I need a solution
Hi there
SEPM 14.0.2349.x - AD integrated - ~2500 machines
How can i create a report listing all endpoints <Macs/windows> with no SEP deployed ?
Thanks in advance,
Matt
0
↧
Clients with no SEP deplyed
↧
How to run live defination update through terminal in MAC X
I need a solution
Dear Team,
I am looking for a solution, how to run symantec live update through terminal silently
0
↧
↧
sid29228 system infected downloader.dromedan
I need a solution
How to resolve this issue ?
What could be the possible isolation steps to remediate this infections and locate the infected file ?
0
↧
Hyper-V virtual machines hanging (presumably after SEP 14 update)
I need a solution
I don't have 100% proof, but we recently started experiencing some VM servers hanging (it seems to be working, but one can't logon interactively to them and WMI scanner reports connectivity errors). The only change recently was installing of SEP 14 MP1 client (Basic Protection for Servers) over the latest 12 version. Currently i had two 2012R2 servers hanging once per week (they are on the 2012R2 host which also received SEP 14). And one WS2008R2 which is hanging every few days, which is on WS2012 Hyper-V host with SEP 12 for now (VM is on SEP 14). I don't see anything in the Event log. These machines were running smoothly for half a year with SEP 12.
0
↧
Subnet blacklisted - Reason?
I need a solution
Hello Symantec Support,
It appears that one of our subnets has been blacklisted in your database and this is causing us problems. 46.21.145.0/24 is the subnet in question.
One of our clients uses an IP space within this network and apparently they cannot send e-mail messages to recipients using Symantec Protection Suite Enterprise, as the sender's IPs are blacklisted. If I understand correctly, this strongly relates to other similar posts in this forum, where a user applies for de-listing only to find the same IP listed in your database several hours later.
Please look into this problem, this is damaging for us. We need the reason for this listing of an entire /24 subnet. I would appreciate if you addressed the issue swiftly.
With kind regards,
Daniel Walesiuk
Swiftway Ltd.
0
↧
↧
Packetshaper and SSL shaping
I need a solution
Hi Guys,
We have an S-series Packetshaper and most of the bandwith is being utilized by SSL. We have placed already policies for classes such as Youtube and Facebook to control users however management is asking if we can further look into SSL. Does the appliance SSLV have an integration with Packetshaper? Can the packetshaper shape decrypted traffic from it? Or is the SSLV integrated only to security devices?
0
↧
Live update fails on Linux 7.3 with SEP 14Mp1
I need a solution
Please help me with teh Live update issue on Linux
I have RHEL with kernel (3.10.0-514.16.1.el7.x86_64) machine hosted on cloud
I have installed SEP 14 MP1 version
The Live is not happening on the machine
The connection to internet is via proxy
The symantec sites are allowed.
Few Clients are not getting updated
I get the below error in live update logs
It failed to connect to Hostname: liveupdate.symantec.com but later on the next sesion it successfully connected to Status Message: Server was selected
Protocol: HTTP
Hostname: liveupdate.symantecliveupdate.com
Available Updates: 0
Session Result Code: 0x00010600
Session Result Message: OK - no updates available
Result Code: 0x8001FFFF
Result Message: UNKNOWN
[Server Selection - START]
17:44:44.752217 Result Code: 0x00010000
17:44:44.752282 Result Message: OK
17:44:44.752326 [Server - START]
17:44:44.752370 Host ID: {113395A0-D3D8-4BE4-80B5-202C94EF4A75}
17:44:44.752407 Status Code: 1
17:44:44.752443 Status Message: Server was not selected
17:44:44.752483 Transport Return Code: 0x80010731
17:44:44.752529 Transport Return Message: FAIL - download failed
17:44:44.752587 Protocol: HTTP
17:44:44.752636 Hostname: liveupdate.symantec.com
17:44:44.752672 Port: 80
17:44:44.752706 Path:
17:44:44.752740 Proxy ID: {00000000-0000-0000-0000-000000000000}
17:44:44.752773 Proxy Bypass: false
17:44:44.752807 [Server - END]
17:44:44.752840 [Server - START]
17:44:44.752880 Host ID: {113395A0-D3D8-4BE4-80B5-202C94EF4A76}
17:44:44.752914 Status Code: 2
17:44:44.752947 Status Message: Server was selected
17:44:44.752980 Protocol: HTTP
17:44:44.753014 Hostname: liveupdate.symantecliveupdate.com
17:44:44.753047 Port: 80
17:44:44.753080 Path:
17:44:44.753113 Proxy ID: {00000000-0000-0000-0000-000000000000}
17:44:44.753146 Proxy Bypass: false
17:44:44.753193 [Server - END]
17:44:44.753238 [Proxy - START]
17:44:44.753278 Proxy ID: {005B077A-5C98-4853-9244-8DC0FF3B1465}
17:44:44.753312 Protocol: HTTP
17:44:44.753346 Default: HTTP
17:44:44.753380 Host: 10.224.1.165
17:44:44.753414 Port: 3128
17:44:44.753447 [Proxy - END]
17:44:44.753481 [Server Selection - END]
17:44:44.753531 [Check for Updates - START]
17:44:44.753605 Result Code: 0x00010000
17:44:44.753653 Result Message: OK
17:44:44.753691 Component Status Changes:
17:44:44.753732 None
17:44:44.753768 [Component - START]
17:44:44.753806 Component ID: {9F634534-BAF4-444B-B823-F14C1C80A 8FD}
17:44:44.753841 Available Updates: 0
17:44:44.753875 [Component - END]
17:44:44.753909 [Check for Updates - END]
17:44:44.753953 [Finalize Session - START]
17:44:44.754017 Result Code: 0x00010000
17:44:44.754057 Result Message: OK
17:44:44.754093 Component Status Changes:
17:44:44.754133 None
17:44:44.754168 [Finalize Session - END]
17:44:44.754521 [Session Results - START]
17:44:44.754571 Session Result Code: 0x00010600
17:44:44.754607 Session Result Message: OK - no updates available
17:44:44.754652 [Component Result - START]
17:44:44.754687 Component ID: {9F634534-BAF4-444B-B823-F14C1C80A 8FD}
17:44:44.754722 Display Name: Virus and Spyware Definitions for Linux
17:44:44.754758 PVL: SEPC Virus Definitions Linux 14.0_MicroDefs B.CurDefs_SymAllLanguages
17:44:44.754796 Result Code: 0x8001FFFF
17:44:44.754831 Result Message: UNKNOWN
17:44:44.754865 [Component Result - END]
17:44:44.754898 [Session Results - END]
17:44:44.754931 [Session Summary - START]
17:44:44.754964 Components: 1
17:44:44.754998 Packages: 0
17:44:44.755031 Success: 0
17:44:44.755063 Fail: 0
17:44:44.755096 [Session Summary - END]
Browse results to Symantec sites(proxy is working fine as some server are getting updated)
0
↧
Is possible to generate a SHA1 instead of MD5?
I need a solution
We need to know if can obtain a SHA1 list of files instead of/or as an additional information?
We use SEPM12.1.5 in Windows 2008 Server R2 Std. And clients use Windows 7-
Thanks in advance.
0
↧
Is this the new Forum for ProxySG?
I do not need a solution (just sharing information)
Since the Blue Coat Forums went Read-Only last night, I'm looking for new place to ask Blue Coat ProxySG questions Any suggestions?
Harry
0
↧
↧
SepMasterService fails to start
I need a solution
Countless machines running 12.1.6 where the SepMasterService fails to start normally after a reboot. Already opened a ticket with support over a month ago.
sc.exe \\computername query sepmasterservice
SERVICE_NAME: sepmasterservice
TYPE : 10 WIN32_OWN_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
Then you get the dreaded message below when trying to open the Symantec GUI.
"Symantec Endpoint Protection cannot open because some Symantec services are stopped. Restart the Symantec services, and then open Symantec Endpoint Protection".
0
↧
IP Not Black Listed Yet Cannot Deliver Email to MessageLabs Managed Servers
I need a solution
Hi,
Again our server is blacklisted only this time you don't even have the courtesy to send undelivered messages, probably because they would say it was listed in a blacklist it isn't in again. I've used all the Symantec Blacklist check pages I could find and our IP doesn't appear in any of them. Our Server's IP is 49.176.197.220. We aren’t on any other blacklists, there's no spam coming from our mail server, we don’t have a virus, we aren’t an open relay and we have a static IP. Please fix this. We can't email our customers, suppliers, our bank, and other financial institutions we deal with.
0
↧
WHat does the action list mean by "Log Only"
I need a solution
I see a couple of machines on which the file is quarantined and after 2-3 minutes showing as "Log only"
Does "Log only" mean... no action is taken? what to do for such cases?
How can we clear the qurantine , to prove that the files are cleared from the PC?
0
↧
SEPM reports shows win vista instead of win 7
I need a solution
Hi Team,
SEPM reports shows win vista instead of win 7. is there any issue on this reporting part from SEPM 12.1.6 MP5.
0
↧
↧
Unable to download PGP SDK
I need a solution
The PGP SDK download link is not working. When clicking the Accept and Download button from this link https://www.symantec.com/connect/downloads/pgp-sdk, the download page is not cpmong.
Pleas suggest.
Regards,
Vinod
0
↧
Win 7 is Stuck in Shutting down process, after Symantec upgrade from 12.1 to 14.0 mp1
I need a solution
Hello Symantec Team,
Recently we have started using New Symantec version 14.0.2332.0100 and facing the issue of Win 7 stuck in shutting down process. This issue was not occured with SEP 12 version.
After we have upgraded symentec version from 12 to 14 then this issue started. Also we have checked with new symentec 14 installation on fresh win 7 OS but getting same problem.
Everytime we should hard reboot to systems.
Currently Windows 7 x64 is installed on those systems which getting this issue. This issue is affected on more than 50 systems.
Kindly provide the solution as soon as possible.
Thanks & Regards,
Abhijeet
0
↧
System Infected: W97M.Downloader Activity 24
I need a solution
Hello,
We are getting notification at regularly:
| Occurrence: | 1 |
| Signature Name: | System Infected: W97M.Downloader Activity 24 |
| Signature ID: | 29742 |
| Signature Sub ID: | 73736 |
| Intrusion URL: | update-kernal.net/update-index.aspx?req=69210945%5Cdwn&m=d |
| Intrusion Payload URL: | N/A |
| Event Description: | [SID: 29742] System Infected: W97M.Downloader Activity 24 attack blocked. Traffic has been blocked for this application: C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\POWERSHELL.EXE |
| Event Type: | Intrusion Prevention |
| Hack Type: | 0 |
| Severity: | Critical |
| Application Name: | C:/WINDOWS/SYSTEM32/WINDOWSPOWERSHELL/V1.0/POWERSHELL.EXE |
| Network Protocol: | TCP |
| Traffic Direction: | Inbound |
| Remote IP: | 52.213.114.86 |
after every 2 mint symantec detect the same.
kindly advice how to get rid of this situation.
We also block remote IP at internet firewall, and url at proxy, but still getting the notification.
0
↧
Is it possible to automate or script the setup of folder exclusions / exceptions?
I need a solution
Hi,
I'd like to automatically add some folder exceptions when SEP is installed. For example D:\Database should be added to the SONAR exceptions list. Ideally I'd like to do this during silent installation of SEP via a setup script I usually run to install the product. I looked at the list of MSI parameters I can install with but didn't see anything for adding exceptions to prevent scanning of folders.
Is there a way I can automate this?
Thanks
0
↧
↧
Failover in Proxy ASG S400
I need a solution
Good afternoon dear
Thank you very much in advance for your attention. I commented that I'm new to Proxy's Bluecoat implementation, now Symantec, but I'd like to know how they handle Failover.
I have read in the documentation that for Explicit Proxy scenarios Failover functionality is available using "IP address failover", something similar to the VRRP deployment. Now, for Transparent Proxy scenarios I notice that the deployment is creating "Software bridges", but I must have physical interfaces for deployment. Am I right? My second query is that I understand that using either method ("IP address Faillover" or "Software Bridges") I have to first create the fix and after having a single logical unit I start to configure the computer as if it were only one, ¿ This is so? O Do I have to configure each computer individually and when any inconvenience occurs with one of them, would it go to the configuration of the other?
I would appreciate if you could support me with the subject. Thank you in advance for your attention.
Best regards
Martin Torres L
0
↧
Will SEP 14 Offer Support for Windows 10 UWF or a 3rd Party Write Filter?
I need a solution
We're rolling out SEP 14 for Windows 10; we've enabled Windows 10 UWF and found that there isn't offcial support or an unoffical work around to use this Write Filter with SEP 14. After checking in to supported Write Filter types, SEP 14 only supports: FBWF.
My questions are:
Will SEP offer support for UWF for windows 10?
If you're rolling out Windows 10 in your envrioment with a write filter, which product are you using?
0
↧
Size of files
I need a solution
I am using endpoint protection small business and the size of the Norton folder is about 55gb. Is there a way to minimize that in any way and still have the program be usable? Thank You.
0
↧