I wish to change some settings in the Sep Client. However, even when I use an Administrator Windows account and try to change the SEP Client settings, i get a message that says "Your administrator has locked this feature".
The SEP Clients are standalone (ie. no central SEPM server is managing them),
i found a way to open the live update feture from being greyed out, but i want to be able to change deeper settings.
thanks a lot.
On LAN Network SEP works fine, but when I switch to wireless, SEP service in client stop works after 3 minutes.
Do you now what is the cause? In logs on windows or Symantec I didn't see nothing, and reinstall and remove didn't help.
Operating System is Windows 8.1 and Windows 10.
SEPM 12.1.6 (12.1 RU6 MP5, build 12.1.7004.6500)
Endpoint is 12.1.7004.6500.
Any help will be appreciated.
Thanks,
I have two SEPM for load balancing and need to move the SQL DB to a new SQL server.
Question is: Do I have to disconnect the second SEPM before I reconfigure the SEPM for the new SQL server name?
Thanks
We are upgrading to 14 from 12.1.6 and noticed that on our 32 bit Win 7 Pro systems the firewall in SEP was disabled so when we enabled it in 14 it blocks all traffic except DNS resolutions and anything that SEP does.
Pinging the router which the computer is directly connected to returns a "General Failure." It cannot reach any sites even though it resolves the IP from the DNS server. We can bring up the network monitor inside SEP and see that it is blocking traffic but it doesn't log anything. We tried this on multiple hardware platforms. Also with the firewall on the SECARS test fails from a browser, however with wireshark we could see that SEP could communicate to the manager and live update works.
So we tested on Windows 7 PRO x64 and Windows 7 Enterprise x86, got the same results.
With Windows 7 Enterprise x64 everything worked fine. I don't see any settings that pertain specifically to x86 versus x64 on the manager. We did notice that there is an extra tab in "Network and Host Exploit Mitigation Settings", on the Win7 Ent x64. The tab was called "Microsoft Windows Networking" , I am not sure if this has anything to do with it or not.
We have about 500 systems running Windows 7 Pro x86 so would like to get the SEP firewall to work with that version of windows.
Hello everybody,
I want to know how to activate and analyse the switching of locations at the SEP Clients 12.1RU6.
Is there an option to do this via registry?
The Option with the Trident Registry entry does not work for me.
If i log via SymDiag WPP Logging i do not found the specific value for the location. Maybe WPP is not the right tool to do that.
Thanks!
Hi,
One of my client is trying to install a third party vendor software however, symantec considered it has threat and blcoked the installation.
can you please let me know how to allow installation for him only for that particular software.
Hi,
I've inherited SEP admin responsibilities within our company and trying to grasp the best way for remote staff to receive SEP update content while working offsite. Currently we have two locations setup by the original admin that are configured as such:
Location: Default
Shared LiveUpdate policy settings:
- Use the default management server is selected
- Use a LiveUpdate server is selected
- Use the default Symantec LiveUpdate server is selected
- Enable LiveUpdate Scheduling is NOT selected
This shared LiveUpdate policy is applied to all staff laptops group AND all server groups within the organization.
Location: VPN users
Non-shared LiveUpdate policy settings:
- Use the default management server is selected
- Use a LiveUpdate server is selected
- Use the default Symantec LiveUpdate server is selected
- Enable LiveUpdate Scheduling IS selected w/4-hr frequency
This location is configured with our VPN IP address range
As I understand the reason for the VPN location is so that: a) offsite workers receive their SEP updates, and b) receive them via their ISP's internet pipe and don't clog the VPN tunnel. My question, is the VPN location necessary? After reading much of the online Help docs it seems a client laptop located offsite would in fact receive updates via the external LiveUpdate server using the default location settings (not over the VPN tunnel but rather via their ISP's external connection.)
I would be interested to hear how other SEP admins set up their locations/policies for offsite workers.
Thanks
Regarding the Download Randomization setting in the Communication Settings window. How exactly does this setting affect when clients within a group download policy and content updates? E.g. the default setting is 5 minutes...does this mean all clients within a group will begin to download their content updates with a 5 minute window, or that every 5 minutes a different individual client will download updated content?
Thanks
I have a VLAN set up for a Ubiquiti camera system. The recorder keeps getting its IP address blocked. I have added a firewall rule to allow all incoming and outgoing connections on the entire VLAN subnet but it is still being blocked. Is there another way for SEP to allow all traffic on that subnet into and out of my network?
Hi all,
I am receving the following alerts every day at 2pm and I can't figure out what is causing it:
1 computer reported file reputation lookup issues.
Reputation check for unproven files failed because of network errors for the last 3 days. Last Error at: 11/15/2016 11:44:597. Description: Status: 413, "Request Entity Too Large"
We are running SEP v12.1.7061.6600 on Windows 7 Professional, the workstation causing the issue is effectively in Kiosk Mode as it is a till in a Department Store and has no user interaction other than a clerk ringing up sales in the till application. The workstation communicates with SEPM on the Back Office Server running 2008 R2, which is generating the email alerts. I'd like to be able to find the cause of the issue and resolve it. The only solution I can find online are turning off the alerts, which doesn't address the problem!
Any help greatly appreciated!
Stuart
The lines between the columns are indistinguishable, either vertically or horizontally. it is because of the default color scheme that was implemented for the SEP console manager. Is there any way to adjust or change the default color scheme?
Thanks you
We acquired some offices and need to remove SEP from 100+ desktops. SEP is password protected and we cannot uninstall it when on the local desktop, because we do not have the password. We can do it with CleanWipe and I know CleanWipe cannot be used in a script, but we need to be able to script it as it would take too long to run it manually. Is there a way to create a script to remove it?
The SEP service is locked down where I cannot stop it and I noticed SEP is set to protect itself from tampering. I was thinking if I could disable the tampering setting through a script then may be I could use a script that manually deletes everything (registery entries, files, services, etc.). Is it possible to disable the tampering setting via command line or script?
Hi,
One of our EndPoint Protection Client has below error messages every few hours. This happend for more than 1 month. Updates seems to be fine with the latest virus defination etc.
System Log > “The latest Revocation Data update failed to load. The component will continue to use its previous content.”
Im currently deploying Symantec DLP and cant find a decent list of exceptions to add in to the local anti virus software. An example path would be \SymantecDLP\Protect\logs\
Does anyone have a good link
Cheers
Fal
People,
I have already built the Windows VM that is joined to the AD domain & running SEP client 12.1.6 MP6.
Since I'm about to create this VM as template, what should I do to ensure that the SEP manager is recognizing that the SEP client is now running from different server name and IP address uniquely ?
Thanks.
Hi All,
Is there any tool currently available to remove legacy SAV 10.0 ..
Thanks in advance
Any love for this tool in 14.0?
It stopped working for me after the upgrade.
Any love for this tool in SEP 14.0? It stopped working for me after the upgrade.
Hi, SEPM has stopped sending logs to Qradar. Where do I go in the console to troubleshoot this issue?
Hello,
Since a few weeks, our backup solutions tells us the following file is in use and cannot be back-up up:
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11611.sys
Can anyone confirm if this is a legit file from Symantec Endpoint Protection?
Thanks in advance.
Greetings,
Luuk