Looking to see how people are handling upgrading from either 12.1.4 or 12.1.5 to 12.1.6. Problem I am having is that every time I push an upgrade from either Altiris or SEPM it will install but then after a reboot users machines can no longer Reboot/Shutdown.
How do you all do upgrades? Only way I can see now is that Remove current version, reboot, install new version, reboot. This doesn't seem practical for big roll outs.
Thanks in advance!
Hi
I have a query about operating system requirement of Symantec Endpoint Protection for Windows XP.
I saw the web page which version 12.1.6 available after SP3 but another document mentioned ‘after SP2’… Which one is correct?
And which SEP version can be available for Windows XP SP2 ?
Appreciate your support.
Hello,
I have Windows 10 64bit and Office 2016 32bit preview. PGP Desktop 10.3.2MP9 64bit installs without issues. Mail decryption works in Outlook 2016.
Unable to send encrypted email when using Outlook 2016. Email message is always sent in clear text even if encrypt button is pressed because the PGP Desktop Assistant should automatically detect the email account in Outlook but it does not. Account settings should get configured automatically but this not happened.
Tried this to clean up configuration but made no difference:
https://support.symantec.com/en_US/article.TECH178...
https://support.symantec.com/en_US/article.HOWTO42...
Enabled information for developers in outlook and debug in PGP but see no errors at all:
01:45:36 ----- Encryption Desktop started ----- 01:45:36 Encryption Desktop 10.3.2 (Build 16620) (16620) 01:45:36 Email Info Email proxying is enabled and active 11:07:03 Email Info Processing message from Symantec <symantec@symnews.nospameu> with subject: Biuletyn informacyjny firmy Symantec – lipiec 2015 12:38:03 Email Info Processing message from SymAccount <donotreply@symantec.nospamcom> with subject: The SymAccount Login Information you requested
Please add in next maintenance release support for final Windows 10 version and preliminary support for Outlook 2016. Or show me any workaround to fix this problem please.
Hi,
At SEPM
1. Under policies tab > Managment server list we have defined servers (say server1, server2 etc).
2. Under clients tab > Policies > Communication settings we have set priorities. i.e Under
priority 1 : Clients/GUPs should take update from server1
priority 2 : In case server1 goes down, clients/GUPs should automatically take update from server2
Now, suppose while taking update from server1 if network link is flapping (i.e. network going ON/OFF) then whether clients/GUP to server1 & server2 download data will happen "together" till desired content gets build up at GUP/clients end?
Need clarification from technical & network poin of view.
Issue has come up as it is observed that GUP is downloading data both from server1 & server2 together for a time span of say 1hr.
I need to understand whether it is due to network issue or due to any application anomaly. We are running 12.1.5 versions.
I am trying to detect headings in MS Word file.
For example, if there is "Accounting" written in heading font, i want DLP to detect it.
Is it possible?
Lately, I have been getting SEIM Alerts from Symantec's IP addresses stating they are vunerable to POODLE. I believe they are coming from the Update server but I am not positive. I have used Whois.com to verify that the IPs are, in fact coming from Symantec. This is also happening on several PCs in my network, it is not isolated to one or two PCs. What is causing the SEIM to hit on the POODLE signature? I have verified that the GPO I've created to update all machines to TLS has worked. I have used NiniteOne to update all browsers, and we have updated all servers, both Windows and Linux with the patches or disabled SSL all together. I am still getting the alerts.
Any ideas or thoughts?
Thank you in advance!
This is a part of the alert information...minus my internal IP addresses that are being affected.
Timestamp:
2015-07-29 03:31:54 GMT-4:00
Source host(s):
143.127.102.65
166.98.6.85
216.10.195.162
Incident:
snort: "ET POLICY SSLv3 outbound connection from client vulnerable to POODLE attack"
I am unable to create the management agent on the management server for Endpoint Encryption server. I have followed the steps in the following guide (https://support.symantec.com/en_US/article.HOWTO111004.html) when setting up the configuration for my site but when i click on finish it gives the error"Invalid Server Location. Unable to connect to the remote server". The web site is based on the same server.
Anybody seen this before?
**********************POSTING THIS ON BEHALF OF MY FRIEND*****************
My friends email account has been deleted at his office and given a new mail id. Now he cannot access his Connect. Clicking on forgot password, sending email to his expired email account. What way he can get his account back. Thanks in advance.
Hello...
In our enterprise environment, we use a different A/V product that is conflicting w/ a particular application.
We are testing SEP v12.1.6 on one mission critical server. I want to configure SEP to run a scheduled scan once a day, and eliminate or minimize any other A/V or SEP activity outside of that scan window. I have created a scheduled scan (2:00AM) but we are still seeing the application crashing outside of the scheduled scan (only when the product is installed).
My questions
1) There are many features of the product, I don't fully understand them as we just began to test & evaluate. I want to eliminate all Symantec product activity (if possible) except during the scheduled scan. Any suggestions on features I can disable or turn off such that we only get AV activity during the scheduled window - I would greatly appreciate.
2) Alternatively, ideally really, I'd like to have no A/V sofware on this machine and run the A/V scan from a different server. Is SEP capable of that, while still providing a similar level of protection?
thanks for any assistance.
(ps I am not looking to investigate the cause of the crash in this forum - just how to constrain all SEP activity to the scan window.)
Hello,
My Windows 7 computer decided to give out when I booted up and gave me the BSOD with unmountable boot volume. No workaround to fix. So had our company tech pull the hard drive to get the files off of it, however he said he can't get by the PGP encryption. Is there any way to get by so I can retrieve my files and not send it off to try and get fixed?
I created a new Virus and Spyware Protection policy in Symantec Endpoint Protection Manager. Under Auto-Protect settings, I've unchecked the checkbox to enable Auto-Protect after it's been disabled for 5 minutes. I applied the policy to a group with a single client computer. However, when I disable Symantec Endpoint Protection on the client machine from the icon on the system tray, it still re-enables after 5 minutes. Is there something I've overlooked?
I am running SEPM 12.1.6 and the client computer has the latest SEP package installed.
We have Windows 2008 servers running SEP 12.1.6 build 6168 and we are seeing that they are making non TLS calls on port 443 to these folowing symantec magaged IP's
216.10.195.151
216.10.195.164
I have unchecked the Submissions settings thinking that was the feature making the calls but it still persists.
Any idea what the above IP's are for and how i can force a TLS connection?
thanks,
JT
Hi Guys,
As we know there is drawback in Symantec Endpoint protection manager where multiple clients can't be deleted from different groups at once. Is there any way to overcome this from console or from SQL DB. This will help my daily job with minimized efforts. Can anyone help?
The version of SEPM is 12.1.RU4
Thanks..
Is SEP 12RU4MP1 compatible with Server 2012?
Hi,
I have SEP installed in my enviornment. I would like to understand how files are considered good, bad, suspicious. How reputation score is calculated and shared with SEP. Does SEP have some database withn it and goes to reputation database only in case new file is received and if yes, where does it store inforation for old files.
Where is the hash of file calculated and is that the driving mechanism for scoring.
Thanks
Dear All,
Please help me here,
As per our security, all IT support team should have Disk encryption, so I had install the Symantec desktop encryption 10.3.1 and encrypted the disk,
my system had three partition , C: windows 7, D: Data and E: Data
but due to RSA issue I had to format C: drive Windows 7 machine and then I install the windows 8 on C drive.
but before formatting I forget to decrypt the Hard Drive... :( my Bad,
After installing win 8, my D: drive and E: Drive are showing as a RAW drives and asking me to format.
I remember the old User ID and Password for Symantec.
Could anyone please help me in this, any single option to retrieve my data: will be great help.
Thanks
Attempting an in-place upgrade from 12.1.5 to 12.1.6 MP1 returns the following error:
Error 1303. The installer has insufficient privileges to access this directory: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.6306.6100.105. The installation cannot continue. Log on as an administrator or contact your system administrator.
Ironically, I AM THE ADMINISTRATOR and using said account. Yet this happens on every flavor of computer in our environment.
In addition, we are also noticing that administrator group membership does not have permissions to add any directories or files under C:\Program Files (x86)\Symantec and may well be the root cause.
We have tried putting assets into a temp SEPM group with all tamper protection disabled similar to a SYMHELP environment, yet we see the same behavior.
For what it is worth, a clean wipe, reboot and Installation of 12.1.6 MP1 works flawlessly.
Any suggestions would be welcome at this point.
Hi everyboby,
I Have the custom detection to RAR, I create a RAR.fgi using the Analyzer utility, but I don´wt know how to import (use) on DLP.
Can some one help me, please?? :(
Thank you so much!!
Title |
Issue |
Solution |
Updated SEP to 12.1.6.1a build to allow install on Windows 10 Enterprise LTSB evaluation. After it was installed, the client never appeared in SEPM. In looking at the client, it looks like the firewall exceptions for Symantec Antivirus weren't created. SMC and SNAC were created. I've tried both the full and reduced size installs. I can manually add the RTVScan entries, but shouldn't those entries be added by the install, like it did for SMC/SNAC? Is this why it's not showing up in SEPM?
Hi,
We are running into an issue that we want to consolidate multiple standalone sites to one big site and starting to use multiple gup's.
After quite some searching the best option looks to be the 'Communication Update Package Deployment' and disabling Tamper Protection. I ran the wizzard with the necesarry password, which is the same on all standalone sites and saving this package.
Running the SylinkDrop.exe on the client there are no errors and by the looks of the debug just did his thing like it should. But ... this is not the case, the client still connects to the old site and not the new one.
We are running with 12.1.6 and planning to upgrade to MP1a soon.
Any suggestions what we could try?