I need a solution
Hi Please help me to find partner in yemen or any method to buy Symantec endpoint protection license Best regards
0
↧
find partner
↧
Imported File finger Print can be open?
I need a solution
hi Guys,
i run command to a group which is to collect a FIle Finger print and application running on group. may i know if i can open and copy the content the imported file finger print result to excel?
do you have a sample finger print output?
thank you!
0
↧
↧
USMT fails with SEP 14.2.4814.1101 installed
I need a solution
We've been using Microsoft USMT for a while. We just started upgrading from 14.2 MP1 to 14.2 (RU1 MP1 - 14.2.4814.1101). We've found that USMT fails on computers running 14.2.4814.1101.
Disabling the SEP service does not solve the issue. You have to uninstall it entirely.
We do not see this issue with 14.2 MP1.
Has anyone seen this before? Is there a new policy setting by chance that I need to take into account?
0
↧
BSOD caused by SEP update?
I need a solution
People are seeing BSOD's due to the Oct 14th updates. Any info from Symantec?
https://old.reddit.com/r/sysadmin/comments/di6v8k/...
0
↧
Firewall Rules from Symantec Endpoint protection to Group Policy
I need a solution
We are trying to get copy the SEP firewall rules to group policy. Is there a way we can export them or copy the SEP firewall rules to group policy (GPO).
0
↧
↧
Auto-Upgrade schedule not adhered to on Endpoint Protection 14.2 clients
I need a solution
We have scheduled an auto upgrade for a set of clients for upgrade from 14.2 MP1 (14.2.1015.0100) to 14.2. RU1 MP1 (14.2.4814.1101). We have specified an "Upgrade Schedule" and "Distribute upgrade over X days" too. But for some reason the clients are not adhering to the auto upgrade schedule. We have the below deployment status and messages in the clients.
"The client is ready to accept the upgrade package. Client has accepted an upgrade package, version 14.2.4814.1101. The download of the package will begin when client and OS compatibility are confirmed."
Can someone please let me know why the clients are not adhering to the auto-upgrade schedule and how could this be resolved? We have been doing this for almost 400+ clients in batches. There were no issues encountered but is failing only for the last batch of 50+ clients. We suspected that this could be due to the install package or install settings getting corrupted and we removed the content and re-assigned the package to the group again. But that doesn't help either. Can someone please assist?
0
↧
Is there a command line to uninstall SEP 14 with uninstallation password?
I need a solution
Hello,
I have Symantec EP ver 14 installed on more than 1500 clients, they are all managed via SEPM and an uninstallation password is set to prevent the users from uninstalling SEP on their machines.
Is there a command (or a script) to uninstall Symantec using an attribute for the uninstallation password in that command or script?
Thanks and regards,
Jameel
0
↧
Previously Whitelisted Devices now being blocked
I need a solution
We currently are using SEP 15 (hybrid with clients on 14.2).
Our policy blocks all access to the USB Class 36fc9e60-c465-11cf-8056-444553540000.
We’ve been carving out exceptions as needed and one of those of those devices in question is a vendor specific secure thumb drive.
Through initial testing I realized that allowing:
USBSTOR\Disk&Ven_Apricorn&Prod_Secure_Key_3z&Rev_0401*
didn’t do the trick and I needed to whitelist the parent device which was
USB\VID_0984&PID_1409*.
This worked fine for months and then on October 9th these devices (along with clickshare and some others) began being blocked again despite nothing having changed. The policy has been through a few new versions, but the whitelisting of those devices hasn’t changed. No method of whitelisting I’ve tried seems to do the trick anymore so I’m not sure what I’m missing.
Any help or guidance would be appreciated.
0
↧
SEP client duplicates; same UUID
I need a solution
Greetings,
We have several hundred machines that were reimaged recently. All of these clients were created as duplicates in SEPM with same Computer Name and same UUID, but different Unique ID and Hardware Key as their previous listed client. Also, the logs do not show that these clients were re-registered.
I'm trying to get a list of these duplicate machines for management, and possibly remove them from SEPM before they automatically drop off. Does anyone know how to do this?
0
↧
↧
How to Backdate Virus Definitions in Symantec Endpoint Protection Manager
I do not need a solution (just sharing information)
***Taken From Symantec Support TECH102935 ***
You suspect that the virus definitions currently in use by Symantec Endpoint Protection (SEP) clients are corrupt, and would like to roll back to a previous virus definition set. These clients are managed by a Symantec Endpoint Protection Manager (SEPM). You wish to configure or control the content revisions that clients use.
Please note:
the example below shows reverting AntiVirus definitions to an earlier version. The procedure works with other SEP components as well (reverting to an earlier release of IPS definitions, etc)
To rollback definitions, the [LiveUpdate Settings] policy -> Server settings -> [Use default management server] must be enabled.
The method described below can also be used to circumvent a confirmed False Positive (FP) until definitions are available that remove the detection. In the case of False Positives, though, creating a specific exclusion or awaiting new Rapid Release definitions is the recommended approach. As each set of new definitions includes protection against new threats, reverting to an older revision will always introduce security risk into an organization.
SOLUTION:
Follow the steps below to roll back virus definitions in Symantec Endpoint Protection Manager:
- Click Policies
- Select View Policies
- Click LiveUpdate.
- Double-click your current LiveUpdate Content Policy Under the "LiveUpdate Content" tab. The LiveUpdate Content Policy Overview dialog box appears.
- From the "LiveUpdate Content" section, click Security Definitions.
- Enable the Select a revision option located in the "AntiVirus and AntiSpyware definitions" section,
- Click the Edit button. The Select Revision - Antivirus and AntiSpyware definitions dialog box appears.
- Expand the drop-down list and browse to the appropriate (32-bit or 64-bit) definition set.
- Click the desired rollback definition date.
- Click OK.
- Click OK to close the "Security Definitions" dialog box and return to the "Policies" tab.
Note: Remember to later return to your LiveUpdate Content Policy and change back to the Use latest available option. Definitions on all endpoints must be kept current in order to protect against the latest threats in circulation.
Click HERE to go to original TECH article
0
↧
NO encuentro la manera de descargar el producto que compramos
I do not need a solution (just sharing information)
NO encuentro la manera de descargar el producto que compramos, en mysymantec me permite ingresar mi licencia me dice activa pero no aparece el link de descarga, me dice que tien que esperar la validacion del administrador del sitio ... prefiero el sistema anterior tengo mil cosas que hacer y con Av pierdo mas tiempo que con el resto de las cosas .. un desatre
0
↧
Secuirty Risk Found - SONAR.Kotver!gen5
I need a solution
Hi,
Symantec is reporting a "Security Risk Found (Access denied)" with the risk name SONAR.Kotver!gen5. Defintitions are up-to date on this computer and when you run the anti-virus scan on the computer, it doesn't find that it is infected but on the management portal, it says the computer is infected.
Not sure what to do. Can someone advise?
Thanks!
0
↧
Endpoint Protection installer logs password in plain text
I do not need a solution (just sharing information)
I tried to contact Symantec support as I couldn't install the Endpoint Protection product, but I was told that there is no support offered for trial customers, so I thought I'd post this here.
The installer was failing with the error "Failed to connect to database". I found the installer log file, and was surprised to see that the admin password was being included in the SQL query being used to create the account, and was logged in plain text. Logging a password in plain text seems like an odd thing for a product from a security company to do, as does passing parameters as part of the query rather than using a prepared statement with parameterized queries. To me this is very basic stuff and embarrasing to get it so wrong, and it makes me wonder how secure the rest of the product is.
I thought Symantec would want to know about this, but from the reply I got from the support request I posted, it would seem they're not.
If you're going to use this product I would recommend deleting any log files after you've installed it, just in case...
0
↧
↧
Sepm 14.0 MP2 server not pushing updates to clients.
I need a solution
Hello Team,
Recently we migrated the server from windows 2008 to 2012.After that we install Sepm 14 ver and restore the old database of sepm server to new one.Finally we got sepm console and the 32 bit clients are updating properly and 64bit are not updating.Please resolve the issue,
0
↧
How SEP handles monitored applications
I do not need a solution (just sharing information)
Users installed sogouexplorer.exe browser. It is used in China.
I used Application to Monitor in Exceptions policy to detect the instances of sogouexplorer.exe. I used KB https://support.symantec.com/us/en/article.HOWTO80...
Several instances were detected from different clients. Now I want to remove the applicaiton, or just quarantine, or terminate.
Do you know what does these actions ( Quarantine, Terminate, or Remove. ) means?
Does it mean the file is going to be removed? Or application will be blocked every time it launched.
How else we can stop or remove unwanted software?
0
↧
Sysfer.dll crashes applications
I need a solution
From Thursday 17/10/19 I have a problem with several machines
Shows me the following message (image attached) on the Windows error screen and can not use several programs
Shows me the following message (image attached) on the Windows error screen and can not use several programs
in order to fix it I did a reinstallation of the operating system.
any solution?
thanks
0
↧
Surface Hub 2 SEP Compatibility
I do not need a solution (just sharing information)
Hello, I'm trying to download SEP onto the Surface Hub 2S from the WIndows application store. The download button is grayed out there's a message saying a new Windows software update is required before being able to download SEP. I made sure that the OS is up to date, and the download button is still grayed out. Am I missing a step, or is this software not supported (it's listed as being supported in the store).
0
↧
↧
EDR Connection Status: Not Connected
I need a solution
Dear team,
I have a problem with EDR connection status. It cannot connect to EDR.
I have configure external communication on SEPM and enable recorder on EDR (port 443)
Please help me.
Thank you
0
↧
Upgrade client 12 to 14
I do not need a solution (just sharing information)
Hello
I'm looking an easier way to upgrade all my 12 endpoint protection client to 14. At the moment, I have to uninstall the 12 version before pushing the 14 version from the management console. If I do not uninstall the version12, the client stay unconnect to the new server
Any help will be appriciate
thanks
0
↧
Does anyone know when SEP14.2 RU2 will be released?
I do not need a solution (just sharing information)
We are facing several problems (database backup not working any more, sylink.xml - preferred group will be ignored, date/time format in reports wrong, etc.) after updating to SEP 14.2.4814.1101 and all support article refer to 14.2. RU2.
For a better planning I need to know when will it be released.
0
↧