure out why a device is out of date, if all I did was install SEP normally from the SEPM console. Why would software do this? Why would Symantec make a product so inferior to today's standards and put us through this agony?
The SEPM console is a logistical nightmare. I can never find out where something is, and I always have to resort to looking back on the SEP forums for help. All I See are SEP representatives quoting links to more information without trying to respond to the question someone asked. I hate this kind of support with a passion! This is not good customer service. I think the reps on the forums are getting so frustrated with so many customers having so many problems, they simply do not want to take on another issue to explain in plain English to someone who can't understand their software, and simple responses have only links to other forum conversations.
When I have an emergency sitation on my hands, a colleague will say, "Call Symantec Support" and I just CRINGE when I hear this suggestion. I absolutely without a doubt, despise the Symantec telephone support. I know that all the phone support reps mean well, but I can't understand half of them because of their heavy Indian accents, and some don't really know the product well enough to troubleshoot our issues. This comes from outsourcing to call centres in India to save a few bucks. Nobody wants to say it, but I am simply stating a fact.
Lately we've been looking at cloud-based alternatives to SEP, and something that doesn't have so many configuration options. I think shortly we'll be switching products if Symantec can't get their act in gear and make this easier for us, and make a product that simply WORKS. As a matter of fact, I believe we will be using another product by the time our next renewal is due.
I hope some day soon I will never have to look at the SEPM console again. My anxiety level goes sky-high every time I have to look at it. I can't wait for the day I never have to look at it again.
Respond if you feel this way too and want to add your two cents. Maybe Symantec will look at this and say, "Hey guys, we really need to change our product". Given enough people who complain, something must be done, and soon!
Is everyone readng this 100% completely satisfied with Symantec Endpoint Protection?
Trying to uninstall Symantec on a client and it doesn't except the uninstall password.
When I look at policies we have the check box for "Require a password to uninstall the client" is checked but there isn't a box after it for the uninstall password. There is a password box to open the client user interface and to stop the client service but not for the uninstall.
This is causing us issues.
The query here is am not able to install symantec on linux machine. When i try to 64 bit linux redhat os it shows glibc library i686 which is already installed on the machine when i try to install as per the recommendation of tech support it shows nothing to do already new glibc is updated wih latest update . What can i do now
Hi guys, I recently installed Symantec Endpoint Protection on my laptop, and since then I can't use my laptop to create a hotspot.
When I connect my mobile to the hotspot it says "connected- no internet".
I've narrowed down the issue to be the SEP firewall since the hotspot works when the firewall is off.
I've made a few rules to allow all IP protocols to the adapter that my hotspot uses, but it's still getting blocked.
I guess that I didn't set up the rule correctly or something, can anyone assist me with this please?
Hello ,
Can anyone help me to know IPS protection in Antivirous .Basically the intrusion prevention system (IPS) compares traffic against signatures of known threats and blocks traffic when a threat is detected .Support team releses the singanture based on CVE vulnervalility (prevent vulnerability exploits),
How Symantec endpoint IPS works ,Is it scan the threat against signature if yes then which type of protection it provides us. how its protection is differ from network IPS.
We have a SIEM deployment and our requirement is to make sure we get all endpoints' logs, even those which were registered on SEP when these were not connected to SEPM i.e offline from corporate network. However, I want to confirm that if a client computer is not on our corporate network and registers some events like USB scan, will this forward these events to SEP Manger as soon as they become connected to our corporate network?
FYI, we are using SEP 14.
Urgent response will be highly appreciated.
Hi,
I need help. We cannot install SEP using Push Deployment Wizard. I pulled up some logs and I found this.
VPRemote.exe starting up with cmdline: C:\TEMP\Clt-Inst\vpremote.exe
Starting service: vpremote.exe...
Launching Command: "C:\TEMP\Clt-Inst\vpremote.exe" -launch
The process was created successfully.
Successfully deleted service: vpremote.exe.
VPRemote.exe starting up with cmdline: "C:\TEMP\Clt-Inst\vpremote.exe" -launch
Launching installation...
Using vpremote cmdline args
Process CmdLine: "C:\TEMP\Clt-Inst\setup.exe" /s /w /v"/qn /l*v "C:\WINDOWS\TEMP\SEP_INST.LOG" REBOOT=ReallySuppress"
Unable to create process!
Removing temporary installation source files from: C:\TEMP\Clt-Inst
Deleted File C:\TEMP\Clt-Inst\setup.exe
Deleted File C:\TEMP\Clt-Inst\SEPprep.ini
Deleted File C:\TEMP\Clt-Inst\SEP64.exe
Deleted File C:\TEMP\Clt-Inst\PkgSrcList
Deleted Directory C:\TEMP\Clt-Inst\
One or more files or folders was marked for delete on reboot!
Trying to mark for delete on reboot file C:\TEMP\Clt-Inst\VPRemoteExecutionStatus.xml
One or more files or folders was marked for delete on reboot!
Deleted File C:\TEMP\Clt-Inst\VPRemote.dat
The vpremote processing has completed.
What might be the issue?
Hello,
One of our customers asks if we can block TOR browser/traffic with SEP. I found some forum threads where Symantec recommends using IPS Audit signatures and not "Application and Device Control".
Did anyone have before such situation and how you worked on this?
From IPS I can add exception for TOR (see attached) and set it to block. Is this enough? Will this also allow these 2 IPS signatures to be updated whenever there is something new from Symantec since they are already in Exception?
Hello everyone I manage the server symantec Endpoint Protection Manager of my company (version 14.2.7700.0000) we have several groups I note each my Workstation each time go out groups that are designated. I need your help
Hello All,
one of my customer has the wish to set all devices which are using mtp or ptp to read-only when connected to a windows workstation.
I don't even know if it is possible. but i need a solution for the customer.
At the moment i block all devices based on class-id, so no access is possible.
Full access is no option.
Maybe someone can tell me howto get this work.
Thanks