Quantcast
Channel: Symantec Connect - Products - Discussions
Viewing all 12029 articles
Browse latest View live

Block Safe Remove USB Device

April 13, 2018, 10:49 pm
$
0
0
I do not need a solution (just sharing information)

Hi,

The File "System Volume Information\EfaSIDat\SYMEFA.DB" blocks the remove of external USB devices.

The Symantec version is 14.0.3897.1101

I saw this "solution": https://support.symantec.com/en_US/article.TECH240567.html

May be it is acceptable for home users with admin-rights and their only USB device, but i can't belive there is no real solution for enterprise users.

I read an other article here for a 12.1 version and there was a hotfix. https://www.symantec.com/connect/forums/system-volume-informationefadatasymefadb-seems-block-safely-remove

I think this problem is back again, what can i do?

Thanks!

0
Search

Super admin user account to view all user account risk or scan log

April 14, 2018, 2:24 am
$
0
0
I need a solution

Hi 

I would like to check if there's any super admin account which I could use to login at individual workstations to check and view all user's SEP risk logs? 

I understand that any risk captured by SEP's will be log under that particular's user account and might not show up if i were to login with a domain administrator account or a local administrator account.

Will running Symantec services using (at services.msc) using a dedicated domain account solves this issue?

Thank you.

0

SEPm - Recommendation

April 14, 2018, 7:07 am
$
0
0
I need a solution

Hi All,

I have few questions about SEPm.

1. I will deploy SEPm to the customer with 300-400 Endpoints. I checked a lot of articles. I want to create two servers, one for SEPm and one for a database with SQL Server.

2. I want to configure database maintenance. can you give me few recommendations for SQL database maintenance ?

3. What happaend when the SEPm license is over/ expired?

Thanks,

Amit

0

14.0 RU1 MP1 Hyperv Firewall for DNS on Windows 2012 Server

April 14, 2018, 9:19 am
$
0
0
I do not need a solution (just sharing information)

Hey!

I have a Windows 2012 Server with DNS installed in a virtualized domain controller.

I have installed Symantec Endpoint Protection 14.0.3897.1101 on the Hyperv Host. (I use this machine as a workstation and flip to various VMs.)

The default configuration blocks DNS queries. When Network Threat Protection is disabled, all devices and VMs can get through to the Internet.

In order to get the VMs to work with Chrome, I added a firewall exception as follows:

    "* Allow DNS", Allow, All network adapters, All hosts, UDP, Remote ports: 53.

This works for VMs and when the laptop is connected with a wired Ethernet connection, but not the laptop, tablet, and cell phones on the wireless network.

For wireless, I added:

     "* Allow DNS Wireless", Allow, All network adapters, All hosts, UDP, Local ports: 53.

It allows the wireless devices to get to the Internet.

These rules should be added to the default rules that ship with the product.

Hope this helpes someone.

Bob.

0

Software exclusion by Digital certificate (SEPM/SEP)

April 16, 2018, 1:31 am
$
0
0
I need a solution

we have many programmers writing code. Creating execution folders on systems gives a safe haven for infected files. Currently that’s what I’m doing.

We want to offer a file exclusion by Digital signature (Certificate).
We have already a certificate. Does symantec have any procedure to know how to sign the files with the certificate?

After that, we will create a certificate exclusion in order not to quarantine/delete files.

Thanks

0

IS SEP For Linux can control CPU and Mem ??

April 15, 2018, 7:20 pm
$
0
0
I need a solution

I heard SEP For linux can Control the CPU and mem 

It Can be ??

IF Can where can I find the menu ? (clinet Or Management ??)
 

0

SEP Log Files

April 16, 2018, 1:12 am
$
0
0
I need a solution

I'm getting reports from our end users that SEP is deleting files when they are doing  imports onto there machines.

I can't see the deleted files on the SEPM or the endpoint on the local machine.

Are there any other logfiles on the users machines I can check to prove/disprove SEP's involvement

0

SEPM 14.0.1 MP2 - reverse proxy issues

April 16, 2018, 7:19 am
$
0
0
I need a solution

Hello,

Does anyone have latest SEPM 14.0.1 MP2 with a reverse proxy setup for Linux clients? According to New fixes,  https://support.symantec.com/en_US/article.INFO495... they fix issues with reverse proxy. Sadly not in my case :( Still httpd.exe crashing this time is even worst after upgrading from 14.0.1 (RU1) to 14.0.1 (RU1 MP2) .. apache crashes almost every 1-2hrs :( Previously it was working 2-3 weeks before crash. Anyone facing the same issues?

0
Search

Cannot remote push files

April 16, 2018, 7:27 am
$
0
0
I need a solution

Hello,

  "The VPRemote Install Bootstrap Service service is marked as an interactive service.  However, the system is configured to not allow interactive services." We are getting this error lately when we try to Remote push installations to our clients. We don't know what causes this issue and we have looked everywhere for a fix. We have tried to turn on certain services and tried different regedit solutions, nothing helps. I was hoping i could get some help with this issue! Hello

Kind regards,

Tim

0

Action field values for Endpoint Protection 14

April 17, 2018, 1:58 am

Configure active scan from SEPM

April 17, 2018, 5:24 am
$
0
0
I need a solution

Hi,

By default when a client is installed, Scan for threats> Active Scan Upon Startup is not Enabled. Is it to enable the property from the SEPM or need do it on individual Symantec client?

Thanks to let me know.

0
1523969263

New HP laser jet Printer 4000 series

April 17, 2018, 1:33 am
$
0
0
I need a solution

dear all

any clue on this, we have SEP polices configured with application control enabled, but we dont have any device control, these new printer doesn't include driver CD, in fact hp came up with new idea having flash disk inside with driver in it. FIrst time connection to computer it will work as flash driver installs the driver and than it will be a regular USB printer cable. 

i'm facing issue with this, it has autorun.inf file which will be blocked by my polices, and they are not safe to allow it too, and  can't allow as device cuz we are not blocking any devices, blocking on executiable files from any flash drive this is the polcy for us. allowed only doc and txt files.

please 

0

Is it possible check exe files over the Symantec internet interface?

April 17, 2018, 2:24 am
$
0
0
I need a solution

Hallo, I have a folloving problem. Our corporate windows network is protected with Symantec endpoint protection program with latest virus definitions, and, of course, high level of administration restrictions with no manage system posibillity. My work is based on processing big text databases (csv format). I usually use Excel macros, which is sufficient, but time from time I am using also text utilities as awk.exe, sed.exe, grep.exe and many other, which are generally known, but are not allowed and which are not official software in our network enviroment. However, I have them stored on the local disk for long time without any Symantec warnings. Some months before Heur.AdvML.B warning window appeared on my computer related to one of my unofficial exe files. I received a warning from the superior, so I must delete them all from my local disc. But I need them! I can not solve the situation by official route via company management. My question is: Is it posible check some of my exe files over the Symantec web interface or other simillar way? I have not any PC with Wndows to install trial version of Symantec software to make sure theese exe files are clean and safe, to make sure the Symantec endpoint protection installed at corporate network does not mark the files as security hazardous and Symantec heuristic analyse does not show me risc protection window any more.

:-)

Thanks for response   
JP 

0

Unable to install SEP 12.1.6 MP9 on Win 2003 server

April 17, 2018, 5:07 am
$
0
0
I need a solution

Hi There,

I am trying to install Symantec Endpoint Protection (12.1.6 MP9 - build 7369) in a Win 2003 server (tried with both managed and unmanaged package of core features)

But the setup is failing continuously with an error stating that "The Wizard was interrupted before Symantec Enpoint Protection could be completely installed".

When I had a look at event logs, I could find something like "Faulting application: EFAInst.exe version 6.3.0.15, fault address 0x000088c2".

Also I could see from various blogs that EFAInst.exe belongs to Symantec as a supporting file for the entire setup.

Note: I can able to install SEP 12.1.6 MP7 on the same machine without any error but facing issue only on MP9.

Any idea for resolving this issue will be great help.

Thanks in Advance!

Regards,

Rakesh Subramaniyam

0

Allow single IP to port scan machines

April 17, 2018, 10:00 am
$
0
0
I need a solution

Hello,

We have a Retina CS server protected with DCS we would like to use to scan our SEP protected Windows 10 hosts on another subnet.

When we run a port scan traffic is blocked for 600 seconds. Is there anyway to JUST allow the one IP to scan these hosts?

IPS exclusions are not optimal in this case as it will allow all sources to scan our devices on internal network. https://support.symantec.com/en_US/article.HOWTO81159.html#v8148757. 

0
Search

Difference between web console and java console

April 17, 2018, 10:03 am
$
0
0
I need a solution

Are there any differences between the web console and java console?

Is there a document outling the differences?

Thank You

0

SEPM LiveUpdate: Uses old LU server even though this has been changed

April 17, 2018, 10:59 am
$
0
0
I need a solution

Hello all,

I have been scratching my head on this one. We are in the process of eliminating our LUA server since this product has been failing us very frequently lately. We have another group that houses a better working LUA server, so we are moving our various SEPM consoles to point to that server.

One console in particular, however, refuses to accept the changes that I made when it comes to the LiveUpdate download source. Looking in the console, I can see that the only entry we want in there is there, and it is the new server. Even when initiating a LiveUpdate in SEPM, it tells us NAMEOFNEWSERVER is going to be the download source.

Unfortunately, every single time we initiate a LiveUpdate, it continues downloading from OLDSERVER. Also looking in C:\ProgramData\Symantec\LiveUpdate\Settings.LiveUpdate, we see the old server listed here, not the new.

Why is the console not updating the files to the proper server? What can we do in order to force this change? We have already rebooted the server and stopped / restarted services several times however that hasn't worked.

Thanks!

0

Best Practices for Web Traffic

April 17, 2018, 12:48 pm
$
0
0
I need a solution

I was just curious what the best way to setup rules would be in regards to website browsing.
We recently deployed SEP 14 to our environment, and are seeing a number of legitimate web traffic being blocked. Mostly SSL providers like globalsign.net and comodoca.com, as well as some website's itself like Equifax. 

For now, we have been adding them to whitelist rules within Symantec's firewall, but we are a large company so this isn't a realistic solution when web traffic is unpredictable. 
What would the risks be for creating a rule to allow all port 80 and 443 traffic through chrome.exe and iexplore.exe? I feel as though that's not likely the most secure solution.

I would appreciate any input!

0

Importing SEP 12 RU6 MP10 clients into SEPM 14 RU1 MP2 Fails

April 17, 2018, 6:12 pm
$
0
0
I need a solution

I am following HOWTO81175 (https://support.symantec.com/en_US/article.HOWTO81175.html), but when I’m trying to import SEP 12 RU6 MP10 clients (SAV32.info and SAV64.info) it fails the following:

An error occurred

- Reading the package contents...

- Adding the package into the management server...

- Disabling cancel operation as updating server database...

The directory I’m importing from has the corresponding .dat file and part of the full 12 RU6 MP10 download (SEPM\Packages). I’ve done this with pervious 12.x clients and 14.x SEPMs without issues. Any suggestions on loading 12 RU6 MP10 clients into 14 RU1 MP2 SEPM?

0

SEP 14 client installation on Dual Boot machine

April 17, 2018, 10:04 pm
$
0
0
I need a solution

I have customer with MacBook configured with dual boot. Both Mac OS and Windows OS are supported by SEP 14.

May i know if i should install SEP client on both OS? Does it crash/conflict in this way?

Thanks

0
Viewing all 12029 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>