Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all 10484 articles
Browse latest View live

Symantec service cpu usage is very high on Sql servers

$
0
0
I do not need a solution (just sharing information)

Hi,

Did any buddy observed build 14.2.4815.1101 on all Sql Servers symantec service is very high at regular internals.Any info on this is very helpfull.

0

File exclusion

$
0
0
I need a solution

Hi,

I did, by mistake, tag a file as virus and now I cannot even download the file or install it anymore. I do not see it in the list of quarantined files and don't know how to correct the problem.

Any help is appreciated

Thanks

0

Script to uninstall SEP Cloud agent?

$
0
0
I need a solution

We currently use SEP Small Business edition and we are having issues uninstalling the Symantec Cloud agent that is listed in the control panel. I am able to remove the main program using this Powershell command:

(Get-WmiObject -Class Win32_Product -Filter "Name='Symantec.cloud - Endpoint Protection'" -ComputerName . ).Uninstall()

I am trying to remove the leftover cloud agent using the following Powershell command:

(Get-WmiObject -Class Win32_Product -Filter "Name='Symantec.cloud - Cloud Agent'" -ComputerName . ).Uninstall()

When I run this command, it does not uninstall the Symantec Cloud agent and get the following:

__GENUS          : 2
__CLASS          : __PARAMETERS
__SUPERCLASS     :
__DYNASTY        : __PARAMETERS
__RELPATH        :
__PROPERTY_COUNT : 1
__DERIVATION     : {}
__SERVER         :
__NAMESPACE      :
__PATH           :
ReturnValue      : 1603
PSComputerName   :

Return value should be 0 when it is cleanly uninstalled. Anyone have any ideas? I believe the agent can be removed from the SEP managed website however it involves going to each computer and installing it.

I have several computers I need to uninstall this software want and want to script it out into a GPO if possible.

0

Snatch Ransomware

SEP Client Communication Issues 14.2.53.23.2000

$
0
0
I need a solution
Good Morning,

I have a problem with the SEP for Mac OS client, the console has been updated to fix the vulnerability and to address the 
issue of the database not working to back up, after the upgrade, Windows and Windows environment testing and environments 
were performed. Mac, Windows has worked normally so far, but after testing in Mac environment, it does not work, 
Client for Mac OS 10.14 has been installed and it installs normally no longer communicates with console, updates vaccine, 
no longer has communication with the manager, not to impact my environment, had to reinstall the client before
14.2.1031.0100.

I wonder if anyone is also having a problem regarding this?
0

Configure External Logging On Failover Servers

$
0
0
I need a solution

Windows Server 2016

SEPM 14.2 RU2

Two servers set up for failover and load balancing

Is there a way for the non-Master Logging Server to generate syslog files (for SPLUNK in this case) if the MASTER logging server fails other than manually changing Master Logging Server on the secondary server?  Our Cyber team is questioning this possiblilty.

I am hoping there is a config file somewhere that I can change to make this happen.  Even if both are always logging, that is ok too.

Thanks!

0

Unable to download updates

$
0
0
I need a solution

Unable to download new updates. SEP client doesnt reach cloud and therefore no policies get handed down. Ran SymDiag but unable to send files.

0

External logging in SEPM with Failover configuration

$
0
0
I need a solution

My company has two SEPMs and we're trying to configure External Logging.  We have the primary SEPM configured to export logs to a dump file and our SIEM agent is ingesting the logs in the dump files. As long as the SEMP in datacenter a is active it writes logs to the *.tmp files in the dump directory.  If the SEPM in datacenter b becomes active, it does not write logs to the *.tmp files in the dump directory.  How do we make sure that whichever SEMP is active write *.tmp files in the dump directory(C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\dump\)?

0

SEP 15 - Disable Policy Inheritance for Device Groups

$
0
0
I need a solution

Hello,

In SEP 14.2 you can disable policy inheritance for client groups. Is it possible to disable inheritance for device groups in SEP 15?

Cheers,

Cameron Mottus

0

How to block youtube without google services in SEP Manager?

$
0
0
I need a solution

Hi,

When I block *.youtube.com (Domain host) in Rule of Firewall from SEP Manager, It blocks also my Google-Services (like GoogleDocs).

How to prevent block Google Services in this rule of Firewall?

How to block youtube without google-services in SEP Manager?

Thank you.

0

Issues running 14.2 RU2 on Catalina

$
0
0
I need a solution

I am curious to know if anyone else has reported issues running 14.2 RU2 on MacOS Catalina? During our testing we have noticed that Symantec now required admin privileges to enable Full Disk Access and because of this the process "com.symantec.mes.systemextension" continues to spike our CPU endlessly. I have rebooted and disabled the feature, but the process continues to spike. The only fix is a reinstall and to not enable this feature however, there is an error in the endpoint GUI that stated we need to fix it and enable the extension. 

0

Improving Linux scan times??

$
0
0
I need a solution

Hello community,

We have been working with SEP 14.2.x on Linux machines for a little while now, and one of the consistent complaints is that scan times are taking too long...sometimes 72 hours. As it turns out, many of the machines with excessive scan times have NFS Shares. I have seen this article: https://support.symantec.com/us/en/article.TECH240... and realize that exclusions can be made, but unfortunately, there is no easy way for me to ask our thousands of Linux users, what directories are actually NFS Mounts.

My question, is anyone using SEP 14.2.x on their Linux machines in a corporate production environment? If so, what policies have you implemented to improve the scan times, or performance of those Linux machines..or do you only rely on Autoprotect, and skip scheduled scans altogether? If not, is there a more robust, centrally managed, AV solution for Linux machines?

We would like to stick with SEP as our Antivirus solution on Linux machines, but at this point, it feels like the SEP Linux Client will remain the overlooked Redheaded Step Child (no offense to any real readheaded step children), of SEP 14's supported operating systems, at least for the foreseeable future.

Any thoughts or suggestions will be greatly appreciated.

-Mike

0

Symantec Endpoint Security & Windows 10 (1903) Error Prompt

$
0
0
I need a solution

Hi,

Recently I am experiencing a prompt while using Outlook 2016 with Symantec Endpoint Security add-on. Below is the screenshot of it:

I have tried disabled the add on via Outlook 2016 but still encountered this error. Is there any solution for this, apart from un-installing Symantec Endpoint Client?

Thanks. 

0

Can SEP record SSH logins history, including successful and failed logins?

$
0
0
I do not need a solution (just sharing information)

As title mentioned, can SEP record SSH logins history, including successful and failed logins?

0

Understanding Firewall Rules from SEPM

$
0
0
I need a solution

I'm trying to add firewall rules via SEPM Policies, but am confused by the Protocol page (see attached).

What is the difference between Source/Destination and Local/Remote and when do I use each case?

0

How to block youtube without google services in SEP Manager?

$
0
0
I need a solution

Hi,

When I block *.youtube.com (Domain host) in Rule of Firewall from SEP Manager, It blocks also my Google-Services (like GoogleDocs).

How to prevent block Google Services in this rule of Firewall?

How to block youtube without google-services in SEP Manager?

Thank you.

0

Issues running 14.2 RU2 on Catalina

$
0
0
I need a solution

I am curious to know if anyone else has reported issues running 14.2 RU2 on MacOS Catalina? During our testing we have noticed that Symantec now required admin privileges to enable Full Disk Access and because of this the process "com.symantec.mes.systemextension" continues to spike our CPU endlessly. I have rebooted and disabled the feature, but the process continues to spike. The only fix is a reinstall and to not enable this feature however, there is an error in the endpoint GUI that stated we need to fix it and enable the extension. 

0

Improving Linux scan times??

$
0
0
I need a solution

Hello community,

We have been working with SEP 14.2.x on Linux machines for a little while now, and one of the consistent complaints is that scan times are taking too long...sometimes 72 hours. As it turns out, many of the machines with excessive scan times have NFS Shares. I have seen this article: https://support.symantec.com/us/en/article.TECH240... and realize that exclusions can be made, but unfortunately, there is no easy way for me to ask our thousands of Linux users, what directories are actually NFS Mounts.

My question, is anyone using SEP 14.2.x on their Linux machines in a corporate environment? If so, what policies have you implemented to improve the scan times, and or performance, of those Linux machines...or do you only rely on Autoprotect and skip scheduled scans altogether? If not, is there a more robust, centrally managed, AV solution for Linux machines?

We would like to stick with SEP as our Antivirus solution on Linux machines, but at this point, it feels like the SEP Linux Client will remain the overlooked Redheaded Step Child (no offense to any real readheaded step children), of SEP 14's supported operating systems, at least for the foreseeable future.

Any thoughts or suggestions will be greatly appreciated.

-Mike

0

SEP14.x no loner works on Windows 7 fresh install

$
0
0
I do not need a solution (just sharing information)

I have recently discovered that SEP 14.x is no longer compatible with Windows 7. when attemping to add a managed client to a workstation using prepared exe package on a machine that never has had sep on it  the installer fails and rolls back. Management console sends new client email but live update never runs and event viewer has new entries in application. 

Errors; event ID, 34, 35, when defender product disabled changes to 36, 37. installer error 1603.

 I tried all the tricks, manually installing from media, disable defender and or essentails, clean boot etc. no luck. Then i build a new install patched it to 2019-10. and voulla it worked. management console send email and live update runs. Or so i thought. when you open the aspplication it hanges and never opens and live update never finishes 'finalizing updates'. Version 12.6 installs on original worstation with out a hitch.

0

SEPM affecting domain joining from remote system

$
0
0
I need a solution

I have a AD DC running SEP 14 which has several computers successfully domain joined.

I am trying to domain join another system which connects through a VPN, but this is not working.  I have double checked that all protocols are allowed through the VPN, and am now fairly sure it's SEP blocking it.  2 questions:

- Does SEP somehow distinguish a local computer from a remote one?  The remote system in my case is picking up a local IP address.

- What do I need to open up to allow a remote computer to join the domain?

0
Viewing all 10484 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>