I need a solution
Hi,
From where I can download GUP monitorig tool for SEP 14.2 MP1.
Regards
Sharma
0
↧
GUP Monitoring Tool
↧
error efter install sep 14.2.1031.0100
I need a solution
hello , please help me to detect problem when i install sep 14.2.1031.0100 , this window start all the time ( see the attachment )
0
↧
↧
How does SEP firewall work while off corporate network?
I need a solution
Are there any articles explaining how the SEP firewalls function off corporate networks? It's my understanding that the firewall continues to use the default policy even when on a home or orther network. I'm looking for a document stating this information for management.
0
↧
Script to update all the out of date client Machines
I need a solution
Hi All,
Is there any script to update all the out of date machines(client machines) in Symantec.
Thanks in Advance.!
Regards,
Harish
0
↧
Notification emails size
I need a solution
Hi All,
I received a lot of alert notifications from the SEPm ( and its ok )
but the size of every email is 500KB.
Is there an option to reduce the size of the emails ?
Thanks,
0
↧
↧
Not able to Register for SEP Cloud 14.2.
I need a solution
Not able to Register for SEP cloud 14.2. Error showing is Internal server error.
I have whitelisted the below URLs on the Proxy,
https://us-east-1-s3-symc-prod-saep-cis.s3.amazonaws.com/
https://us-east-1-s3-symc-prod-ses-shared-content.s3.amazonaws.com/
https://global-s3-cpe-prod-saep-hub.s3.amazonaws.com/
aws.amazon.com
usea1.r3.securitycloud.symantec.com/*
ncs-spoc-int1.norton.com
And also have Integerated Proxy server in SEPM server.
But still couldn't connect to the Cloud Portal.
0
↧
After trying to manually update sepm, .jdb gets an .err extension
I need a solution
Hello,
After trying to manually update sepm, .jdb gets an .err extension
SesmLu.log attached.
I appreciate the ehlp
0
↧
Migrating SEPMs to new OS
I need a solution
Hello All,We have a requirement to upgrade our SEPMs OS. Our environment is currently 3 sites with 4 servers. 3 servers use a SQL database and one uses an embedded DB. My thought was to just create 4 new SEPMs on the new OS add them to the respective sites (except for the one with the embedded DB I would create a new site for that). Wait a while to ensure data has been replicated and there aren't any issues and then slowly pull the old SEPMs out of the various sites. Is there any issue with doing the upgrade this way? Initially I think it would work fine I am just unsure about down the road if there would be any issues when trying to do another upgrade.
Would a better option be to configure new sites and add them in as replication partners? We also have an initiative to upgrade our SQL server. Symantec has steps on how to do this but with the need to update our servers to I wasn't sure if it would make sense to just build a new SQL server configure the new SEPMs to use that add everything in as new sites wait for replication etc. and pull out the old infrastructure?
I don't see a problem with doing either as the version of SEPM will remain the same just the OS is changing.
0
↧
Any recommendations on this architecture for SEP Deployment?
I need a solution
Hello,
I'm new to Symantec and I have been assigned with the task of deploying the SEPM servers for a company. I have previous knowledge on these types of deployments but I have come across a new type of architecture and I cannot decide what type of Endpoint protection deployment I should use, if single site or multi site. I tried to find some information but in the deployment guides I don't find any example close to what I have.
This company has 3 data center in different geographical locations and they use Azure as well. I wanted to know if anyone can recommend me what type of architecture I should use in this case: 3 data centers, small company about to scale to medium, around 700 devices but growing constantly, they have enough resources to deploy using SQL database.
My question is: Should I deploy as a single site in 1 of the main locations and treat the other locations as remote sites (the smallest locations) or should I deploy 1 SQL instance with SEPM servers per data center even though they don't have enough devices for this type of architecture?
I was thinking to deploy 2 SEPM servers with 1 SQL database in 1 main datacenter and configure a GUP per each data center in different locations and treat them as remote sites. Do I even need to use the GUP services?
I would appreciate any recommendation as I cannot find any guide that uses this type of architecture.
Sorry if this is not the section for this kind of question.
0
↧
↧
Live Update Errors on SEPM 14
I need a solution
Need Help ASAP,,,
We Have a trouble on the SEPM 14.0.3752.1000 With OS Windows Server 2012 R2.
- Windows Definition can't update (Please see attach)
- we try dowload liveupdate content, but there was an error " LIVE UPDATE ENCOUNTERED ONE OR MORE ERRORS. RETURN CODE = 4" (Please see attach)
we have tried the method from the following link but not success.
https://www.symantec.com/connect/forums/live-updat...
please help me for the issue.
Thanks for your attention & cooperation.
0
↧
Start button Freezes after SEP 14.2 installation
I need a solution
Hi,
We have deployed the SEP 14.2 on windows 10. After successful upgrade, start button freezes on windows 10 machines.
I have reinstall the SEP client again but same issue. After uninstall its work fine.
But when we start the SEP client again, its freezes again.
Any suggestion appricated.
Regards
Sharma
0
↧
Log Filter of SEP External Logging To Syslog Server
I need a solution
Hi,
I am having a hard time understanding what each log filter means while configuring SEP logs to our Syslog server, SIEM to be more specific. I want to recieve the information of clients on the SIEM, especially whether the client is joined to our corporate domain or not. For that, I want to know which log filter (among the available ones) should I select to make sure I recieve this information on SIEM.
I have attached a snapshot of the logfilter that I am referring to.
Thanks,
Kashif
0
↧
mover maquinas para grupos de forma automática, é possível?
I need a solution
Boa tarde,
gostaria de saber se é possivel e como fazer o SEP após instalado mover uma maquina para um grupo sem procisar fazer manualmente, exemplo abaixo
My Company
Defaul Group
- Diretoria
- Financeiro
- Operações
Gostaria de saber se é possivel claro, que o SEP após instalado mova a maquina por exemplo pro grupo operações e não caia no grupo default, é possivel fazer isso de alguma forma, algum meio identificador daquela maquina ou setor?
Queria apenas saber se alguém tbm já teve essa necessidade, já viu algo parecido ou se não é possivel mesmo.
0
↧
↧
can't update pattern files
I need a solution
Dear all,
I installed a SEP14.2 client to Windows 10 PC, but some clients can't download new pattern files from SEPM Server.
In the system log of the SEP client, there are errors like "ERROR: Could not download new contents from the management server"
And also there are errors in the cve.log like "SylinkCommunicatorImpl::ActuallyGetContent: Unknown exception occured for {151387BE-8D1C-467D-8B7A-AC215B16A144} on channel Manager
I confirm that the SEP Client can heartbeat to SEPM successfully.
And also I could download the daxfile by using web browser, so I think the connectivity between SEP client and SEPM seems good.
Some other clients could download new patternfiles successfully, so the SEPM has no problem.
What cause this trouble?
0
↧
USB-C docks and Lenovo P52
I need a solution
Hi All
We are havning problems with Lenovo and Dell Latitude laptops with USB-C docks
The user cannot enter password when it is docked.
Are there any thoughts on how to solve this issue?
0
↧
Block the following MD5, DNS, HTTP from the Symantec Endpoint Protection Manager console.
I need a solution
Buenos días,
Se me pide que bloquee el siguiente MD5, DNS, HTTP desde la consola de Symantec Endpoint Protection Manager.
Podrían explicar los mejores métodos para aplicar estas medidas correctivas.
Atte.
URL del host de documentos maliciosos:
hxxps: //drive.google [.] com / file / d / 1__9xcnIeyVn3_QQBnoX3SOpfeakHmJJN
Estos datos polimórficos se descifran a la siguiente DLL, que se ejecuta en la memoria:
Nombre de DLL exportado : cBz.dll
MD5: f458a219dd05caa8467dc1e6f3f00377
SHA1: 0abe59ee660c5ce434e05348217dd2f94d6410fc
SHA256: be7c0c1257f7ac84881331f123004a792137ea09aee391401a7245c65f74f9a7
Nota: DLL - CobInt Malware
Solicitud (s) de DNS : debianupd [.] Com (37.44.215 [.] 193)
Solicitud (s) HTTP : hxxps: // debianupd [.] Com / zldcpgjtlzlbczodniijikuzrbhcvictzzni
hxxps: // debianupd [.] com / aiaqgzzwmedppowmzujudsbgznjlrzwlzozkbzvlm
Nota : La sección uri_path de las URL parece tener una serie de factores aleatorios, por lo que las URL completas anteriores solo deben considerarse ejemplos.
Nombre del archivo: cnoeigiydvocziwubli
MD5 : <Varies>
Ejemplo MD5 : 2747dbabb723c88e56a45b56ccb8e550
SHA1 : bf9c7a2d0a6c1f8b2db736d30b1d82b0b58b2ca8
SHA256: 8d7fa29fe2fe3bf1e299515eeedc59d938ba2cf4f4db6d862372299391764bc0
Nota : datos encriptados polimórficos
0
↧
How does SEP determine an infection on the mobile phone, when user is connected to the network? Does it scan mobile phone files and data just like a PC?
I need a solution
How does SEP determine an infection on the mobile phone, when user is connected to the network? Does it scan mobile phone files and data just like a PC?
We have been notified that some mobile devices which was connected to our network was infected and we have asked our users to check on their mobile phones. May we know how was the detection done? Was the files being scanned on their mobile or how did you determined that the phone was infected? This question arised because some of the staff are worried that their private data on their phones were scanned. If it is true that the product must check the phone information, files (document / photos) and OS for infection? The question arises because if it is scanning done on the private phone we will need to put a disclaimer for the user to take note when connecting to the network that they are using.
0
↧
↧
Assign policy to Active Directory User
I need a solution
Hello
I would like asign Device Control policy to specyfic Active Directory users or groups. I would apply different Device Control policy depend of user loged to endpoint.
Is it possible in SEP Manager?
0
↧
SEP 15 clients are unable to update content
I do not need a solution (just sharing information)
Several customers have contacted support about SEP 15 clients failing to update virus definitions.
Symptoms
When running LiveUpdate you will see the following message:
When you go to Help > Troubleshooting > License Entitlement it will be blank:
For more information please see TECH253567
0
↧
Client computer slow when SEP client is managed
I need a solution
Hi everyone
We are experiencing weird issue and I was wondering if we are alone.
Situation is, single domain, single SEPM (v14.2.1.1031.0100) on Windows Server 2012 with about 80 clients. Some clients are v14.2.1.1031.0100, most of them v14.2.1.1015.0100, about 50/50 32:64-bit, predominantly Windows 7 Pro, the rest Windows 10 Pro.
About 2 weeks ago my computer (32-bit Win 7, SEP client v14.2.1.1031.0100) started being very slow. Slow meaning every operation took much longer then usual, any user input delayed, system response slugish, lots of "(not responding)" windows, especially if application performed anything network related. Symptoms like when you have HD bad sectors or failing optical drive so it takes a while for the computer to respond, but without frantic HD LED activity or anything in Windows logs. As I had no other user complaints I started hardware diagnostics and after few days had to give up, everything seems to be in order HW-wise.
I've made some internal DNS changes round about that time so the next couple of days I've spent playing with those. But when I reverted to the original setting issue remained.
I then CleanWiped my computer and issue was gone! Reinstalled SEP Client, issue returned.
Then I tried custom installing SEP client, removing component by component to determine which one was responsible. That took me couple of days again, as issue does not happen immediately after reboot. Sometimes among all that slugishness you get half an hour of uninterrupted operation, but this is rare. Usually when this behaviour starts computer is pretty much unusable.
Custom, component by component, installation did not point to the cause. Even with firewall component only computer was unusable after a while.
I then tried unmanaged client. Typical installation, everything there and with unmanaged client computer was running the whole day like it was brand new! As soon as I SylinkDrop it and connect to SEPM, responsiveness drops dramatically.
I then thought there may be something wrong with my rules, but the problem happens even when client is connected to the group with default rules only. Nothing out of the ordinary in SEP client logs.
Few days after I started troubleshooting procedure other users started complaining as well. As these were all 32-bit Win 7 users I thought that was something to look at, but then complaints started to come from some others as well. Worst affected was brand new Dell laptop with 64-bit Win 10 (identical laptop, bought at the same time, with installed identical software runs pretty much unaffected!?).
At the moment I'm running 5-6 worst affected computers, including my own, as unmanaged with some -importconfig (half)solution.
Anyone have any idea what could cause such behaviour?
Where do I look?
Regards
0
↧