Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

Unable To Login To SEPM With Active Directory User After 14.2 MP1 Upgrade

September 26, 2019, 12:16 pm
$
0
0
I do not need a solution (just sharing information)

After upgrade to SEPM 14.2.1, we lost the ability to log in to the Management Console with AD authentication.  This is a known issue:

https://support.symantec.com/us/en/article.tech251819.html

If you use AD authentication to log in to SEPM, MAKE SURE you have a working local administrator account before you perform the 14.2.1 upgrade.  You will not be able to use your AD account on SEPM login page.  You will have to be able to log in using a local admin account in order to fix the AD authentication problem:

Admin/Servers/Select management server below Local Site (My Site)/Edit the server properties/Directory Servers tab/Select a Directory Server and click Edit/Enter a FQDN in the "Server IP Address or Name" field - not just the hostname

I found that the IP address of a DC did not work for me, but a FQDN did.

Also, if you are running SEPM in a virtualized environment, create a snapshot of the server before attempting the 14.2.1 upgrade.

0
Search

worm Win32/Mofksys.NA!MTB

September 29, 2019, 1:40 am
$
0
0
I do not need a solution (just sharing information)

Dear admin,

Can you help check Symantec endpoint Protection have update worm Win32/Mofksys.NA!MTB, my company does exist this Worm and Symantec Endpoint Protection can not found this worm, but Windows Defender is ok. Pls help add it on Symantec Endpoint Protection. Thanks you

0

Spyware and Risk

October 4, 2019, 9:44 pm
$
0
0
I need a solution

Hi Team,

Today on my scan report under Spyware and Risk it was showing  risk below are the details. Need help on this on urgently.

Risk Name: Sonar.susplaunch!g90 security Risk    Sethic.exe is cleaned/Blocked  

Regards,

Rajesh Vanapalli

0

Collect information to generate Full report (Network Threat Protection)

October 5, 2019, 12:41 pm
$
0
0
I need a solution

Hi,

I am new and I have started using the SEPM API 14.2 to collect information and generate reports. So far, I have been able to collect enough information to generate a Computer Status Report.

My next step is to generate a report using the information for the Network Threat Protection - Full Report. However, I cannot get the information I need.

Using the following API:

/api/v1/stats/client/infection/{reportType}/{startTime}/to/{endTime}

I am able to collect some basic information but not all I need (attack, severity, etc) and only at a very high level aggregation - I need the information for each Group Id or host.

I am wondering if it is possible to get the information using the SEPM API or if there is any other way to get it from an API.

Thanks.

0

Convert basic protection for servers to full protection for clients

October 8, 2019, 2:39 am
$
0
0
I need a solution

Hi,

Someone wrongly installed basic protection for servers package for normal users. I now need to convert it to full protection for clients. How can I proceed?

0
1570528730

Web Attack: Malicious Scan Request 2 attack blocked. Traffic has been blocked for this application: SYSTEM

September 30, 2019, 2:51 am
$
0
0
I need a solution

Since a week i see these events 400 in the application log:

Web Attack: Malicious Scan Request 2 attack blocked. Traffic has been blocked for this application: SYSTEM

Since system is the windows kernel i worry what this could mean.

The symantec signature description doesn't bring any clarity, it only makes me worry more:

https://www.symantec.com/security_response/attacks...

Does somebody know what is happening here and if action is needed and what?

gr,

Ronald

0
1569941797

Convert basic protection for servers to full protection for clients

October 8, 2019, 2:39 am
$
0
0
I need a solution

Hi,

Someone wrongly installed basic protection for servers package for normal users. I now need to convert it to full protection for clients. How can I proceed?

0
1570528730

Web Attack: Malicious Scan Request 2 attack blocked. Traffic has been blocked for this application: SYSTEM

September 30, 2019, 2:51 am
$
0
0
I need a solution

Since a week i see these events 400 in the application log:

Web Attack: Malicious Scan Request 2 attack blocked. Traffic has been blocked for this application: SYSTEM

Since system is the windows kernel i worry what this could mean.

The symantec signature description doesn't bring any clarity, it only makes me worry more:

https://www.symantec.com/security_response/attacks...

Does somebody know what is happening here and if action is needed and what?

gr,

Ronald

0
1569941797
Search

How to make Reporting with Symantec.

October 9, 2019, 7:28 am
$
0
0
I do not need a solution (just sharing information)

Hello,

I want us to write some reports about Symantec. The content of these reports is as follows;

Do you have blocked on the machines (file, exe, bat, etc ...). Preparing them weekly.

Default view with USB and CD-ROM enabled.

1 week Viewing systems that are offline weekly.

Reporting machines with virus definitions older than 3 days.

shaped.

There may be other correspondence, but I'm sorry. I'm new here and symantec. I would be very happy if you could support me on this.

Thank you very much to everyone in advance.

Regards,

0

How can groups threats comes as an email notifications

October 9, 2019, 7:31 am
$
0
0
I do not need a solution (just sharing information)

Hello,

I'm USING SYMANTEC ENDPOINT PROTECTION MANAGER 

I have been facing challengs that i have received alot of notifcations to my mail box, so what i want is to group together lets say 5 threats detection comes as one tofication.

Kindly assist to know.

0

how to stop Symantec Endpoint Protection Cloud service

October 9, 2019, 12:08 pm
$
0
0
I need a solution

Hi,

How can I stop the service Symantec Endpoint Protection Cloud ( SCS )

0

My Symantec and Support

October 10, 2019, 12:55 am
$
0
0
I need a solution

Hi,

Where can I download the updated software and where can I create a case? 

It seems Symantec updated the site.

Below site required the support ID - I only have serial number of my product.

https://mysymantec.force.com/

Thanks,

APK

0

Using Endpoint Prevent to block uploading classified document to public web services like gmail attachment or social media...etc

October 1, 2019, 2:03 pm
$
0
0
I do not need a solution (just sharing information)

Hi,

I have customer with Endpoint Prevent detection is used only for confidential files, the question is, how to configure the policy to prevent the user from uploading these confidential document to be uploaded to gmail attachment or facebook, or any other public file hosting in the internet?

Thanks 

0

My Symantec and Support

October 10, 2019, 12:55 am
$
0
0
I need a solution

Hi,

Where can I download the updated software and where can I create a case? 

It seems Symantec updated the site.

Below site required the support ID - I only have serial number of my product.

https://mysymantec.force.com/

Thanks,

APK

0

.dat files in Library/Application Support/Symantec/Antivirus on Mac

October 10, 2019, 8:22 am
$
0
0
I do not need a solution (just sharing information)

I'm a mac user and have been running low on disk space for a while. I recently found out most of the disk space was occupied by 'system files,' a huge part of which consisted of various .dat files under dozens of folders named after dates (e.g., "20171212,""20171121") in Library/Application Support/Symantec/Antivirus folder. 

My questions are, 

1) What are these files? 

Individiual .dat file names include "tcdefs,""viruscan,""hp,""hf,""tcscan," and some others. 

2) Is it safe to remove some of the older folders/files? This AntiVirus folder (under Library/Applciation Support/Symantec) is taking up more than a 100 GB space. 

I would much appreciate any advise/help! Thank you. 

0
Search

Will Auto-Protect block a malicious file from being copied

October 10, 2019, 8:00 pm
$
0
0
I need a solution

Hi All,

I need help in identifying how Auto-Protect will treat a particular scenario. 

Say for instance I have a bunch of file shares that do not have any form of Anti-Virus software on them but I have Symantec Endpoint Protection on my computer in an enterprise environment.

I conduct the following scenarios,

- I connect a external storage device to my machine and copy a file from the external storage directly to the unprotected file share.

- I'm browsing the internet and download a file directly from the internet to a fileshare. 

During both of these scenarios I'm connected to the corporate network. 

Now if the file in both scenarios happens to be of malicious nature, will it be blocked? 

https://support.symantec.com/us/en/article.tech94990.html states that,

" File System Auto-Protect is a type of ongoing or background scan that provides real-time protection for files on your computer. Whenever you access, copy, save, move, open, or close a file, Auto-Protect scans it to ensure that a threat or security risk is not present."

In these scenarios, the file is not being copied to the local machine and as far as im aware, no temporary files are created, so will SEP block/treat this action? 

Thank you guys.

0

start date license symantec end point change when renewal

October 11, 2019, 8:03 pm
$
0
0
I need a solution

Hi all.

     Please help. the license symantec end point start date wil be change because the purchase is license 3 year old, starting 06 sep 2019 and expire on 06 sep 2022,

*see picture symantec1.JPG

and has extend the license for 1 year to expire 06 sep 2023,

*see picture symantec2.JPG

     but when activate license on symantec end point.   I found that the start date is 06 sep 2022 and expire 06 sep 2023, why start day is not 06 sep 2019 and expire 06 sep 2023.

*see picture symantec3.JPG

     Ps. This year in picture show is thai year (buddhist)

Thank.

0

find partner

October 13, 2019, 10:06 am
$
0
0
I need a solution

Hi Please help me to find partner in yemen or any method to buy Symantec endpoint protection license Best regards

0

Imported File finger Print can be open?

October 14, 2019, 12:17 am
$
0
0
I need a solution

hi Guys,

i run command to a group which is to collect a FIle Finger print and application running on group. may i know if i can open and copy the content the imported file finger print result to excel?

do you have a sample finger print output?

thank you!

0

Migrating from 14.x (on premise) to 15 (cloud)

October 14, 2019, 12:58 am
$
0
0
I need a solution

Hi to everyone.

I am little bit confused regarding what is the best way to move from on prem SEPM to cloud.

We have a 14.2 SEPM installation and most of our endpoints runs 14.1 or 14.2 agents.

We need to 2 things:

1. to be able to download updates from a local (LU or SEPM) server (because utilizing bandwidth everyday to update 500+ agents is not acceptable and also there are servers that do not have internet access)

2. to be able to upload events and logs to a local server and then to cloud

As far as I understand, there is no GUP functionality as we speak.

Question 1: If we go forward with a clean configuration in the Cloud console, we have to create multiple system policies for each site for the different LU sever, in order to achieve LU update from on premises server. I am correct?

Question 2: If we go forward with a clean configuration in the Cloud console, is there a way to sync with on prem AD (like the integration that exists in the on prem SEPM) or the only option is to re-create all groups from scratch?

Question 3: If we create a hybrid setup an continue to manage the endpoints from the local SEPM, is there the possibility to manage our laptops from the Cloud and all the rest from SEPM?

Question 4: SEP agent 15 is supported from SEPM 14.2?

Question 5: In hybrid setup, is there the possibility that a laptop is manages, updates etc from the SEPM and when it is out of the enterprise network to get managed, updated etc from the Cloud?

Question 6: What is effect, policy-wised, to migrate policies from SEPM to Cloud?

I know I ask for lots of information but those are basic questions that I do not seem to get answers from the documentation.

Thanks in advance,

George

0
Viewing all 10484 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>