Navigation |
Symantec Security ResponseSEP console will not install SEP package to windows 7 computerIm using the console to first find my windows 7 machine. I used the computer name. After searching, I see two Unknown Computers. One is the computer name the other is the ip of the same computer. so I have two listings for the same computer. Ok. On the windows 7 client made sure that the domain settings in network and sharing had file and print sharing turned on. I'm I missing something on the client? Normally when I do this with xp machines they come up as unmanged computers and am able to push client package. Typically if I forget to check file and print sharing on the xp computer it will show up as unknown computer. I think I'm missing something on the Windows 7 box to let it talk to the SEP console. Any help would be appreciated. SEP Firewall ports to allowHi All I;ve recently started setting up my firewall policy within SEP, I wish to lock down the firewall quite substanially but i need to know which ports to allow for network shares and all domain functions to work properly. I have searched through google countless times and come up with nothing solid, can anyone help ? Problem with firewall EndPointHi everybody, I have a problem to install a program (activation key by internet). And I try to go to Network Threat Protection to desactivate the firewall or to made a exception for my software I try to install but from this page I could not access to the settings ... SIncerely Hollow SEP installed but still getting Antivius XP Pro malwareI asked this question before but I don't think I got an answer. I have the latest SEP installed here with the Antivirus and Antispyware and the Proactive Threat Protection installed. The definitions are up-to date and Auto-Protect is enabled. But it's been happening a little to often lately where clients are getting this "Antivius XP Pro" malware taking over their system. Earlier this year I've had a few similar problems with "Virus Shield" doing this same thing. Why isn't SEP catching this? Is it not designed to catch malware? Am I missing a configuration somewhere? Is there another SEP app I don't have installed? Please help with some advice. Thanks. Symantec for embeded XPHi One of our customer wants to install Symantec™ Endpoint Protection for Windows® XP Embedded 5.1 in their new office network Regards Rahul Krishnan SEP 11.0.5002.333 client and Sage Ver 11.01The SEP 11.0.5002.333 client is installed on a new SBS 2008 server and all of the clients on the domain. They use Sage Ver 11.01 on several PCs and the data is stored on a shared folder on the server. Sage runs unacceptably slowly unless I disable the SEP Client on the server. It makes no difference whether or not the SEP client is activated or even installed on the individual PCs. I have tried excluding all of the Sage folders from the virus check. Oplocks are enabled and SMB signing is disabled. Is this a problem with SEP 11.0.5002.333 client? IT was never this bad with previous versions.
SEPM Failing On A Daily Basis.Hello All, I need some advice on how to troubleshoot a problem that has started to occur recently with our SEPM installation. We are currently using SEPM 11.0.2000.1567, which I am sure many will note is an old old version. We did look at upgrading to the latest MR some time ago, but I believe it was to MR3 which from memory required more work then it was worth (recollection of having to upgrade to MR2 first the MR3 with some database related procedure needing following too), as we where having no problems (until the fabled New Year virus definitions bug that occurred) it did not seem that the effort required would return a tangible benefit. Alas now we have a problem, which before I upgrade to MR5 (I believe it is the current version) I need to identify the cause of the problem and validate that MR5 will resolve the issue. The issue is as follows, on a daily basis we open up the SEPM console to perform various management tasks, after entering the username and password to connect to the SEPM console, the progress bar is shown and it states it is loading, but it never proceeds further then a third of the way, no matter how long we leave it. To resolve this the Symantec Endpoint Protection Manager service needs restarted and also the Symantec Embedded Database service needs restarted. However when restarting the Symantec Embedded Database service it does not stop therefore the dbsrv9.exe process needs killed to force the restart of the embedded database service. As a test I left the SEPM console for a week in the hung state to determine if it effects client computers, it does they fail to retrive the daily virus definition updates so it is not just the console application that is failing when this issue occurs, it appears to be the whole SEP environment. My question is, how do I trace the cause of this, I know the SEP environment creates log files for various functions but reading them (as they appear to be in Java/Tomcat speak) is something that is above my level of knowledge? Also I dont know which log file of the many thier is I should be looking at (I looked at all of them and some do have errors reported) Can anybody help? Also we do run the SEPM console on the same server we have WSUS installed on, however the WSUS management website is using port 8531, the only WSUS related system running on port 80 is the virtual SelfUpdate directory (which has to be running on port 80 for end clients to be able to update to a new version of the Windows Update Agent when WSUS has a new version to deploy). As this uses a specific URL path (http://windowsupdateserver.dns.name/SelfUpdate) I dont beleive running this virtual directory in the same website as the SEPM console has any effect? Thanks. Gary Hall. Problema con GUPBuenas. ERROR EN UN CLIENTE ERROR EN OTRO CLIENTE Alguien podria ayudarme.??? What is the porpose of providing .slf file with SEP 11.x
We have purchased the licence for installing Symantec End point 11.0 So I got two compressed folders: Symantec_Endpoint_Protection_11.0.5_AllWin_EN_CD1.zip what is exactly each folder is related to? I have opened the first folder and proceed the installation from there It doesn't ask me for the license file (.slf) which i have received?? Do I have to copy the licence file to a specific location within Symantec folder directory? I tried to search about this every where and I come to the conclusion Am I right, if that is true why symantec is providing the key file? Thanking you all in advance. Khalid SEE V7.0.4 disk mirror in PCHi support , If my office PC run WinXP SP3 and 2 x harddisk ( disk mirror ) , so May I install SEE RS client ( framework + removable storage) in that PC ? Regards What's the update interval when using the options "Use the default management server (recommended)" alone?Hi All, We have about 700 clients connecting to one SEPM server and they are in the same LAN. For virus definition (as well as other content) updates, we use the option "Use the default management server (recommended)"and do not use LiveUpdate for the clients. However, we have found that the update schedule of the clients varied greatly. For instance, the SEPM server retrieved the update-to-date virus defintion at 08:00am, when the clients were started at 09:00am, only some of them retrieved virus definition updates from the management server immediately. For other clients, some of them retrieved the updates at 01:00pm and some of them at 05:00pm. The update time is consistent, that means clients retrieving updates at 01:00pm will always retrieve them at around the same time, no matter the server is busy or not. Also, we have checked that the server is not busy all the time. So, may I ask what's the update interval and schedule when using the options "Use the default management server (recommended)"? Also, are there any ways to speed up the virus definition update? Thanks a lot! Dennis Clients not contacting management server(s) - need to re-import these? help pleaseOk - So I had a failed SEPM server and the DB was screwed. I managed to get it up and running again and convert it to a SQL DB. The secondary server was so out of date as it hadn't been replicating that it was useless. Anyway, since setting the server back up I've got only a handful of clients contacting the SEPM server - no one else has, we're talking like 2000, no green dot or anything. I've tried importing the communication settings with the sylinkdrop tool, but it doesn't work, still no green dot. I reset the server certificate as documented when I rebuilt the server....so I don't understand. What can I do to re-establish communication with the SEP clients? cheers Symantec endpoint protection NotificationI recieved a notification from my machine today and would like your analysis on it. please see attached database incidentsHi, Is there any way to delete seleted incidents from the database? Not only the old ones, but for example, only the false positives before some date. Thank you. BV-control for exchangeDear ALL, We have the following (RMS With Bv-control For Exchange Server only), can i query for File and registry if yes can you help me i try all the query but i did not find any ? or Can i Query for The Status of Protocol i.e. (SMTP, HTTP)
Thanks Issues downloading with Liveupdate serverOur setup here has a sepm server, sav server, and mail security for exchange on our exchange servers. Our outbound connections are low bandwidth and high latency. SO in an effort to consolidate we are trying to migrate everything to pull from a single liveupdate administrator server. The lua server is set up and trying to work, however it has issues downloading any kind of larger file. The behavior of the sepm server of breaking any kind of download into smaller 3.something meg chucks allowed it to work flawlessly, is there any way for lua to duplicate that behavior? Blocking some keysDear Team,
Regards, What will happen if number of mailboxes exceed the license?What will happen if number of mailboxes exceed the license? It still protect all users, protect only some users or fail to protect? Exchange 2007 'hang'This is possibly a one-off and its not at all certain whether Symantec Mail Security is even at fault, however I had an issue this morning on our Exchange 2007 server that has caused me a little grief, so I thought I should document it here and ask others to comment. My environment: Recently I had cause to install/configure NFS on this server, which does triple duty as both a mail server, file server and domain controller, so that we could store files from off our VMware servers. It was all working swimmingly until this morning. Sequence of events as best I can piece it together: 24 FEB ... upgraded from v6.0.9 to v6.0.10 of Symantec Mail Security for MS Exchange People reported mail being stuck in their Outlook Outbox. This error was in the logs: The execution time of agent 'SMSMSESMTPAgent' exceeded 300000 (milliseconds) while handling event 'OnEndOfData'. This is an unusual amount of time for an agent to process a single event. However, Transport will continue processing this message.I then tried manually stopping all the Exchange services, however the Information Store process would not stop. After waiting about 15 minutes, I eventually had to reboot the server. After the reboot, Exchange was working fine again ... but ... it started throwing Event ID 4004 errors relating to "Server for NFS" service. NFS services would not start. As we are not using NFS much now, I have uninstalled it, so not much harm done, but I am at a loss to understand what happened to the server which triggered this issue. I couldn't find many specific matches on the error messages when I Googled, however one of the suggestions made was that the NFS problems might be related to RPC issues (e.g. RPC finding itself on the 'wrong port' which makes NFS get confused). I am pretty sure that Symantec Mail Security for Exchange utilises RPC in some way. But there's a 2 week gap and a lot of activity between the upgrade of Symantec Mail Security and the issues which hit this morning. So am wondering whether there have been any updates released recently which have caused anyone else any grief with Exchange 2007 or with NFS. SMSMSE 6.10 not detecting or stopping encoded ZIP fileI have a client from a previous post that is still having problems with their install of SMSMSE 6.10.295 not stopping test EICAR virus files. I most recently went to: I am going to the 'Virus Tools' and 'Test Messages' section, entering the email address in and choosing 'eicarencodedzip - To test if encoded ZIP files are blocked' from the dropdown. When I send this, they receive this file, which is getting passed their 3rd-party anti-virus, anti-spam provider (MailMax) and then gets passed SMSMSE. Can anyone let me know how to fix this or how to re-configure SMSMSE to stop and block this virus test? Thank you! Michael |
Sophos Virus AlertsMicrosoft at workSymantec Security Response
User login |