Quantcast
Channel: Symantec Connect - Products - Discussions
Viewing all 12029 articles
Browse latest View live

AML Report option not available

August 15, 2018, 8:15 am
$
0
0
I need a solution

Hi, 

I'm looking to generate the Advanced Machine Learning report referrenced here: https://support.symantec.com/en_US/article.HOWTO125816.html

I've followed the steps of Scheduled Reports > Add > Computer Status but there is not an option for Advanced Machine Learning (Static) Content Distribution

We're currently on 14.0.1 as suggested. And I confirmed all of the required AML settings are enabled in our environment. Am I missing something or has this report option been removed? Any help would be appreciated. 

Thanks.

0
Search

Disaster recovery Admin password - Help!

August 15, 2018, 3:10 pm
$
0
0
I do not need a solution (just sharing information)

Ok, so we are retiring our old v14.0 SEPM server in favour of Windows 2012 server, and I performed the database backup and copied the recovery file to the new server and everything went well, and now I'm being prompted to log on.  The Admin password doesn't work, and my own network password doesn't work.

Would someone be able to tell me how to download the resetpass.bat file for password resets in v14.0 MP2?

This is fairly urgent, I can't do any further changes until this is done.

Why did the disaster recovery not include the existing admin user ID & password?

Thanks!

0

Firewall off when on LAN?

August 15, 2018, 9:48 pm
$
0
0
I need a solution

Hi guys,

What is the argument for leaving on the SEP firewall when you are on your corporate LAN and behind the corporate firewall?

The argument to disable the firewall would be to reduce complexity and any potential issues with some applications, but why would this be a bad idea?

Location awareness is in use when off LAN (i.e can't connect to management server) to then enable the firewall, so remote users are still protected.

Cheers,
Sam

0

SEPM to SEPM communication port

August 16, 2018, 6:05 am
$
0
0
I need a solution

Hi,

Looking for some verification regarding the Firewall Ports which are used got SEPM to SEPM communication (Java application).

My understanding is port 8443 does all server to server communication.

Does port 8014 also get used for server to server communication, or is this only for server to client communication?

Thanks,

Jamie

0

Minimum number of SEP clients supported by GUP

August 16, 2018, 6:24 am
$
0
0
I need a solution

Hi,

We have 1300+ offices in our organization spread acorss the globe and have SEP client configured to protect workstations in these offices. Some offices have below 100 computers and some offices have 200 computers. Do we need the GUP server for offices where SEP client count is 100.

Presently, Our enviorment have SEP 14 version configured on GUP and SEP Clients.

Any suggestions are welcome.

Thanks

KK  

0

Will any part of SEP still run after disabling

August 16, 2018, 7:17 am
$
0
0
I need a solution

I have a software vendor that is claiming that SEP is causing slowness in their application.  For a test we disabled SEP and made sure all the services were stopped and tested.  They said that they still saw activity in the Windows Event Viewer logs after SEP was disabled.  Is this possible?

0
1534432051

SEP package in mode push installation

August 16, 2018, 9:29 am
$
0
0
I need a solution

Hello,

when i push a new package trough our network i got this message on client windows 10 System event viewer :

"The VPRemote Install Bootstrap Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly."

What should i do  ? i still run cleanwipe but with no effect.

Thanks in advance

0

LiveUpdate Administrator v2.3.7 released

August 16, 2018, 1:38 pm
Search

Is a computer installed with SEPM protected?

August 16, 2018, 7:56 pm
$
0
0
I need a solution

Hi all,

This is my first time deploying SEP 14 for my company.

Already in touch with the vendor to acquire licenses for SEP 14 with 3 year essential support.

I have 3 clients that need protection: a file server and two employee computers.

I also intend to run SEPM on the file server itself. All will be dark network clients as they do not regularly connect to the internet.

The only question there lies: does the file server itself, which is provisioned with SEPM require a client to be installed on it before it can receive the same amount of protection as the other clients? In that case, should the number of licenses I provision be 2 or 3?

Looking forward to everyone's responses. Thanks!

0

SEP clients without internet access constantly generating e-mail notification

August 17, 2018, 1:57 am
$
0
0
I need a solution

Hello.

We have few computers which are SEP clients and have been recently "disconnected" from internet access on our router firewall. We are using external LiveUpdate server and the specific LiveUpdate addresses also were configured (allowed) on firewall. All the virus definition and client versions are up to date so it works, but after this whole operation we are constantly getting e-mail notification from SEPM and the reports are saying "Over the last 3 days the reputation check for unconfirmed files was unsuccessful due to network errors" (something like that, I had to translate it) - yes, this information is provided every 3 days for every client without internet access.

Should I add some address/addresses to firewall list or configure something in SEPM? Is Symantec cheking reputation of some files online in this scenario?

Would be gratefull for every kind of help or suggestions.

0
1534523702

Error when searching networking via Client Deployment Wizard

August 17, 2018, 5:52 am
$
0
0
I need a solution

Hi.

I get the error in the attached when using the Client Deployment Wizard and searching my network. I have enabled the Computer Browser service and ensured that Fie and Print sharing is also enabled as per: https://support.symantec.com/en_US/article.TECH97057.html

SEPM is running on Windows server 2016 Datacenter.

Any ideas or suggestions?

0

External Logging Not Working

August 17, 2018, 12:20 pm
$
0
0
I need a solution

Hello -

I'm running SEPM v12.1.6 build 7004.

I'm wanting to configure external logging to ship my SEP logs into my Graylog system but it doesn't seem to be working.

I followed the steps outlined in this doc, https://support.symantec.com/en_US/article.HOWTO81..., to configure the Syslog server settings in SEPM.  On the Log Filter tab, I selected all available options.  After waiting for several hours, no SEP logs have appeared in Graylog.

The Syslog Server settings are currently:

Syslog Server:  FQDN of my Graylog server (I tried IP address here with no change in results)

Destination Port:  TCP/12201

Log Facility:  23

Log Line Separator:  CR

The the protocol/port specified above is open between the SEPM and Graylog servers - it's being used to push Windows Event logs between the same 2 machines.  I tried different port/protcol combinations just in case.

For the log facility, I started with the default of 6 but moved to 23 after finding that suggestion in another discussion post.

So far, no combination of settings has allowed the SEP logs to be exported to Graylog.

As a test, I turned off the option to export to a syslog server and selected the option to export to a dump file.  That, as well, has failed to produce any output.  So, it doesn't seem there's a problem, specifically, with exporting to a syslog server but moreso that the export function just isn't working at all. 

All of my client log setting policies are set to have the client logs uploaded to the management server.  Using the Monitor and Report functions in SEPM, I can see the various pieces of data are actually there.  The export function just doesn't seem to want to spit it out.

Any ideas of what I can try to get this working?

Thanks,

Robin 

0

v14.2.770.0000 Policy Serial Number Blank, and Location Awarness Disabled and more problems....

August 17, 2018, 12:42 pm
$
0
0
I need a solution

Anyone else having problems with the latest v14.2.770.0000 ?    It does not appear to be communication with the Manager.   The Policy Serial Number, Location Awarness changed to Disabled, and for the Server name, its showing an IP now vs the server hostname.

I had to uninstall and went back to the last stable version which is v14.0.2415.0200. 

Before v14.2.770.000 I installed v14.0.3929.1200, found out this one had an issue when a password was required for uninstalling.  It would not accept the password.  It appears v14.2.770.0000 also has the password uninstall issue.  I had to turn off the password required to uninstall. 

But more important is the problem with it communicating and getting the policy from the manager server.  The shield is green as if things are working correctly.  But when making policy changes, they do not get updated.  System logs shows they it failed to import the policy.  I was also getting a strange issue where IE was unable to go to to any web page.  But Firefox worked.  Outlook emails were not showing any images either due to this.  But after re-installing 14.2.770.0000 it seemed to fix that issue.  But the other issues are still there.  A system scan was supposed to initiate at noon today, but the client did not start scanning.

Has anyone else experienced any issues like this ?

0

new sep version blocking hyperv VM connection?

August 18, 2018, 2:36 am
$
0
0
I need a solution

Since I updated SEP 14 to the latest version on my clients that i use to connect to VM hosted on a WIN2016 hyperv host, I am unable to connect to the VM. I can open the hyperv manager, but double clicking on the VM, or selecting it and clicking connect give no result. I didn't realise this could be connected to SEP until I fresh installed a new win10 client, that could connect perfectly, until I instaleld SEP on it. Ideas?

0

SEP not update definition after upgrade to 14.2

August 19, 2018, 1:29 am
$
0
0
I need a solution

Hello,

I trying to update some clients from 14.0.2415 to the latest version 14.2.7700 but after upgrade them not taking the definition from the server.

Appreciate your help to solve this issue

Thank you

0
Search

How to check the installation of Symantec Endpoint Protection across the entire domain

August 20, 2018, 1:23 am
$
0
0
I need a solution

I am implementing SEP14.x across 3 sites. I currently have SCCM, which is used for endpoint management. My device collection form SCCM has a huge descrepancy from my SEP implementation. I will be honest to say the inventory is not so clean.

Is there a script that i can run to check which PC's have SEP (or anyother antimalware) installed, so i can take it from there?

Your advise is highly appreciated.

0

License management

August 20, 2018, 1:52 am
$
0
0
I need a solution

I am managing SEP 14 across 3 sites. In 2 of the sites there is a high security zone behind a DMZ. I have licenses for the 3 sites (3000 seats) and another set for the secure zones, which have a limited number of clients (no more than 200 devices, 800 seats purchased). What would be the best approach in terms of licensing the 2 groups?

0

SONAR.SuspLaunch!g24 Virus

August 20, 2018, 2:28 am
$
0
0
I need a solution

Hello Team,

We are continuosly seeing the alerts related to Downloader Dromedan attack activity blocked and the culprit service is regsvr32.exe which falls under the category of SONAR.SuspLaunch!g24 as reported by Symantec. Please assist so as to what steps should be followed:

Windows 7 Professional EditionSONAR.SuspLaunch!g24
Security Risk		108/20/2018 09:16:43Default
 		c:\windows\system32\regsvr32.exeSHA-256
890c1734ed1ef6b2 422a9b21d6205cf9 1e014add8a7f41aa 5a294fcf60631a7b
08/18/2018 09:04:40Active Response disengaged  Windows 7 Enterprise Edition Info and above 
Other		   Default1
08/18/2018 08:55:40Intrusion Prevention  Windows 7 Enterprise Edition CriticalInbound   Default1
08/18/2018 08:54:45Active Response  Windows 7 Enterprise Edition Major and aboveInbound   Default1
0

Hijack.FolderOptions removal and detection

August 20, 2018, 8:31 am
$
0
0
I need a solution

Hi All,

May I ask what will be our resolution to detect, remove and prevent this type of Malware. I already update our SEP 14 manager and all SEP client but still we encounter this Hijack.FolderOptions. 

Any Idea how to prevent it to occur again?

Thank you.

Nestor.

0

Detection by digital signature publisher

August 20, 2018, 1:37 pm
$
0
0
I need a solution

I want to block or ban or clean a file based on digital signature publisher. Mindspark Interactive Network, Inc. is a greyware whack-a-mole that hash banning just won't take care of. I need SEP to interogate the file, and upon seeing the digital signature publisher equals Mindspark Interactive Network, Inc., remove the file or clean it or delete it or quarantine it. Any hep on this would be greatly appreciative.

Thanks,

Rogue

0
Viewing all 12029 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>