Quantcast
Channel: Symantec Connect - Security - Discussions
Viewing all 5734 articles
Browse latest View live

What definitions sizes (average) for below scenarios -

March 14, 2017, 10:55 pm
$
0
0
I need a solution

Hi,

I just wanted to know in below senarios what will be the size of definitions for Symantec endpoint client -

1. If the client take definitions from Symantec manager

2. If client takes definitions from GUP

3. What will be the size of definition that GUP takes from SEPM

4. What will be the size of definitions when SEP small business edition client takes from cloud (what is the frequency)

5. What will the size of definition if Local Update host is configured in SEP SBE

If anyone can answer how many clients does LUH supports that will be helpful.

0
Search

Clé de registre SEPM

March 15, 2017, 3:41 am
$
0
0
I need a solution

Bonjour,

Je souhaiterai savoir quelles sont les clés de registres pour le client SEP.

- Dernière connexion au serveur SEPM

- Activation du FireWall

- Dernières versions de mise à jours des définitions.

Nous aurons besoin de ces clés afin d'avoir un état des postes chaque semaine.

Je vous en remercie par avance

0

Migrate computers from AD Sync group to SEPM group

March 15, 2017, 4:14 am
$
0
0
I need a solution

Hi

I need to migrate all the computers from a AD sync group to a new SEPM group.

I realise you could copy all the computers from AD sync group to the SEPM group, and then delete the AD sync group.

Would this be the best way to go about this?

I need to ensure that the computers do not change the policies by ending up in the default group during this operation or anytime in the future.

Thanks

DM

0

SEP 14 and Windows 10 Annoyance

March 15, 2017, 6:18 am
$
0
0
I need a solution

I noticed an extemely annoying symptom with SEP 14.0.1904.0000 on my Windows 10 PC. Every 40 seconds (I've timed it with a stopwatch) the active window on my computer becomes innactive for 5 seconds or so. It's hard to explain, but imagine you're in the middle of typing and somebody walks up and clicks on your desktop with the mouse, interupting your typing. I either have to wait or click back in the window to continue. The active window has a subtle blue outline. Every 40 seconds, the blue fades for 5 seconds and returns.

This only happens when I have SEP installed. I've tried disableing various feature trying to pinpoint exactly what is causing this but so far I haven't had any luck.

0

Exclude port

March 15, 2017, 8:24 am
$
0
0
I need a solution

A customers office software was updated recently on the server.  This new software apparantly has hard coded port 49259 for use between it's clients and the server.  The problem arrised this morning, after the server had rebooted, that Symantec's SQLAnywhere randomly grabs a port that's not in use... it happened to grab this specific port today and started using it to communicate between the dbserv16.exe service and SemSvc.exe service.  Shutting down the SQLAnywhere service - and restarting the other software, then the SQLAnywhere service solved the problem (as it went and randomly grabbed a different port).

While this seems fairly random - this upgrade only occured a week ago, so I worry this will come back and haunt me.  Is there a way somewhere in Endpoint / SQLAnywhere to tell it to exclude / note use this port (49259).  I can see firewall rules I can setup etc... but that obviously isn't what I'm looking for here - I just need to tell Endpoint to never use this specific IP.

Thanks,
Shawn

0

How to find when a machine installed Virus defintions

March 15, 2017, 8:51 am
$
0
0
I need a solution

Is there a way in the SEPM console we can find a way when a host installed the latest virus defintions during a specific date?

Right now I can see about to 3/2 if I open the machines client, but I need to go further back than that, so I am looking for a way within the management console to do this.

Thank you,

Jack McAloon

0

Linux/LUA

March 15, 2017, 9:24 am
$
0
0
I need a solution

Hi all,

I have two questions. 

1. Is LUA still the only way for Linux server to receive virus def updates?

2. Is it possible to setup LUA to be able to retrieve virus def from another LUA?

Running 12.1.6 mp6

Thanks

0

Search HASH in SEPM

March 15, 2017, 10:19 am
$
0
0
I need a solution

Hi,

Is there a way to search a HASH within SEPM?

Thanks!

0
Search

Update Anti Virus on unmanage SEP Client 11.0.7

March 15, 2017, 2:49 am
$
0
0
I need a solution

Good Day All,

I will like to seek ideas on how to update Anti Virus Defination for legacy product SEP 11.0.7 

I am on Window2K and on a unmanage SEP11.0.7. There for i am amble to update via SEPM.  

I am also unable to upgrade my system.

In addition, can the current anti virus defination still work on unmanage 11.0.7 SEP client?

0

"Duplicate search results were found. They were not added to the results list" when trying to use Client Push install of SEP

March 15, 2017, 8:18 pm
$
0
0
I need a solution

Where can I find additional information on this message? Why does it come up? What is causing it?

So far we have been able to find target endpoints by using the Search Network option during Client Push and complete the SEP client install. But we would like to know more about this error and what is causing it. We are using SEP 14.x and groups in SEPM are from AD as we are using Directory Server sync.

Thx.

0

How to create virus definition distribution report for specific dates in SEP 12.1.4

March 16, 2017, 2:03 am
$
0
0
I need a solution

Hi, 

How can I create virus definition distribution report for specific past dates/ month in SEPM 12.1.4. Currently even though you have selected past year, it still takes into account from past year to date. I need to exclude the to date and focus only on selected range like e.g. Dec 1 - Dec 30 2016. 

Is that even possible?

Anhar.

0

"Network Scan Timed Out" during remote push

March 16, 2017, 6:46 am
$
0
0
I need a solution

I am having an issue with remote push to new install windows 10 Enterprise machines. We can see them in the Client Tree and when we start the Client Deployment Wizard we can see the system list in that tree as well. When we select it login with Administrator credentials it runs for 2 minutes then the error message "The network scan timed out for some of the target IP addresses. Are we missing some configuration in windows 10 to cause this? It works fine for windows 7 machines.

0

Moving clients from 12.x to 14.x / different server / different ip

March 15, 2017, 5:10 am
$
0
0
I need a solution

Hello guys,

We are in process of updating out SEPT from 12.x to 14.x. 

SEPT 12.x is located on windows server 2008 32bit, so we must move it to another (WS 2008 r2 64bit) server. 

We installed SEPT 14 to new server, but we have problem making it comunicate with clients.

Back up - restore solution is not working when using with different versions of SEP.

We are not using sql database.

Only solution i see is to install SEPT 12 to new server (WS 2008 r2 64bit), make it comunicate with clients and then, update to SEPT 14? 

Any other options?

Thanks

0

Symantec Endpoint Proctection 12.1

March 16, 2017, 8:05 pm
$
0
0
I need a solution

As my pc once install SEP, the network will be blocked. And the other pc once install some web very slow.

Kindly please help on it.

Thank you.

0

Competitive Information against eScan

March 16, 2017, 10:33 pm
$
0
0
I need a solution

Hi there,

can you share your competitive information against eScan with me?

Any points or documents is highly appreciated.

thanks

0
Search

Upgrade SEPM 12.1.6 RU6 MP6 to 14 fails:-Failed to create Audit log event

March 17, 2017, 2:18 am

Remote removal of SEP client

March 17, 2017, 8:09 am
$
0
0
I do not need a solution (just sharing information)

I have been looking for a solution to remotely remove the SEP client and I couldn't seem to find an easy solution but I think I created one earlier that has worked on a couple of systems so far.

I used SEPprep from the install media to uninstall any existing AV already on the system, including the Symantec endpoint client.  You'll have to read the PDF that comes with SEPprep to edit the ini but I had to make very few changes for our environment.  I also used ClientRemote.exe to push out SEPprep.  I have been using ClientRemote to do all my installs since upgrading to 12.1.6 MP3 and it is located on the SEPM server at this location. C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\bin

What I did was copy the SEPprep folder to where our deployment folders are located on the SEPM server.  Go in to the SEPprep folder and rename the SEPprep.exe or SEPprep64.exe to setup.exe then edit the ini to run silently and not prompt to remove.  After this I ran ClientRemote.exe and pointed to the renamed setup.exe (SEPprep64.exe) and pushed it out to our clients. It is very fast and once rebooted our new AV installed without any issue.

Interested to hear thoughts on this or if you run in to any problems.

0

Bloodhound Heurisitc Virus - now what?

March 17, 2017, 11:50 am
$
0
0
I need a solution

Hi guys!

I have a user who gets the message above from his SEP (sorry but for some reason i cannot upload screenshots):

Risk:Bloodhound.e

Action: Pending Analysis

Risk Type: Heuristic Virus

SEP was able to quar' this file for him and i was able to delete it but i was wondering if there are any other actions you guys would recommend taking. It came from Firefox.

Thanks!!!

0

Web Attack: WPScan Tool Activity attack blocked. How to look at request

March 17, 2017, 11:54 am
$
0
0
I need a solution

Greetings,

I have a Windowds Server 2008 R2, Coldfusion 9.0.2, PHP7, Symantec Endpoint Protection. I looked in the Windows event viewer and noticed a warning

Web Attack: WPScan Tool Activity attack blocked. Traffic has been blocked for this application: SYSTEM 

Aroundthis time our web sites gotvery very slowandI had to restart the Windows IIS service to get the web site working properly again.  I have 2 questions

- Is this warning message saying it is continueing to block traffic to our website?

- How can I look at the http request details for the requests it blocked?

The IIS logs do not show any requests at the time this warning message was reported related to Wordpress.

Any ideas on this are appreciated. Thanks in advance!

Joe

0

Slow access DFS servers

March 17, 2017, 4:05 pm
$
0
0
I need a solution

We are having some issues with slow access on our DFS servers. I can see that there are delays and timeouts for file accesses that are affecting users. Reverting to 12.x solves this problem.

I noticed an article describing this problem and it says to disable certain threat detections, I have done this and it does not seem to make any difference.

Has anyone else run across this issue? 14.x MP1.

0
Viewing all 5734 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>