We have recently upgraded our endpoint protection from version 12.6 to 14. I have created a package that I can push to all my users but I don't have all the pc's in the list and we have a ton of groups.
Before we used to update the Endpoint and the clients would automaticly update to the latest version. Is there a way for all the clients to automaticly update to the version 14.
Thanks,
Hi All
I have installed few systems with the symantec and it was reflecting in the console under the group which I had created.Today when I checked under the same group I saw that the number of systems has come down from 152 to 116 and few minutes later it became 119. I have checked if it is displaying just online systems but no, it is also displaying offline systems. Can anyone help me understand why this is happening? Thanks in advance.
Hi ,
Few of our Sep clients(windows server version 2003/2008/2012) are showing as "Scanning" under View Logs>Scan logs
They are struck in that state for the past few weeks.
We have tried to kill the process and restart them-no go
We have tried to stop the service and restart them-no go
We have tried to reboot the machine -no go
But for the above all clients they are having latest definitions up to date.
Also these clients are running with 12.1 RU6 MP7 (12.1.6 MP7)
We have Sepm console recently upgraded to 14 mp2.
Your suggestions and help are much appreciated..
Having an issue with the definitions being downloaded by clients from the SEPM which we are working with support on. At the moment we have two LUA servers that they are also configured to go to. However we are still seeing a number of clients out of date. We have a host integrity policy that if they are three days out of date they are supposed to reach out to the internal liveupdate servers that I had meant to switch to use the Symantec server. Can't seem to find the correct download URL. The SEPM is 14 MP 2 but most of our clients are pending reboot to complete the upgrade form 12.1.6 to 14.
Hi there
I have followed these instructions on creating a remote deployment package. However after deploying the package it doesn't include the sylink and thus the client is unmanaged. I created the package by using the installer app which has the sylink file in the additional resources folder.
Anyone got an idea how to do this?
Cheers
Random post this, but in the past 48 hours we have started to receive what have the characteristics of SEP alerts, but they're unlike any i have seen before.
They basically look like automated emails but using end user email address and being sent to our admin mailbox. Example below.
Attachment: INV 00000404.doc
Security risk detected: Trojan.Mdropper
Action taken: Cleaned by Deletion
File status: Cleaned by Deletion
Attachment: INV 00000404.doc
Security risk detected: Trojan.Mdropper
Action taken: Cleaned by Deletion
File status: Cleaned by Deletion
Hello Commercial Non-Infra Alliance
Your invoice-00000404 for 1,764.03 is attached. Please remit payment at your earliest convenience.
Thanks for your business!
I've had a look in the Monitors tab for notification conditions and there's nothing that matches which would generate the above alert. It reminds me of the New Risk Detected alert but with less detail, for instance it doesn't have the PC name or any details like that. I have managed to find the machine it came from by looking up the email address it was sent from and searching via logon name in the SEPM, and the above details match what the Risk Log shows.
Any one able to shed some light on why we are getting these alerts now when we have never received them previoulsy?
To note we are using SEP 12.1.6 MP5, haven't updated any clients or the SEPM in the past month, the alers only started appearing in this format in the past 48 hours.
Thanks,
John
How to manage users working from home?
- policies (scan their laptop)
-update their content
-notification (Like will pop-up screen that instructing them to connect to corporate network via VPN)
Hi all,
I want to know a few things about this HI templates.
All the password checkings that this policy do is about domain, local or SEP password?
For ex. Pass length, complex.
Another question is about error messages because I have this error message:
Fail to execute Host Integrity check.
Error Type: 0x00400020, Error Code: 0x00000000
But the host integrity runs and works fine (For example the policy disabled what I want to).
If anyone could help it would be great.
Thanks in advance!
Dear All,
I created the limit administrator account for login but I can't login to web console and error occurs the wrong password.Please kindly show below figure
Hello,
I am TerminalServer-Administrator (Citrix). My Servers boot up from a central GoldenImage. (Citrix Provisioning Services)
The Image is beeing updated about once a month. Symantec Endpoint Protection 14.x is installed.
When updating the GoldenImage, the AV-Definitions are about a month old. The Symcorp-UI states, that the protection-definitions are out of date.
It usualy takes about half a day (sometimes more, sometimes less) till the client loads the latest definition file.
I really don't have the time to wait for that.
What are my options to force the update?
I already talked to our Symantec Administrator, but didn't get a solution.
Is this normal?
What is causing this delay?
Thank you
Hello everyone,
We have decided to migrate our endpoint version from 12 to the latest version (14). While at it, we have decided to install a new 2012 server and put our new Endpoint version there. Before doing that migration, I have a few questions.
1- DATABASE TO USE
The version 12 uses an 2005 SQL bank which is not supported by the version 14. Reading the installation guide for the version 14 at page 38, it says that we have the choice between an SQL or the embedded database. I was wondering if it is a good idea to use the embedded one instead of the SQL. If embedded, I presume that it is included in the installation files
2- Connecting the new clients to the new server
is it possible to force a new IP address by a policy so that the clients would go to the new server in the future?
If yes, is it possible to generate a logfile stating which clients have made the changes vs the ones that did not?
3- Transfer of database.
I was wondering if it is really necessary to transfer the data from the old SQL to the new server. I mean if the clients are correctly attached to the new server and they send their own information there, is it really important to get the data from the old server? What do I lose (apart from the history of virus attacks and other information) if I do that?
Thank you in advance for your help!
Dag
Hi
We are using some client and servers intalled Virus and Spyware Protection. Client defination is updated.
I was cheking the SEPM some client defination are out of date Like Download Protection Content 
Chek the client side
Client Connect to SEPM server.
Update the client defination
But some defination isn't update.
How can solve this issues How ı can update like this cilients.
Hello.
I have some PCs with windows8.1 and SEP 14MP2. Few have "Standard Client" settings and others "Dark Network Client" settings.
On all Standard clients I have:
Virus and Spyware Protection July 3
Proactive Threat Protection June 27
Network and Host Exploit Mitigation July 3
On all Dark Network clients:
Virus and Spyware Protection July 3
Proactive Threat Protection June 27
Network and Host Exploit Mitigation June 28
(screenshots attached)
Can please someone advice, is it ok for DarkNetwork clients to not download "Network and Host Exploit Mitigation" defenitions from SEPM?
Thank you in advance
Hi everyone,
I have an issue during Client Push installation, wizard finishes with error " Install failed, rolled back"
Please help me.
We have MACHINE_1 with SEP 12.X and MACHINE_2 with SEP 14.0
Recently we received the upgrade notification with serial number. and we plan to install that license key on MACHINE_2 with newly installed SEP 14.0.
then move the all clients point to MACHINE_2.
WILL IT WORK?
SEPM is unable to download definitions and install.
As i get Content catalog failure when i run LUALL with interactive mode.
Log file and sesmlu attached.
Please suggest.. .
Hi all,
Just did a fresh install of Symantec Endpoint Protection 14 MP2. Management server installation was easy, first client install also went well. Thing is, the client reports Proactive Threat Protecion, Network Intrusion Prevention and Browser Intrusion Prevention as malfunctioning.
When i open Endpoint Protection on the client as Administrator, The status of these products shows as correct.
What can i do to get the correct status when a standard user logs in on the client computer? The status icon in the taskbar also shows a exclamation mark which will cause users to report the "malfunctioning".
Thanks in advance
Hello everyone.
I have a very strange problem, since a certain date the administration console is not updated, and I have the following message:
Initializing...
Connecting to liveupdate.symantecliveupdate.com...
Downloading catalog file (1 of 1), 100% complete...
Opening update list
The digital signature found on the catalog file has been signed by Symantec Corporation.
Processing update list
Opening update list
Processing update list
The following updates have been aborted:
> SEPM Content Catalog has 1 aborted update(s).
Reason:
LU1845: This product was not updated due to a processing error.
> SESM AntiVirus Client Win32 has 1 aborted update(s).
Reason:
LU1875: This update failed during its preprocessing welcome text phase
> SESM AntiVirus Client Win64 has 1 aborted update(s).
Reason:
LU1875: This update failed during its preprocessing welcome text phase
> SPC AntiVirus Client Mac has 1 aborted update(s).
Reason:
LU1875: This update failed during its preprocessing welcome text phase
LiveUpdate session is complete.
And according to this error, take several steps:
1.) replace all 3 liveupdates files -> did not work
2.) uninstall / install live update -> did not work
3.) copy the jdb files to update it manually -> I do not work.
4.) Update the console to the latest version 14 MP2 -> I did not work
5.) perform the maintenance of the database (truncate / Index) -> I did not function
6.) I reviewed the space on the server's hard drive and there is no problem.
I really do not know how I can solve the problem
I hope you can help me
Thank you
best regards
Hello everyone,
can anyone guide me, how to install Symantec Endpoint Protection 14 in Linux Client System.
Thanks,
Devang Raval.
Hello everyone.
I have a problem with my administration console, which from a certain date is not updated (See Image). And when I try to update it gives me the following error:
------------------------------------------------------------------------------------------------
Initializing...
Connecting to liveupdate.symantecliveupdate.com...
Downloading catalog file (1 of 1), 100% complete...
Opening update list
The digital signature found on the catalog file has been signed by Symantec Corporation.
Processing update list
Opening update list
Processing update list
The following updates have been aborted:
> SEPM Content Catalog has 1 aborted update(s).
Reason:
LU1845: This product was not updated due to a processing error.
> SESM AntiVirus Client Win32 has 1 aborted update(s).
Reason:
LU1875: This update failed during its preprocessing welcome text phase
> SESM AntiVirus Client Win64 has 1 aborted update(s).
Reason:
LU1875: This update failed during its preprocessing welcome text phase
> SPC AntiVirus Client Mac has 1 aborted update(s).
Reason:
LU1875: This update failed during its preprocessing welcome text phase
LiveUpdate session is complete.
------------------------------------------------------------------------------------------------
And according to this error, take several steps:
1.) replace all 3 liveupdates files -> did not work
2.) uninstall / install live update -> did not work
3.) copy the jdb files to update it manually -> I do not work.
4.) Update the console to the latest version 14 MP2 -> I did not work
5.) perform the maintenance of the database (truncate / Index) -> I did not function
6.) I reviewed the space on the server's hard drive and there is no problem.
I really do not know how I can solve the problem
I hope you can help me
Thank you
best regards