I have a typical 24-inch monitor, but the Log Monitor window in the Symantec Endpoint Protection Manager is only used up a quarter of the space on the screen. Does anyone know how to resize it and take advantage of full screen. My SEPM is running the latest version 12 RU2. Thanks in advance.
I have some older computers I need to support, and one problem I have with these machines is the Symantec antivirus Startup Scan. It makes these machines just crawl when people are trying to logon. It can take several minutes of hard drive grinding for the desktop to appear after they logon to the domain.
I am trying to figure out what useful thing the Startup Scan actually does, and I'm having a really hard time justifying why it should be done at all, for any machine. It doesn't seem to be doing anything all that beneficial, that the realtime scanning isn't already going to be doing anyway.
,
Is there any real point to scanning every Windows system file, as fast as possible, when users are trying to logon, just to get to work? Why scan system files the users don't actually need to use right now, and actually might never use during their current logon session?
If the users do need to use some windows system files.... those files will be scanned anyway by the realtime scanner when they are accessed later.
,
Also it is unclear if the realtime scanner provides any sort of speed improvement for users, or whether that is the intended goal at all. If a file is initially scanned by the Startup Scan, is it then not scanned if accessed later? Or is a file scanned every time it is opened regardless of previous scans?
If it's the latter case, then the Startup scan really just seems to be a way to make the machine slower..... for no particularly good reason.
,
I don't see what the Startup Scan is trying to accomplish, at all. It apparently should be disabled by default for everyone, and is nothing more than a way to justify marketing copy of the "protection features" of the software...
Hello everybody
Someone know a solution to run the Symantec Endpoint Protection Manager on a Mac OS X System?
Thank you for your help
Best regards
Giovanni
dear sir:-
my name is sajid hope u everything is fine. we are using symantec antivirus small business edition software its already expired sp just i want to know that how can i find licence number of the anti virus i have onlu CD
reply me
best regads
sajid
thanks
Hi guys,
Can anyone tell me the latest GUP Monitor version? SEPM 12.1
Thanks!
LEVD
Hi All
Subject title says it all
I have over 100 remote users who do not connect to the network on a regular basis and I want to know how I configure the clients to ensure that they get the virus definitions from Symantec if the default live update server isn’t available to them.
Also is it possible to limit this when they are connecting to a low speed connection such as 3G?
Sorry if these are basic questions but I’ve had this dropped on me and not quite sure where to start
My current settings for live update are (only showing enabled options)
Live Update Server Settings
Use the default Management Server – Enabled
Use A Live update Server (use default Symantec Live Update Server) - Enabled
Under the Advanced Setting
Allow the user to manually Launch Live Update – enabled
If you need any further info please ask
Thanks
I want to start out by saying that I am completely a noob at managing an Endpoint Server. I have learned a lot from just working my way through some issues, but I have ran into an issue that I can't seem to remedy on my little bit of knowledge or google.
We run Endpoint Protection Manager Ver 12.1.1.1101.401 RU1 MP1 and manage just over 200 machines with it. I have been able to edit policies to better fit our needs and so forth, again by either figuring out on my own or internet searches. The problem that I am having is that I have a machine that keeps showing up as still infected and I know the file that is showing as a threat is not. The file is from an installation CD for a software that was installed on the machine.
The software is k+can commander. It is a software for programming and resetting ECU's on automobiles. I have tried to create an exception to allow the software as safe, but the policy doesn't seem to help.
Any suggestions?
Thanks
Could somebody tell me the difference between "defintions released" and "extended version" on this webpage here: http://www.symantec.com/security_response/definitions.jsp
For example:
Behavior-based protection says defintions released 4/10/13 and extended version 4/4/2013 rev. 11. The extended version is what is installed on my clients. When I run liveupdate on the SEPM it completes successfully saying no new updates found. I was under the impression that behavior-based protection (truscan or proactive protection) defintions are released daily. Has this changed in 12.1?
SEPM version 12.1.2015.2015
Client version 12.1.2015.2015
We us DeployStudio to image all of our MACs. Right now we are using 2 DeployStudio servers with the latest build at two different sites. One server is 10.6.8 and one ia 10.8.2
1) On the clients I have already had to knock down security due to other packages we are installing down to the install unsigned items so my reading this change was due to the hightened security requirements really got my bugged a bit because the setting made it so this does not affect me at all.
With 11.x all I did was export the zip I exported the pkg from the zip and I put it in the DeployStudio packages folder and did a simple package install task in the workflow and BAM it all worked.
With 12.1 ru 2 I am now perplexed. Within the zip I exported I have the pkg file but I then have another folder that is Additional Resources that has all those major files like the sylink.xml and the setaid.ini.
So with still JUST using DeployStudio and knowing our security requirements on the machines has been dropped anyhow is there ANY way I can get these addition resources into the pkg file and deploy it in a single task in the workflow?
If I can't do that ca anyone outline the EXACT tasks i need to do with DeployStudio?
I am not MAC guy I m a windows guy tossed into MAC support so please talk to me like a mac/linux baby.
When I looked at the information I am findin so many different conflicting information on how to do this. I want to have this package install as a task sequence with the DeployStudio imiging prompt. I REALLY don't want to install this onto a machine and the "clean it out" and then make the image with it on. I try and keep my images as pure as I can and then add the software as needed.
Hi Everyone,
I am interested in hearing how some of you configure your Download Protection Unproven Files setting in SEP 12. I read that the suggested setting is to prompt users. This sounds like a good balance between just logging and quarantining/deleting the file. How do users react to being prompted when an unknown file is detected?
Thanks in advance,
Bob
I have a customer that has inquired about the following in regards to Endpoint Protection and Protection Suite:
- Is the virtual application identify the hardware ID or the OS ID?
- Will the SEPM be able to identify and label each asset (endpoint) based on OS, processor, RAM, etc.?
- Does SEP support NAS protection?
- Can SSR - Desktop copy/paste images to an attached NAS?
- Does SEP provide remote license asset (similar to Kaspersky's suite offering) - remote install of license and mgmt of devices?
- Does SEP have access tracking?
Thanks.
Have a client who has 11.0.5 deployed and I want to upgrade them to the latest. Does the new install (12.1) upgrade version 11 or will I need to uninstall 11 and deploy from scratch?
I Got a separate server with anti-virus install (Symantec antivirus) program version 10.1.5.5000
and Symantec system centre install to manage the client update
with my present scenario I have to update manually antivirus definition on server than on client trough Symantec system centre manually.
I want that the definition get update automatically to the server machine and then to the client without and manual interference
Hi Team, I am having a issue with sep, i am able to see many duplicate IP which are showing in sepm manager.
please help me in this.
Hi,
We have an environment with 3 main SEPM sites, 2 of which are working fine. The biggest site, located in the Americas, had a problem last April 13th with its 2 SEPM servers, where the SEPM services crashed after a Microsoft update. We found out a while later. After restoring the service, everything went back to normal, but now the data and information about end clients in the SEPM console does not get updated since April 16th although the end clients do have the latest definitions.
The clients from the other two regions/sites are showing fine in the console, but not the ones in the Americas. It is confirmed that the end clients keep receiving new definitions and the definitions in the SEPM servers are fine also and not corrupted.
Has anyone got into such problem in the past?
We are running SEPM 11.0.5 with a mix of 11.0.5 and 11.0.7 SEP clients. The SEPM console runs on Win2k3 R2 64bit servers.
Thanks!
Are there commands to repair SEP installation and force it to download policies.
Several people are trying to script this, rather than go to Control Panel, repair installation.
Hi;
Can someone direct me to where I would download the SEP11 package for Windows Server 2003 64bit?
I've looked in the download area, but can't seem to figure out which one.
I have a corrupt install and can't find the original file/media.
Thanks.
Gregg
Hello All!
I'm running a silent/no reboot install on one of my groups of the latest 12.1. The update makes it down to the client fine and after installation the green dot on the shield icon changes to yellow, indicating a reboot is necessary. However, upon refreshing the SEPM console the devices do not show that a reboot is pending. We have a 15-minute check-in interval on our clients and their status stays the same well past that time.
How do I get the Manager to show the devices that need a reboot?
Thanks,
Steve Hurd, MCSE, CCNA, VCP5
Floyd Memorial Hospital
New Albany, IN
Hi,
I'm having disk space issues on our SEPM v12 server. The C drives has 60GB of space but we're were down to less than a 1GB.
As a result, I investigated and found a 17GB access.log file that I deleted.
So if I use the SEPM Risk Log Settings defaults (I assume these Risk Logs get written to access.log) and if I use the recommended 30 revisions for 1000+ endpoints, how much disk space on the C drive would I need?
The content items we have are:
SEPC Virus Definitions Win32 12.1 RU2 H - MicroDefsB.CurDefs - SymAllLanguages
SEPC Virus Definitions Win64 (x64) 12.1 RU2 H - MicroDefsB.CurDefs - SymAllLanguages
Decomposer - 1.0.0 - SymAllLanguages
SEP PTS Engine Win32 - 6.1.0 - SymAllLanguages
SEP PTS Engine Win64 - 6.1.0 - SymAllLanguages
SEP PTS Content - 6.1.0 - SymAllLanguages
Symantec Known Application System - 1.5.0 - SymAllLanguages
Symantec Security Content A1 - MicroDefsB.CurDefs - SymAllLanguages
Symantec Security Content A1-64 - MicroDefsB.CurDefs - SymAllLanguages
Symantec Security Content B1 - MicroDefsB.CurDefs - SymAllLanguages
Symantec Security Content B1-64 - MicroDefsB.CurDefs - SymAllLanguages
SESC IPS Signatures Win32 - 11.0 - SymAllLanguages
SESC IPS Signatures Win64 - 11.0 - SymAllLanguages
SESC Submission Control Data - 11.0 - SymAllLanguages
At the 5 revisions we currently keep, the content takes 7GB.
Any help is greatly appreciated.
Thanks, Steve.
I am haveing a problem with replication between my two SEPM servers each has it's own MS SQL server that is seperate from the servers. when I try to manuall run a replication I get the follow The servers are runnning 12.1 RU2
Unable to reach remote Site [mysite]: Unexpected server error. ErrorCode: 0x10010000 [my site] [Server: my server]
If I reboot the servers I will get replication briefly then it stops working again.