I need a solution
hi,
what is the best way to change standard clients to darknet clients in SEP 14?
0
↧
best way to change from standard to darknet client
↧
Estimate SEP Manager Event per Second
I need a solution
Hi
Could you tell me an estimate or how can I get it for the event per second that the Symantec Endpoint Protection Manager(DB) will send logs to a SIEM sensor?
Thanks in advance.
0
↧
↧
Log for Manually Starting and Stopping SEP Firewall
I need a solution
When SEP is started and stopped manually, which log does that go into? Is it easy to tell which start/stops were performed manually, as opposed to the ones that were just caused by a system start or reboot?
0
↧
Pro/cons of SEP 14.x
I do not need a solution (just sharing information)
I'm beginning the project to upgrade our SEPM/clients to SEP 14 from SEP 12.1.6MP6, and I need anyone state any issues they came across during upgrade or any issues they have had with clients. Anyone seen a major/minor benefits? The SEPM console does it still use Java or did they switch to HTML5? How is detection, has it improved?
Thank you everyone for your time.
0
↧
If you run into problems with SEPM 14 and SQL 2014
I do not need a solution (just sharing information)
Sharing this info for people who run into problems upgrading SEPM to the latest version using SQL 2014 and not using a "strong" password
I moved my SEPM database from SQL 2008 sp2 to SQL 2014 because SEPM 14.1 cannot work with SQL 2008 sp2
Connected my SEPM 12.1 to the new SQL 2014 without any issues, then I started the upgrade process to SEPM 14.1. All went wrong from there. I could not upgrade my SEPM, the installation for SEPM went ok, the migration wizard connected to the database ok but did not complete all the steps.
I found in a Tomcat log the following error: THREAD 21 SEVERE: com.microsoft.sqlserver.jdbc.SQLServerException: Password validation failed. The password does not meet Windows policy requirements because it is not complex enough.
I changed the password for my SEPM DB to a more complex password, and started the migration wizard again. Now it runs and completes all steps successful.
Possibly the new Tomcat webserver in combination with SQL 2014 using a password not strong enough causes this issues. Its not only SQL 2014 because I could connect with the older SEPM 12.1 to the new database without any issues
Hope this helps people running into similar issues. I spoke with technical support for about 4 hours today but they couldnt fix the issue. I found the log file entry error and made the password complexity changes.
0
↧
↧
SEP 14 - Unexpected server error.
I need a solution
Regarding SEP 14:
I just upgraded my SEP 12.1.6 RU6, DEV SEPM to SEP 14, and every 30 seconds I'm getting the following in the server status area:
November 11, 2016 2:32:03 PM MST: Unexpected server error. [Site: Site InsertSiteNameHere] [Server: InsertServerNameHere]
November 11, 2016 2:31:33 PM MST: Unexpected server error. [Site: Site InsertSiteNameHere] [Server: InsertServerNameHere]
November 11, 2016 2:31:03 PM MST: Unexpected server error. [Site: Site InsertSiteNameHere] [Server: InsertServerNameHere]
November 11, 2016 2:30:33 PM MST: Unexpected server error. [Site: Site InsertSiteNameHere] [Server: InsertServerNameHere]
Any thoughts or logs I can check?
Thanks,
-Mike
0
↧
Enable "Disable Symantec Endpoint protection" on Client
I need a solution
I have 12.1.6 RU 6 enabled on Client PC ( domain joined) and I want to give the user temporary permission to DISABLE Symantec Endpoint protection". Now this option is greyed out.
I have enabled Client Control for user.
Also have changed the Client USer Interface Setting to : Client Control. Still it shows greyed out.
|
|
0
↧
A device attached to the system is not functioning
I need a solution
Dear Colleagues,
I am trying to install SEPM client on one of my Windows 10 PCs. When I click on the executable file (setup.exe) installation stops with the error message "A device attached to the system is not functioning".
I read somewhere on the net that executable files fail with this message when there if there is a problem with the hard drive. But all other executables and setup files are working fine on the same hard drive. I though the setup.exe file may be damaged, so I ran it on other PC, it goes well without any issues.
Screenshot of the error message is also attached.
Can someone or Symantec support please help
Kind regards.
0
↧
Virus Warning about c:\programdata\symantec\defwatch.dwh\dwhxx.exe
I need a solution
Hello Symantec Team,
since upgrade 12.1 to 14.0 i notice the following on my unmanged client. What is the cause for this?
0
↧
↧
SEP 14.0 Exploit Mitigations
I do not need a solution (just sharing information)
Hello,
I've read from one of your blog posts that the SEP14 memory exploit mitigation is signature-less (https://www.symantec.com/connect/blogs/exploit-pre...)
"Symantec Endpoint Protection (SEP) exploit prevention is called Memory Exploit Mitigation. It is signature-less, instead using an understanding of exploit behavior to pre-emptively block zero-day exploits."
However, from your support site: https://support.symantec.com/en_US/article.HOWTO125353.html, says that the exploit prevention is part of IPS and it downloads a separate signature along with Intrusion Prevention content.
Can you shed some light on this?
Regards,
SMRenan
0
↧
.Crysis files encrypted on domain controller
I need a solution
Hi there,
A customer called to say that a domain controller has been infected with a cryptolocker type variant. File extensions have been modified and extensions have .crysis at the end of the files.
Any ideas on what to get these files cleaned/decrypted? I have recommended the symdiag tool ,power eraser and nothing gets detected.
Thanks
0
↧
SEP 14 Upgrade
I do not need a solution (just sharing information)
Hi,
I just upgraded my SEP 14 version. Just want to share the interface and daily reporting are not user friendly.
Please update the same so that same can be enhanced in new version.
Thanks & Regards,
Shiju Chacko
0
↧
Can't start program after 14. update
I need a solution
Hi
So, on friday afternoon we updated our Symantec endpoint protection manager, and now it keeps blocking one of the extensions for Visma Document center.
I have tried setting policies that it wont scan or check the folder that it tries starting the extension from, but either i can't get it to work properly, or im doing it wrong.
See attached pictures for more information
Thanks in advance :)
0
↧
↧
Setting up SEP client uninstallation password
I need a solution
Hello Team,
I would like to know how to setup password protection for SEP on MAC from being getting uninstalled. Password protection settings available in SEPM only works on Windows platform. Is there anyway i can setup protection password for SEP client on MAC OS.
Any help/suggestion would really help.
0
↧
One Client Group showing up as Download Protection Content Out-of-Date
I need a solution
I have multiple client groups and just one of the the groups are coming back as out-of-date for Download Protection Content. I do not see anything different with the policies that are set between this group and the other server groups. How do I know what is causing this one particular group of servers to not be up-to-date?
0
↧
SEP Deployment Options
I need a solution
All of our assets have SEP (Symantec Endpoint Protection) installed on them through our imaging process. I'd prefer to discontinue installing the s/w via our imaging process and changeover to a method that would deploy a package automatically once the asset touches our network with the hope that each asset will update not only the package version but also the SEPM server name. Is there only one way to accomplish this through the remote push feature or are there other ways that I am not aware of? Thanks!
0
↧
Migrating all virtual servers to a new data center
I need a solution
We currently have a 12.1.6 MP6 SEPM server running on Windows Server 2008 R2 managing 135 12.1.6 MP 5 and MP6 clients at our primary location which only has one SEP Site and one Active Directory Site.
We are building a new data center at another location which will be a new AD site and will be migrating all or our servers to this new location. We would like to build a new SEP14 SEPM server at this new data center running on Windows Server 2012 R2 to manage our current 12.1.6 clients that will remain at their current location (other then the servers). The new server will be using a different ip subnet but will connect to the clients over a dedicated WAN link.
We would like to migrate clients from old SEPM server to the new SEPM server one at a time to make sure there are no issues, especially since we will be migrating servers to the new data center one at a time.
Should we create a new SEP site for this new server?
Do we need to install SEPM 12.1.6 on the new server and establish replication with the existing SEPM 12.1.6 server then upgrade it to SEPM 14?
Or do we need to upgrade our current 12.1.6 SEPM server to SEP 14 first, and then build the new SEPM 14 server at the new site and establish replication then?
Or should we install 12.1.6 on the new server, backup our current SEPM 12.1.6 server and do a Disaster Recovery to the new server, and then upgrade it to SEPM 14?
Any assistance would be greatly appreciated. Thanks
0
↧
↧
SEP 12 Manager
I need a solution
Hi all.
I have a doubt about SEP Manager.
I installed SEP Manager on a server. In order to protect that server I should also install the client on it?
Thank you all.
Best Regards
0
5068001
↧
v14 ccSvcHst.exe Terminal Server
I need a solution
It appears ccSvcHst.exe runs for every user after upgrading to v14 even with the LaunchSMCGui option set to 0 under HKLM\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\SMC. I also noticed the Download Insight "Files with" and "Files known by users for" is no longer locked down and users are able to change those settings.
0
↧
Distribution center for Live update
I need a solution
Dears,
My company use Symantec enpoint protection. Now we have a SEPM ( IP: 10.10.1.10) to control all SEP client to update from default Symantec server.
I want to setup an Internal Distribution center to download update from symantec server and distribute to all client. I try to setup LUA in a server ( IP: 10.10.1.20), afterthat I configure distribution center - with location ISS web server- on this computer too ( IP: 10.10.1.20). All port is enable to pass firewall. But the status on LUA when I click to test locaction is "unreachable". Please help me to fix it.
Thank you very much.
0
↧