Configured the 14.2 RU1 client upgrade to "Distribute upgrades over 30 days". A couple hours later I noticed more then half of our workstations were pending reboots from upgrades. Has anyone else experienced 14.2 RU1 upgrading clients right away instead of distributing over the set number of days?
We got some security questions during a recent audit and need some information about wpad.dat. Here is the question?
"I’m researching the WinHTTP Web Proxy Auto-Discovery Service. We are looking into getting it disabled. After looking at the dependencies it looks like Symantec is using this service. Can you verify if it’s going to be an issue if we turn this service off? "
I used below endpoint, It's need to 'file_path' (query param) so I couldn't find any file path to use this endpoint; could you please tell how to get the file path.
- /api/v1/cammand-queue/files
I referred this documentation
https://apidocs.symantec.com/home/saep#_run_a_scan...
Thank you.
Hi Guys,
I have an issue where File path is being shown as "Unavailable" in risk log and the source of detection is "Scheduled Scan".
On raising a ticket with Symantec they said that possibly the file is still in RAM. Does Auto-Protect and Scheduled Scan have the ability to scan files in RAM?
Most of the forums that I have seen points to detection source as Download insight however there is no mention about detection using Auto-Protect and Scheduled Scan.
Please share a few instances when File path is shown as "Unavailable" and if it does how do we actually remediate the infection?
Thanks,
Vasudev
Can someone tell me what is the minimum definition file date that we need to be on to ensure that we are protected from the latest Ransomware strain? From what i understand Symantec had been blocking the strain as a trojan but up until yesterday, the file was recognized by symantec as ransomware.
https://www.symantec.com/security-center/writeup/2019-050714-0552-99
Hi
For golden image export I need to give SEP client file.
Is there any procedure or shall I give particular OU SEP client??
How to prepare an SEP client for golden image.
thanks
Hi!
I have just upgraded my SEPM and some clients from 14.0.3876.1100 to 14.2.3332.1000. I noticed that most of my windows 2012 R2 and windows 2008 servers either having system freezed or SEP clients crashed with the following application error in the event logs:
faulting application name: ccSvcHst.exe, version: 13.4.0.26
faulting module name: libcurl-wintls.dll, version 7.64.0.0
Exception Code: 0xc0000005
fault offset: 0x00000b3ac
I had opened a Support Case with symantec, but still no solution..
Does anyone out there having the same issue? how did you manage to resolve?
Regards,
Isaac
When I click on "GET SOFTWARE" in MySymantec account (the page that shows the software detail and serial number), it just redirects me to the MySymantec logged i page. What am I supposed to do?
Cheers,
Russell Coghlan
Perth, WA, Australia
I used below endpoint to upload the file from SEP to SEPM so I want to fetch uploaded data I used this endpoint (command-queue/file/{file_id}/details) to do that but it needs to file_id; but the first endpoint only returns the command_id.. Please someone help me to get the file_id.
1.api/v1/command-queue/files
When I try to move it to the column from the right with admin rights, I get this error:
"Login to xxxx (xx.x.xx.xx) failed. The client could not be installed on the remote computer
For detailed information about possible solutions, see the following Symantec Technical Support Knowloadge base article......."
We have already checked the ports needed and all of them are opened
Someone know how to scan client machine remotly I used it for below endpoint, so It's need eoc.xsd, I got that file but I don't know how to use it. could you please someone explain how to use that.
- api/v1/command-queue/eoc
Hello,
With SEP 15 cloud, all client is directly connect to the managment console cloud.
It's possible to install a liveupdate server on local to carry update from symantec website and permit client to download virus definitions on local?
The Version of Symantec Endpoint Protection does not match the Version of the Database.
Does anyone know the Problem and could fix it.
Hi All,
I known that
Actual action - the action SEP took to remediate the threat
Requested action - usually the same as actual action. this is action SEP is wants to perform.
Secondary action - action to take if the actual action does not work
But I found some logs shown "Actual action: Deleted, Requested action: Deleted, Secondary action: Left alone".
What does this mean? pls help me.
Thank you.
Good morning gentlemen.
A customer wants to perform SEP monitoring by leaving his dashboard on a screen. Access is being made via browser. We note that in a few minutes the screen displays time out. Is there any way to increase the time out and refresh the screen? Access is done by the url https: // [IP_DO_SERVIDOR]: 8443 / console / apps / sepm
Here are the Device Protection Details
I am using the SEP 15 Cloud Manager (https://sep.securitycloud.symantec.com)
We have a device that inddicates a status of COMPRIMISED. However there we can find no way to resolve the issue.
THe logs indicate a bunch of BLOCKED Network Intrusion Prevention Alerts.
One we see that is outbound "Web Attack: Masscan Scanner Request"... It shows as blocked also
The machine itself seems fine when we log into it a look at the Symantec Endpoint Protection manager.
Is there anything we can do to get the status back to SECURE.
Thanks
Charles
Hello,
After create trial tenant, i get this error when connecting to the portal
I have a situation where I need to install a different Sylink file in different environments for installs of 14.x client on Win 10. I have pulled the Full Install from the SEPM and looked in setAid.ini and Setup.ini to see if there is anywhere I can specify a different Sylink to include but have not been able to find that or find any reference on a command line switch to do this. I also know I can export different setup.exe packages from each environment but that this is for testing progression through test environments and if I did that my production setup would not really be run until production. Please let me know if anyone knows how to do this.
My bank has recently installed new online banking software on their webpage, thinkbank.com. As a result, there is no longer a box in the upper-right corner for me to use to login to my online banking. I contacted my bank's customer support line, and long story short, they are insistant that this is an issue with my anti-virus software, and I need to contact you to whitelist thinkbank.com domain so that I can log in to online banking. I currently have the following installed:
Symantec Endpoint Protection for Mac
Version 14.0.1 (14.0 RU1) buiild 3752 (14.0.3752.1000)
Is this something someone can assist me with?
Hello! SEPM 14 cannot update the definitions for SEP 12.1.x clients. LiveUpdate running, find and download definition for SEP 14 clients, but not find definition for SEP 12. LiveUpdate status show "No updates found for Symantec Endpoint Protection Win32 12.1 RU6 (English)". LiveUpdate Downloads show latest revision "03/27/2019 r6" for SEP12.1 definition.