We would like to install SEP firewall module on Windows servers and configure the ruleset on SEPM. The firewall policy allow all incoming/outgoing connection, only restrict incoming RDP connection from a specific IP. Please advise how to add the rule in firewall policy. Thanks
Hi, we are running SEP14 MP2 with clients running from different locations.
I would like to find out if it is possible to use WildCard SSL certificate on SEP.
Thanks in advanced,
MabundaG
Hello
There is one thing I don't understand in Action summary in SEPM . In File/Entry tab there are those ">>" characters . i.e C:\Users\SymantecAdmin\Desktop\File_name.msg>>__subhgfg1.8_888888>>urgent 888888.js
Console report this file in quarantine list and there are 4 entry of the same file but with this >>. What does it mean ?
How can I update the virus definition.If I have a LINUX PC installed with the latest Symantec Anti Virus and that is not connected to the internet.
Hello,
Very recently one of our clients computers has been recieving this error messages, with variations throughout the day. These errors keep occuring at least 10+ time throughout the day. This PC has recently been updated to Windows 10. We reached out to phone tech support yesterday and they recommended we upgrade to SEP v14.x. Which we did, however the issue still continues. Thanks for any help that can be provided.
just ugpraded to version 14 of symantec endpoint protection manager, and I can sign in, but Home, Monitors, Reports ar all blank.
policies, clients, admin tabs appear normal.
I updated to latest version of Java on the 2008 server, but no change.
what else should I try?
I'm looking to create a report or notification in SEPM for disable clients that show up on the homepage.
Found a post in 2013 asking the same question but figured I'd check to see if this feature has been added in later versions.
https://www.symantec.com/connect/forums/sepm-disab...
I'm working on our threat analysis workfow in response to WannaCry and Petya. I have a Rapid Release question. If I download and install the latest Rapid Release signatures on a specific device, and that specific device is managed by my SEPM, does the Rapid Release signature get 'over written' when the SEPM pushes out the next certified signatures.
I'm concerned that there may exist a situation where my Rapid Release install is rendered moot by the SEPM pushing out a possibly lower level set of signatures.
Hi All,
When user first time login client show disable on manger. Then it show outdated after some time it shows updated. Later again same client show disable.
I think on manager client must show outdated instead of disable, Kindly correct me if I am wrong.
Is there any bug in Sep 14 MP2???
Any idea or any suggestion...
Thanks in Advance...
Hi Team,
We have been given a list of hash values (MD5 and SHA) which needs to be updated in the symantec server.The MD5 hashes were added under "Terminate Process attempts" in Application and Device control tab. The SHA hashes are not getting added under this tab. Please let us know whether SHA hashes can also be updated.
Sepm 12.1.7 - version
Thanks and regards,
Anishk
Hi All,
I tried to install SEP on 2012 R2 data center and it stucks at the stage of Gathering informations..
I tried with 12.1.6 and 14.0, still same
Tried with .exe file and .msi installers and same
No SIS_INST file getting created and only SEP_INST file, however no much informations on it.
Can anyone guide please ??
Is there anyway to allow ssms from one machine by using windows login account(Not allow other windows machines login).
Hi! When I get out of my old company I arrange carry the laptop. The laptop has SEP14 with corporative polices and configuration, that I can not change, for example company proxy etc. I need to remove the SEP to use an new own Antivirus Software but I can not uninstall it because I have not the "Uninstall Password". I do not have any contact with the company to obtain it. I do not want to reinstall Windows.
All registry post for SEP12 does not work with 14.
How is possible to uninstall and disable the password requirement.
Thanks in advance!
Hello,
I am a 5 year user of your product.
Since version 11x I was submitting virus samples as your antivirus was always signature based and never cought new viruses based on behavior.
When I read about version 14 and the new "Advanced Machine Learning" I thought that at last you made an antivirus that will catch viruses based on malisious behavior and not only based on Hashes.
All I have encountered since is false positives and a bigger hash database (cloud) which was an improvement.
I have submitted several old metasploit exploits and you made a Hash signature rather than make a behavior signature that will stop each file created the same way that does the same....
And again, I tried a metasploit model, uploaded the file to virus total - symantec again says its safe.
I have sent the file to a test machine with SEP 14mp2 and it executes without any problem.
But hey! It did think that wireshark is a malicious file using the advanced machine learning...
http://www.hackingarticles.in/exploit-windows-10-p...
bonjour,
les Clients SEP 14MP1, installés au niveau des machine Windows 10 ne téléchargent pas la mise à jour
cordialement,
Hello,
We are having problems with computers that are running Endpoint protection.
The computers keep (randomly) getting “Out of resoures” problems in all applications.(error 8)
Computers that run the same software without Symantec are running fine.
Some background information
From what we have seen there is enough memory and cpu available on the computers.
So it seems Windows gets above a certain threashold which results in out of resource errors.
In the last couple of weeks the problems became worse, more and more computers are having the Out of resource problems.
Usually we had this issue arround 1 computer in 2 weeks, but lately we have had 7 in one week.
We have done some testing with excluding disks in symantec. That seems to slow down the occurence.
Any help with this problem would be appreciated.
Bonjour,
Suite a des erreurs sur le système de notre serveur (SEPM) actuelle, nous somme obliger de le remplacer par un autre serveur, toutefois nous avons quelque question a se sujet :
1 : La langue de l'OS a t'elle un impacte sur le bon fonctionnent du manager (OS Serveur en anglais et SEPM Français) ?
2 : L'OS du manager doit'il être identique a celui de l'OS de la base de donner (SQL) ?
3 : Si on change la langue de notre SEPM cela a t'il un impacte sur le disaster recovery ?
4 : Quel est le meilleur moyen de procéder a ce changement Merci pour votre collaboration habituelle et restant disponible pour tout complément d'information ?
5 : Je souhaite changer la langue de mon manager est ce que cela a un imapcte sur les client qui sont déja conncter a ce manager. ce changment doit il etre fait aussi sur la BD SQL ?
Merci pour votre aide
N.Achraf
Hi,
Just installed sep 12.1.7 package for linux.
I started a manual scan and it looks like it finished,
Where can i see the scan logs? I serched and found only the system logs.
Thanks!
Hello,
Some computers cannot download the full.zip file, from GUP or from SEPM manager. The liveupdate process works correctly with the small definition file but not when computer needs the full.zip file.
Message in the system log file is "Echec du téléchargement de la nouvelle mise à jour du contenu à partir du serveur de gestion"
The only one solution i have found is to make the liveupdate from Internet (Symantec server). Problem : i have a lot of computer without the internet access.
Server is in 12.1.7266.6800 , client with 12.1 RU6 MP6
Can you help please ?
We have configured central quarantine server for the clients to automatically submit Quarantined items to the CQS and we have about 30000 managed endpoints. lately we notice there are several pdexxx.tmp files showing as infected and the action taken as left alone. attached the screenshot from the risk log for reference. sequence is that the scheduled scan quarantines a file and then as per the risk log there shows a manual scan (actually nobody initiated the manual SEP scan) and shows several pdexxx.tmp files as infected and left alone but these files are actually not present on the endpoint. Please help us to fix this issue as this has become a major problem in the environment. Has anyone ever come across with such scenarios.