Hello everyone
Just noticed this morning, Java v9 has been released. As I'm afraid banks and other online services still using Java will force my users to upgrade I was wondering if there is any word from Symantec about SEPM/client compatibility with it? Anyone knows anything about this?
Thanks
Hi Team
Kindly help in creating a policy to blocks the Android Devices (PTP and MTP device)
Hello
I have the follwing setup:
1 x server with SEP 14
1 x server with SEP 11 (not in use anymore)
clients running version 11 and 14 mixed.
We are planning on upgrading the clients who are running v11 to 14.
I did some testing and I can upgrade the clients from 11 to v14 without a issue.
After the computer reboots I see that Liveupdate is greyed out (it is enable in SEP manager)
It gives following message: Your virus and spyware def. are missing or corrupted. This computer will not be protected against viruses and spyware until new defenitions are downloaded.
If I do a uninstall of the client and push it again it works and the clients are getting latest difinitions.
But i don't wanne uninstall 400 clients mannualy afcourse..
Is there anybody who can help me out? It looks like the client is not connected to the new SEP 14 server. Is there a way to force is to connect to the server?
Thanks
Hi,
after upgrading from 12.1.6 RU6 to 12.1.6 RU8 massive problems on our Domain Controllers appeared. The AD is not working anymore and we had to restore the DCs from backup.
I used the SEPM and upgraded the synced AD-Groups with the new version, as I did many times before. I also stopped the service to get back to the old version.
Are there any known issus about this? I would appreciate any help as the whole company is stuck.
regards
Bernhard
Bonjour,
Je suis à la recherche d'un script powershell qui vas nous permettre d'avoir des indicateurs suivants :
- Nombre de postes par groupe SEPM dont la définition est de moins de 7 jours.
- Nombre de risques par groupe SEPM.
En vous remerciant.
Is SEP 14 RU1 still due out this week ??
hello
I have endpoint asking to allow application to access network. Is ths something that I should be concerned for or how do I fix it? User is asking me what I can do.
please help.
best regards
Hi
I work for a consulting firm and Symantec partner. One of my Clients is running SEP v12.1.6 MP5 and they would like to setup a new corporate system running on SUSE Linux v12.
According to Symantec online product guides, SUSE12 is only supported on SEP v14, and only SUSE11 is supproted on SEP v12.
Can anyone confirm if SUSE12 will run without any issues on SEP v12.1.6 MP5, or does my client absolutely need to upgrade their SEP to version 14?
If it can co-exist, are their any other non-technical impacts, e.g. Support or Commercial constraints to consider?
Thankyou
Nick
We installed SEPM 14 MP2 but never got Auto email notification working. After working with Symantec support, it was very frustrating and requested to close the case as it was going no where. Recently I had some time to work on it. Key environment:
1) Email Server: Office 356 and all emails are scanned by Message Lab Email Security.Cloud
2) Web Security.Cloud
Error messages "Symantec Endpoint Protection Manager cannot send a test email using the settings you specified. Verify your email server settings. For more information, see the knowledgebase article: How to configure email server settings"
I was not sure what address to define in Admin >> Server >> Edit Server Properties >> Email Server >> Server address. Symantec supported tried with different O365 addresses like: outlook.office365.com, smtp.office365.com etc. and none worked. TECH240170 was not so helpful and scm-ui*.err log was showing error like this:
26/09/2017 2:09:58 PM STDOUT: Sending test email ...
26/09/2017 2:10:27 PM Email INFO: Start to send email to [secteam@abc.com] using server: cluster4.us.messagelabs.com.
26/09/2017 2:10:27 PM STDOUT: Start to send email to [secteam@abc.com] using server: cluster4.us.messagelabs.com.
26/09/2017 2:10:27 PM Email INFO: Sending email...
26/09/2017 2:10:28 PM Email SEVERE: Valid unsent addresses: [secteam@abc.com]
26/09/2017 2:10:28 PM Email SEVERE: Fail to send email to secteam@abc.com using server: cluster4.us.messagelabs.com.
secteam@abc.com was indeed a valid address.
What I figured out: in Admin >> Server >> Edit Server Properties >> Email Server >> Server address - maker sure it matches with the address of O365 Admin Console >> Setup >> Domains >> Required DNS settings >> MX
Now this should obviously match in Message Lab under Services >> Email Services >> Inbound Routes.
Further running a packet capture on SEPM, I found this very interesting:
220 ME1AUS01FT008.mail.protection.outlook.com Microsoft ESMTP MAIL Service ready at Tue, 26 Sep 2017 04:35:30 +0000
EHLO SYD.corp.abc.com
250-ME1AUS01FT008.mail.protection.outlook.com Hello [X.Y.255.70]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-8BITMIME
250-BINARYMIME
250 CHUNKING
MAIL FROM:<moin.sobhan@abc.com>
250 2.1.0 Sender OK
RCPT TO:<secteam@abc.com>
550 5.7.606 Access denied, banned sending IP [X.Y.255.70]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more information please go to http://go.microsoft.com/fwlink/?LinkID=526655 (AS16012609) [ME1AUS01FT008.eop-AUS01.prod.protection.outlook.com]
RSET
250 2.0.0 Resetting
QUIT
221 2.0.0 Service closing transmission channel
Now the address X.Y.266.70 is our registered IP assigned for our domain in Message Lab under Services > Web Security Services > Web Routes. Further going to the link https://sender.office.com/, I came across our IP was blocked. It gives the option to delist the IP and issue was resolved.
Hi All,
I want remotly uninstall older version and reinstall the latest version but I am getting these below errors can anyone of you help me out from this issue.
***************************************************************************************************************************************************************************************
09/26/2017 18:13:16:085 SEPprep starting!
09/26/2017 18:13:27:900 Attempting to run: "C:\Program Files\Symantec\Symantec Endpoint Protection\smc.exe" -p ******
09/26/2017 18:13:29:381 Exit code: -2
09/26/2017 18:14:06:791 Removing: Symantec Endpoint Protection
09/26/2017 18:14:06:791 Attempting to run: MsiExec.exe /X{2F160D9A-8222-413B-B3A4-E3A310514316} REMOVE=ALL REBOOT=R /qn
09/26/2017 18:14:30:016 Exit code: 1602
09/26/2017 18:14:30:016 Failed to remove Symantec Endpoint Protection
09/26/2017 18:14:30:032 Removing: Symantec Endpoint Protection
09/26/2017 18:14:30:032 Attempting to run: MsiExec.exe /X{2F160D9A-8222-413B-B3A4-E3A310514316} REMOVE=ALL REBOOT=R /qn
09/26/2017 18:14:53:008 Exit code: 1602
09/26/2017 18:14:53:008 Failed to remove Symantec Endpoint Protection
09/26/2017 18:14:53:023 Attempting to run: reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /v "Install SEP 14(MP2)" /t REG_SZ /d "C:\SEPInst\SEPsetup.exe" /f
09/26/2017 18:14:53:413 Exit code: 0
09/26/2017 18:14:53:413 Attempting to run: cmd /c "md C:\SEPInst"
09/26/2017 18:14:54:114 Exit code: 1
09/26/2017 18:14:54:114 Attempting to run: cmd /c xcopy "\\172.23.70.80\D$\Aamir Khan\SEP Script\AV SETUP\SEP 14.0 MP2 installation package for workstations\My Company_Default Group_WIN32BIT\Symantec Endpoint Protection version 14.0.2415.0200 - English\*.*" C:\SEPInst /e /y
09/26/2017 18:14:54:785 Exit code: 4
09/26/2017 18:14:54:785 Attempting to run: SEPsetup.exe /s /v"/qb! /l*v "C:\Windows\TEMP\\SEP_INST.LOG" REBOOT=ReallySuppress REBOOT=ReallySuppress /qn"
09/26/2017 18:14:57:715 Exit code: 1610
09/26/2017 18:14:57:715 Attempting to run: shutdown -r -t 30 -f
09/26/2017 18:14:58:229 Exit code: 0
09/26/2017 18:14:58:229 Symantec Endpoint Protection 14.0.2415.0200 is installed.
09/26/2017 18:14:58:229 SEPprep stopping!
Why does it say I have SEP (32-bit) and S Service Framework (32-bit) running on Windows Task Manager when I had installed the 64-bit version? I had installed this on a 64-bit PC and I had read elsewhere that only a 64-bit SEP can be installed on a 64-bit PC.
I fear that this incompatibility may be drawing too much resources from my PC and slowing it down. Please tell me if this is true.
Thanks.
Hi all,
I just experienced certain issues when trying to upgrade all our SEPM servers running the latest v12 (MP8) to the latest v14 (MP2). I get same error on every server (they all run W2008 R2) and it seems to be related to the domain user rights, which is quite stranage as not even one of our SEPM servers is on any domain (e.g. AD or similar). Here's the screenshot:
I tried to re-install SEPM, make certain config changes but I get the same error every time I try to get v14 to run. There are no errors when I install or re-install or do anything with v12 though. I know that Symantec made some internal changes with v14 and the way it checks user rights (i.e. virtual system and service accounts) but I am not sure if this is related to our issues.
Any ideas how can I fix this?
Thanks.
Hello!
We use SEP "Network Threat Protection" to prohibit Internet traffic without establishing a VPN connection to our company network.
Therfore the only IP address allowed within SEP is the one of our VPN Gateway.
Now we are facing the problem that hotels and other public access points often do a http redirection to mostly internal pages where you need to enter credentials or accept
terms of use. With our rule set that traffic is blocked.
Is there a way to solve this problem?
Thanks in advance
Cómo mantener o proteger otros dispositivos que están trabajando en otra compañía.
Por ejemplo, si un socio va a trabajar para otra empresa durante unos días.
La consola SEP14 puede ver el dispositivo en línea y administrarloEsperando comentarios
Gracias
How to protect devices ( laptos) that are working in other company
For example if a parther goes another company to working for a few days
How the console can wiew device and administers it
Thanks
I've got two mostly identical Redhat 7.4 servers, configured the same way, on the same network subnet. Let's call them host1 and host2
One of them (host2) is having issues communicating with the SEPM manager. When you run ./sav manage -s, this is the error message:
[root@host2 symantec_antivirus]# ./sav manage -s
Failed to contact Symantec Endpoint Protection
However, I can both ping the address of the SEPM manager and telnet to port 8014 from that host2 server.
Host1 has no issues communicating with the SEPM manager.
I'm suspicious there's a java issue, because of this below. (it's entirely possible it's something else, but java is what I'm suspicious about)
The default java version on both is 1.8.0.141. If you run "java -version" this is what you get.
[root@host2 symantec_antivirus]# java -version
java version "1.8.0_141"
Java(TM) SE Runtime Environment (build 1.8.0_141-b15)
Java HotSpot(TM) 64-Bit Server VM (build 25.141-b15, mixed mode)
However, both are configured, in /etc/Symantec.conf, to use a version of java installed under /opt/Symantec
[Symantec Shared]
BaseDir=/opt/Symantec
JAVA_HOME=/opt/Symantec/jre1.8.0_131/bin
On host2, if you run systemctl status smcd, you get this:
â smcd.service - LSB: Symantec AntiVirus Scanner
Loaded: loaded (/etc/rc.d/init.d/smcd; bad; vendor preset: disabled)
Active: active (running) since Wed 2017-09-27 11:20:15 EDT; 1h 7min ago
Docs: man:systemd-sysv-generator(8)
Process: 2050 ExecStop=/etc/rc.d/init.d/smcd stop (code=exited, status=1/FAILURE)
Process: 2193 ExecStart=/etc/rc.d/init.d/smcd start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/smcd.service
ââ1899 /opt/Symantec/symantec_antivirus/smcd -l info
ââ1906 /usr/lib/jvm/java-1.8.0-oracle-1.8.0.141-1jpp.1.el7_3.x86_64/jre/bin/java -Djava.security.egd=file:/dev/./urandom -cp /opt/Symantec/LiveUpdate/jlu....
Note the last line - it references java 1.8.0.141, which seems to imply that despite java 131 being configured in /etc/Symantec.conf, it looks like it's trying to use the system default java version. I tried removing and re-installing the SEP client again but am getting the same issue.
Suggestions?
If I delete a computer from sepm it gone permanently and I need to re-connect? I had one deleted and it seems to be gone and no longer managed.
Hi,
Have a quick question about how client laptops that have been renamed appear in the SEPM console.
Will the existing client entry appear with the new machine name similar to Active Directory, or will a duplicate entry appear and old entry remain (requiring us to delete it so as not to take up two licenses for the same machine.)
Thanks
Environment: Windows 7 Professional SP1 64-bit
SEP 14 MP2
We began upgrading UNmanaged clients to SEP 14 MP2 today and noticed an informational message in the client's system log.
"Already running process (PID:nnnn) C:'pathname\bin\ccSvcHst.exe'is affected by a change to the application rules."
We see the message only once per SEP client at start up. We don't have any application rules.
We installed the client with the Symantec defaults from the client only installation file downloaded from fileconnect.
Does anyone out there know what this means? Is this normal behavior for SEP 14 MP2?
Thanks,
Wally
Hi,
I have a copy of SEP 14 trialware, Can i fully activate this by applying an existing licence file?
Thanks.