I need a solution
We have installed more than 1000+ nodes and now in one system it shows Peer Certificate cannot be authenticated with given CA certificate issue in client connection status.
Client: 14.2.770
0
↧
Peer Certificate cannot be authenticated with given CA certificate.
↧
Virus Definitions not getting updated in some servers and clients in same group where other machines are updated.
I need a solution
Hello Friends,
In my manager console , in some groups virus definitions are getting updated although they are online. I checked the server connection status its connected and the other machines which are online are updated but these machines which are not updated are also online. Kindly suggest.
0
↧
↧
SEP License issue.
I need a solution
Hi Team,
How to release the license from server,Say we have 100 license and we are installing the sep on server which will be decommisioned in an hour or so for testing.
How to transfer this license to other server?
Regards
Dev
0
↧
Using REST API for getting suspicious files from endpoints
I need a solution
This is refering to https://www.symantec.com/connect/forums/using-rest...
As per https://apidocs.symantec.com/home/saep#_send_a_sus... I was able to issue a "/api/v1/command-queue/files" command successfully which then returned the commandID.
Based on this ID I found the [BINARY_RESULTS_ID] in the [COMMAND] table with the given [COMMAND_ID] to run the "/api/v1/command-queue/file/{file_id}/content" successfully, too.
When saving the file as 7z or any other extension I was able to open the "archive" with 7zip and saw two files:
binary file
metadata.xml
<?xml version="1.0" encoding="UTF-8"?>
<MetaFile>
<File Key="128" OriginalFileName="\\?\C:\Windows\System32\notepad.exe" OriginalFilePath="\\?\C:\Windows\System32" FileName="fa2258b2cc57610861ed1279079e2854cce6768178fe7b3e952a56a990403e66" FileSource="filesystem" FileXORed="true"/>
</MetaFile>The only issue I'm facing now is that I'm unsure how to "convert" the binary file back to its original format (.exe)
Mainly because the raw data isnt matching the raw data of the input file
0
↧
SEP 15 for Mac OS
I need a solution
Hi All,
does onprem SEP 14.2 and SEP 15 has same feature and funtionality,
using SEP 15 can we achive this on Mac OS. need your expert advise. for same.
1. Policies are not showing on MAC Client.
2. Application and Device Control configuration.
3. MAC OS Hardening Configuration
4. Unable to manage MAC client from SEPM cloud console
0
↧
↧
Your administrator has locked this feature
I need a solution
I wish to change some settings in the Sep Client. However, even when I use an Administrator Windows account and try to change the SEP Client settings, i get a message that says "Your administrator has locked this feature".I cant update
The SEP Clients are standalone (ie. no central SEPM server is managing them),
0
↧
wax####.tmp Security Risk Found Alerts
I need a solution
Symantec Endpoint protection Manager (SEPM) sent to mail alerts about wax###.tmp files (#### = 4 characters random strings) and this kind of reports are still sent to us.
Alerts are sending from by both servers and clients. All wax.tmp files's hashes are different from each other but file path is same (c:\windows\temp\...).
Report file looks like:
At least one security risk found:
Risk name: Heur.AdvML.B
File path: c:\windows\temp\wax2342.tmp
Action taken on risk: Cleaned by deletion
I have searched many websites related to this issue but we haven't got correct answers. Why we get this kind of alerts and how can we reach the root source's of this problem?
Kinldy someone confirm which application is using this application
0
↧
Add client after update to 14.*
I need a solution
Hi everyone,
i had symantec endpoint protection version 12.* until yesterday and when i had to add a new client to the SEPM list was enought to select "add computer" on the left of the client page and insert the name of the pc, domain and a description.
Now, with the version 14, i cant find that feature anymore.
Could you help me please?
Thanks
0
↧
SEP 14.2 RU1 Clent IP addrtess issue.
I need a solution
Hi,
We have approx. 70 users with 1 Management Server all running SEP 14.2.1015.0100. We have experienced no issues. Last week I updated the SEPM to SEP 14.2.3332.1000. I also pushed out the client software to 3 WIn 10 Pro machines (1809) and 2 Win 7 Pro machines all for testing purposes. The machines are in 2 different groups on the SEPM. On the management server, under Clients - Client Status the 3 Win 10 machines show the client IP as an APIPA 169.254.xxs.xxx address. The 2 Win 7 machines show the correct IP but at the Home screen client status report 1 Win 7 machine show an APIPA address. The other Win 7 machine reports the correct IP.. In all cases the last connected IP shows the correct IP
All the machines are reporting properly to the SEPM and receiving updates. I rolled 2 of the Win 10 machines back to SEP 14.2.1015.0100 and the IPs are now reported correctly to the SEPM. The remaining machines still exhibit the issues noted above. I have run Symdiag on all the machines including the server and only the typical minor issues show. I also ran the db validator on the server and the db is fine. As another test, I deleted the remaining Win 10 machine on the SEPM and waited for the next heartbeat and the SEPM showed the correct IP. Several seconds later I refreshed the screen and the console was reporting the APIPA address again. The 2 Win 7 machines have static IP addresses and the Win 10 machines all use DHCP but have reserved IP addresses in the router, so they always are given the same IP. The groups are on different subnets and each group has its own router. A VPN tunnel exits between the 2 groups.
Has anyone experienced this with SEP 14.2.3332.1000? We never saw this behavior with the prior version. Your thoughts are appreciated.
0
↧
↧
Need help with updating strategy for SEP clients
I need a solution
We have many locations across the globe and GUP startegy may not work as its recommended to place GUP in local/same network. I am planning to use Live Update administrators to place in each data center and the clients of remote sites get updates from LUA in data center.
Will this strategy works?
If LUA works. Is there anyway to control the bandwidth for clients to update from LUA?
What content updates need to be selected in LUA for download and distribute?
If LUA does not work, do you suggest any other rather than using GUPS?
0
↧
LOGS USB
I do not need a solution (just sharing information)
can a rule be made in Application and device control, to obtain logs of what is copied in the USB?
0
↧
Linux SEP clients not connecting to Management Server
I need a solution
Hello,
I am trying to connect my Linux clients to a Windows Management Server and none of them seem to be appearing. All of my Windows workstations are able to connect to the management server, but the Linux servers cannot. The firewall on the Linux servers has been stopped and disabled. The debug.log says the same thing for each server "[ERROR] Send of message returned error 400 Bad Request" followed by "[WARN] Failed to connect to server <server_name> ServerException." I'll attach the file I got from one of the servers when I ran the SymDiag tool. Any idea what may be causing this error?
0
↧
Upgraded SEPM but handful of clients are for reboots
I need a solution
I upgraded SEPM from version 14.2.1031.0100 to version 14.2.3332.1000.
Multiple clients are saying they require a reboot. NO AUTOUPGRADES were configured. Not all clients requesting this reboot, only a handful. I need to know why this occurred but cannot find an answer.
0
↧
↧
SEP Blocks Installation of Microsoft Office 2013 / 2016
I need a solution
We have an issue where our SEP Install blocks or hangs the instalaltion of Office.
Once we uninstall SEP from the client machine (tested on numerous); it works again.
Please advise on any way forward as this work around is not the best.
In checking Windows Logs it shows up no errors and the Syamtec Logs show no details as well.
Help please.
0
↧
Duda con exceso de licencias
I need a solution
Hola buenas.
Estoy implementando SEP 14.2 en mi empresa y tenemos 150 licencias. Hemos superado en 10 licencias y sigue funcioanndo. Me gustaría saber que problema tienen esas 10 maquinas, dejarían de tener soporte con LiveUpdate? no se actualizarían las politicas? he revisado la documentación pero no hace referencia a que ocurre con ese exceso.
Un saludo
0
↧
New Version of SEP 14.2 RU1
I need a solution
I see Symantec has just released 14.2.3335.1000 . Does anyone know what changes were made since 14.2.3332.1000?
0
↧
Endpoint Protection Evidence of Compromise file validation failed
I need a solution
I used below endpoint; but I don't know how to validate the eoc.xsd file please someone explain me how to validate the file and how to pass eoc.xsd file to request body.
- api/v1/command-queue/eoc
I got this error: Unable to provide the request - Evidence of Compromise file validation failed.
Thanks.
0
↧
↧
What windows user rights and permissions required to run luall.exe and to install/upgrade SEPM ?
I need a solution
In my environment ,we're runing luall.exe to update Definition in SEPM.
usually we run the luall.exe as an administrator.now our AD team going to disable all admin rights to our user.
So they requested us what kind of permission or rights for our user to perform daily SEPM tasks such as manual def update(also to upgrade SEPM).so they can create a restricted user,allowed to perform only the required task
I want to know is there any way to run/upgrade without full admin rights
I read the article about file permission https://support.symantec.com/en_US/article.TECH91181.html
which leads me to another question .whether A user without full admin rights ,can able to perform manual live update (luall.exe)\upgrade SEPM ,if that user with full access control (read,write and execute) only to all the Endpoint Protection Manager and its sub folders?
0
↧
Creating Firewall Rules
I need a solution
Does anyone know if there is an ability to allow RDP connections from end point to end point based on someting OTHER than IP? I would ideally like to create DNS rules or end point names to end point name firewall rules, since IP addresses can change, and it'll turn into a huge list of IPs that I need to keep updated.
0
↧
SEP 14.2 Windows Server 2019 Browse Network Error
I need a solution
When I remote push to Clients I get a network error when I browse network " The network location can not be reached, for more information see windows help". I can search via the search network function but not the browse network. I am running SEP 14.2 on Windows Server 2019 GUI. I have included a screenshot.
0
↧