Hi All,
would you please suggest regarding this issue
Error Msg.
proactive threat protection is not functioning correctly. your protection definitions may be damaged or your production installation may be corrupted
SEP v.14
after an update to 14.2.3332 we are not able to correct services that have been diabled due to component malfuntions. tried running live update no luck and a restart.
I am logging after 10 days into my machine. My machine is having out of definitions. My question is, when I login to my machine with out of definitions, do I need to wait for the HEART BEAT for my machine to connect with SEPM or will the SEP Client will automatically connect to the SEPM for policy and GUP for definitions? Which will happen first? Can somebody help me out with this?
I have 60 clients in various groups/subnets that are NOT getting virus updates. They have a green dot. Are communicating to SEPM. Can be scanned/interacted with. The LiveUpdate policy is configured how it should be. SEPM has the latest definitions. But they simply refuse to update their definitions. I am losing my mind over this, as nothing I've done has made any difference. "Update content" on these clients goes through, no errors. But definitions stay old. Can you please assist.
I am logging after 10 days into my machine. My machine is having out of definitions. My question is, when I login to my machine with out of definitions, do I need to wait for the HEART BEAT for my machine to connect with SEPM or will the SEP Client will automatically connect to the SEPM for policy and GUP for definitions? Which will happen first? Can somebody help me out with this?
I have the latest LUA ver installed and wanted to know what is the password for user:lua
This is in the distribution center.Image may be NSFW.
Clik here to view.
Hi,
At mutiple client sites we face this issue where, the SEP clients:
But upon searching for them on the SEPM results in no entries i.e., unable to find them in the Client groups?
Below are the SEPM / SEP versions from both the sites:
Did anyone else face this issue? If so any solution found?
Hello,
Am trying to move SEPM to new server, following instructions here https://support.symantec.com/us/en/article.tech160...
I have recovery files and database backup (embedded type).
On the new machine - run the SEPM installer, select "Use recovery file" - the config still asks me for information, duly filled out same as previous installation.
Sign into a blank SEPM, no clients etc.
Stop the 2 services, then run Database restore which completes succesfully.
Then the config assistant starts up again, goes through all steps again ("Use recovery file") including a 2nd run of LiveUpdate.
And I'm back at a Blank SEPM.
I've gone through https://support.symantec.com/us/en/article.tech160... with a fine-toothed comb and it's clearly missing steps.
Does anyone have full instructions for an exact like for like (same hostname and IP address) reinstall of SEPM on a new server?
Thanks.
As per the document https://support.symantec.com/us/en/article.tech93813.html, it is said that a GUP can support 10,000 clients. If anybody could clarify that, is it 10,000 concurrent connection with clients at a time?
Once SEP client installed on any machine, its trying to connect to liveupdate.symantec.com to download the content updates though we configured Group Update Provider's. Is it normal? if not, why its connecting?
One other question is that is there a way to track the size of the content update files being downloaded?
i'm using C# restclient to get client information for some specific hostnames. passing json query
[{"computerName":"hostn1"},{"computerName":"hostn2"}]. i getting first page response with 20 client details which is reporting to the SEPM.
How could i get only the response for the hostnames which i passed in. Some one suggest to get this achieved.
Passing this as QuerystringParameters. Getting response but with the whole results ,even i can't loopin through pages. which i can successfully achived for grouplisting.
any help please...
Hello,
Am trying to move SEPM to new server, following instructions here https://support.symantec.com/us/en/article.tech160...
I have recovery files and database backup (embedded type).
On the new machine - run the SEPM installer, select "Use recovery file" - the config still asks me for information, duly filled out same as previous installation.
Sign into a blank SEPM, no clients etc.
Stop the 2 services, then run Database restore which completes succesfully.
Then the config assistant starts up again, goes through all steps again ("Use recovery file") including a 2nd run of LiveUpdate.
And I'm back at a Blank SEPM.
I've gone through https://support.symantec.com/us/en/article.tech160... with a fine-toothed comb and it's clearly missing steps.
Does anyone have full instructions for an exact like for like (same hostname and IP address) reinstall of SEPM on a new server?
Thanks.
As per the document https://support.symantec.com/us/en/article.tech93813.html, it is said that a GUP can support 10,000 clients. If anybody could clarify that, is it 10,000 concurrent connection with clients at a time?
Hi All,
I'm an Endpoint Admin and I'm looking to explore the API Integration feature with SEPM 14. Hoping to automate some redundant tasks for the AV-Admins.
I've been trying to test the response status of SEPM for API requests, However I am not getting a proper JASON formatted reply instead I'm getting a message saying there was an error with reply from the host and that the connection was closed along with some proxy information within the Error Body.
Please advise how to proceed or if there is something that can be done from SEPM to get a reply to the GET request from the API.
Query:
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $True }
[Net.ServicePointManager]::SecurityProtocol =[Net.SecurityProtocolType]::Tls12;
$access_token="0410bba5-YYYY-4104-a7f1-XXXXXXXXXXXXXX"
$header=@{Authorization='Bearer '+$access_token}
Invoke-RestMethod-Urihttps://SEPM_IP:8446/sepm/api/v1/computers-Headers$header
Testing using PostMan and Powershell
Thanks in Advance!
Regards,
EK
Hello All,
I need to upgarde SEPM 12.1.6 MP6 to 14.2 , please guide me to achive this task , and provide me link to downlod SEPM14.2
Thank you
I have a user with this error every time they open a PDF. Since I am new at SEP and our old admin of it quit, I have a couple of questions in getting this resolved:
1) Is this something that can be fixed from the user's console? Unfortunately, most settings are grayed out in the console, would like to know how it's possible to enable those when needed. Or even better, if we can filter it out to certain users so I don't enable it for the entire organization.
2) Or maybe if that version of Acrobat it just needs to be whitelisted, where would I do that in SEPM?
I'll get the logs from his PC later as well, may help.
If a file is blocked by MD5 in SEDR, SEPM would forward the blocked events to SEDR. As of now SEPM only forwards risk events via the ALERTS table to SEDR.
Hello all,
I'm running a trial of SEP 15 on Windows Server 2016.
The package used to install the client on Server 2016 is the same as on a Windows 10 client.
The Windows 10 installation shows that 'Proactive Threat Protection' and 'Network and Host Exploit Mitigation' are installed along with the ''Virus and Spyware Protection'.
The same package only installs 'Virus and Spyware Protection' on the 2016 Server.
Both windows 10 and 2016 server are showing 'No problems deteted' however the security cloud console is showing status of 'Not Computed' and status reason of
'Not Found (SONAR) + 8 others'.
any help appreciated,
kind regrds, NC
Hi all,
I was working with SEP 14.2 and the features "Block Removeable Devices" only can block USB, Mobile Hard disk but not Smartphone. This is a weak point of SEP, can anybody tell me is this fix in version 15 or any version or this weakness still there ???
This morning I started receiveing these kinds of messages to include svchost.exe, ntoskrnl.exe, dashost.exe. I have Windows 10 and Version 14.2 RU1 build 3333 of Endpoint. Any help would be appreciated.