Hello ! I encountered a problem while registering a user in the SEE v11.3.0 client.

I am 100% sure that the administrator login and password are correct.

This is not due to BitLocker, as he is disconnected. On the command line using "manage-bde -status" shows "Encrypted (percent): 0.0%"

This problem does not allow me to use your product. I tried many solutions from the forum such as TECH235632, TECH231177. It did not help.

maybe there is a decision about which I do not know yet? 

We use to renew through hostedendpoint.spn.com website, but that has been disabled.

Symantec has a list of resellers to contact for renewals... and I've called all of them (3 pages) over the last few weeks, either they don't call back or are not interested in helping renew a measly 25 seat license.

I called Symantec support, but the agent was not able to find any solution in her script, and could not move off script.

I hate to leave Symantec... just got everything configured how we like it, but don't see that we have a choice.

Is anyone else set to expire soon, with no way to renew?

Suggestions please.

Thanks!

Hi

Does Symantec offer any similar service/product to Trends Virtual Patching? 

Thanks

Hi all,

 Aforetime, Google released Update 78 for Chrome and since then it's seems to be broken for symantec endpoint protection users.

The problem is you can't load any pages, You will get "Aw, Snap" Error.

Anyone know a permanent solution?

My symantec endpoint protection version is 14 (14.0 RU1 MP1) build 3897

How can we send the Content Analysis logs to a Syslog server? Currenlty we can send the "Access logs" (Configuration -> Access Logging -> Logs -> upload client) and "Event logs" (Maintainance -> Event Logging -> Syslog ). We are using an ASG and Content Analysis also there. But I couldn't find a configuration setting in order to send the Content anaysis log s to syslog server? Can some one pls help?

Thanks in advance!

Hi,

I need your help regarding our Issue. We are comparing is the Risk Type from the Comprehensive Report and the Risk Logs extracted from the Monitor tab. In the Risk Logs there is a column name "Category Type" which we assumed is the same as the Risk type under the Comprehensive Report. Now, if we extract the Comprehensive Report and check the Risk Type and compare it with the Risk Logs that is filtered according to category type the expectation should be the same. We do this to determined the endpoints (there is no endpoint details under Risk type) affected under the Risk type. However, the results is different and the discrepancy is huge.

Hi everyone

I wonder if someone can help me. We have a Bluecoat SG300 in our Middle East office which went down yesterday. This does all the web filtering so the users have had to disable the proxy server in order to have Internet access - not ideal...

I've attached a picture of the front of the unit. The power LED is flashing green-amber while the triangle LED is completely off. Does this indicate a hardware fault or is there a way I can bring it back online? The device cannot even be pinged locally. I was thinking of connecting a laptop to it directly and trying to connect locally but I'm not sure if it's even booting up fully.

Assistance would be greatly appreciated.

Many thanks

The subject pretty much says it all. I have a user who would rather not have to manually enter addresses in his Good Senders list and asked if there is a way to automate the process. To my mind it would make sense that releasing a false positive from Quarantine added the sender to the Good Senders list.

Thanks

Guys,

When an end-user receives a download insight pop up and clients click on "allow this file" and the file is a virus would SEP block it?

We are using Altiris 8.5 and SEE 11.3 and feature upgrades work great without having to run the special scripts to allow them to run if the device is encrypted. Yet you still need to send a command to enable the auto login feature which is a manul job we will have to push. Has anyone built this command into their patch managment when the feature upgrade tries to apply? It would be great if in the patch push you could have a detaction check for SEE 11.3, if its there run the command to allow 3 reboots for the feature windows upgrade. Not sure if something like that would even be possible? 

https://support.symantec.com/us/en/article.doc9422...

Hello,

My organization is looking to enable the end-user VIP Self Service Portal url on our Symantec VIP agents so users can login with their Active Directory credentials and self-register/self-manage their hard and soft tokens.  We'd like the url available from outside our network as business use-case dictates we require it, it will be integrated into our Active Directory where group policy is enforcing password and account lockout requirements.  I have concerns regarding exposing a single-factor login form to the wild where anybody could test our Active Directory userids and passwords, not notably I'm worried about opening a new avenue that allows the ability to harvest credentials.  The documentation provided doesn't seem to reference enforcement of password/account lockout policies for the login page that would mitigate the risk (i.e. max incorrect password attempts, account locking, etc.).  I'm wondering if AD password/account lockout group policy will apply for this login form when logins are attempted and/or if there are additional security features on the Symantec VIP agent side that would further mitigate risk?  Thanks!

There has been a PHOBOS ransomeware attack on my servers and they uninstalled the SEPM completely,

When we build the new server of SEPM the client Machines are not visiable not even a single machine. 

Kindly guide as how to get the clients visible on the SEPM. we have more than 500 cleint machines 

Hi

I forgot my password for https://identity.symanteccloud.com/logon?rsid=2c9bc22d393b48da8018e40fdd155bea and I am able to reset the password successfully, but I can't login in. It keeps saying userid and password are not correct.

I have reset my password too many times. My workload is piling up waiting for this to resolve.

My userid is 17470 and my email address is dulcie.gima@oktedi.com.

Regards,

Dulcie

Can anyone explain me were exactly i have to create variables that i can use it to Count approvals and rejects over all splitted Dialog Workflows. If i generate global variable i can not use it. i readed all forum discussions but i dont get it working. Can anyone explain me how simply merge and global data simply merge works ?

Hello - per the title, I have thus far been unable to get the SEP Intelligent Updater to install definitions for SEP.

This is the log I've received:

Tue Dec 31 04:10:51 2019 : ******************************************************************
Tue Dec 31 04:10:51 2019 :         Starting Intelligent Updater - Version 5.1.7.29
Tue Dec 31 04:10:51 2019 : ******************************************************************
Tue Dec 31 04:10:51 2019 : AUTH SYMSIGNED BEGIN: Started.
Tue Dec 31 04:10:51 2019 : AUTH SYMSIGNED CLASS3 BEGIN: Entering CriticalSection Initialization .
Tue Dec 31 04:10:51 2019 : AUTH SYMSIGNED CLASS3: Finding code signing : TRUE.
Tue Dec 31 04:10:51 2019 : AUTH SYMSIGNED END: Finished processing. Returns TRUE
Tue Dec 31 04:10:51 2019 : IU RES SYMSIGNED SUCCESS: Successfully verified Symantec Signature for the iuResource DLL
Tue Dec 31 04:10:51 2019 : IU RES LOAD: Successfully loaded the resource file..
Tue Dec 31 04:10:51 2019 : CONFIG LOAD SUCCESS: Successfully loaded the configuration file: iuConfig.xml.
Tue Dec 31 04:10:51 2019 :     IU INFO: File-name : 20191230-002-Core3SDSv5i64.EXE
Tue Dec 31 04:10:51 2019 :     IU INFO: Creation-date : 20191230
Tue Dec 31 04:10:51 2019 : AUTH DLL LOCATION: IU will read the DLL SAVIUAuth location from registry.
Tue Dec 31 04:10:51 2019 : REG FAILURE: Failed while opening the key  from registry. Return code: 2
Tue Dec 31 04:10:51 2019 : REG SUCCESS: Success while opening key 
Tue Dec 31 04:10:51 2019 : REG SUCCESS: Succeeded while fetching the path from registry.
Tue Dec 31 04:10:51 2019 : AUTH DLL: DLL found for Entry number 0.
Tue Dec 31 04:10:51 2019 : Identified as 32-bit product installation. Continuing...
Tue Dec 31 04:10:51 2019 : IU MODE: IU is running is FULL mode.
Tue Dec 31 04:10:57 2019 : CONFIG LOAD SUCCESS: Successfully loaded the configuration file: iuConfig.xml.
Tue Dec 31 04:10:57 2019 :     IU INFO: File-name : 20191230-002-Core3SDSv5i64.EXE
Tue Dec 31 04:10:57 2019 :     IU INFO: Creation-date : 20191230
Tue Dec 31 04:10:57 2019 : PROCESSING ENTRY: VIRSCAN.zip - Virus Definitions
Tue Dec 31 04:10:57 2019 : Entry details:
Tue Dec 31 04:10:57 2019 :     Update-File:             VIRSCAN.zip
Tue Dec 31 04:10:57 2019 :     Update-Desc:             Virus Definitions
Tue Dec 31 04:10:57 2019 :     Auth DLL Name:             SAVIUAuth
Tue Dec 31 04:10:57 2019 :     Auth DLL Location:         local
Tue Dec 31 04:10:57 2019 :     Auth Content-Type:         virus definitions core 3 sds x64
Tue Dec 31 04:10:57 2019 :     Deploy Content-Type:         virus definitions core 3 sds x64
Tue Dec 31 04:10:57 2019 :     Deploy DLL Name:         SAVIUDeploy
Tue Dec 31 04:10:57 2019 :     Deploy DLL Location:         local
Tue Dec 31 04:10:57 2019 : AUTH DLL LOCATION: IU will read the DLL location from registry - SAVIUAuth
Tue Dec 31 04:10:57 2019 : REG SUCCESS: Success while opening key 
Tue Dec 31 04:10:57 2019 : REG SUCCESS: Succeeded while fetching the path from registry.
Tue Dec 31 04:10:57 2019 : DEPLOY DLL LOCATION: IU will read the DLL location from registry - SAVIUDeploy
Tue Dec 31 04:10:57 2019 : REG SUCCESS: Success while opening key 
Tue Dec 31 04:10:57 2019 : REG SUCCESS: Succeeded while fetching the path from registry.
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED BEGIN: Started.
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED CLASS3 BEGIN: Entering CriticalSection Initialization .
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED CLASS3: Finding code signing : TRUE.
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED END: Finished processing. Returns TRUE
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED SUCCESS: Successfully verified Symantec Signature for the authorization dll C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\LuAuth.dll
Tue Dec 31 04:10:57 2019 : AUTH LOAD SUCCESS: Successfully loaded the authorization dll - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\LuAuth.dll
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED BEGIN: Started.
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED CLASS3 BEGIN: Entering CriticalSection Initialization .
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED CLASS3: Finding code signing : TRUE.
Tue Dec 31 04:10:57 2019 : AUTH SYMSIGNED END: Finished processing. Returns TRUE
Tue Dec 31 04:10:57 2019 : DEPLOY SYMSIGNED SUCCESS: Successfully verified Symantec Signature for the deployment dll C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\LueEim.dll
Tue Dec 31 04:10:57 2019 : DEPLOY LOAD SUCCESS: Successfully loaded the deployment dll - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.5323.2000.105\Bin\LueEim.dll
Tue Dec 31 04:10:58 2019 : AUTHORIZATION FAILED: VIRSCAN.zip is not authorized for deployment. Error code : 104
Tue Dec 31 04:10:58 2019 : IGNORE ENTRY: Ignoring entry for VIRSCAN.zip because it is not authorized for deployment
Tue Dec 31 04:10:58 2019 : Cleaning up the AuthorizationEngine
Tue Dec 31 04:10:58 2019 : After release
Tue Dec 31 04:10:58 2019 : Done cleaning up authorization engine
Tue Dec 31 04:10:58 2019 : PROCESSING ENTRY: VIRSCAN.zip - Virus Definitions
Tue Dec 31 04:10:58 2019 : Entry details:
Tue Dec 31 04:10:58 2019 :     Update-File:             VIRSCAN.zip
Tue Dec 31 04:10:58 2019 :     Update-Desc:             Virus Definitions
Tue Dec 31 04:10:58 2019 :     Auth DLL Name:             ISAuthDLL
Tue Dec 31 04:10:58 2019 :     Auth DLL Location:         local
Tue Dec 31 04:10:58 2019 :     Auth Content-Type:         virus definitions core 3 sds x64
Tue Dec 31 04:10:58 2019 :     Deploy Content-Type:         virus definitions core 3 sds x64
Tue Dec 31 04:10:58 2019 :     Deploy DLL Name:         ISDeployDLL
Tue Dec 31 04:10:58 2019 :     Deploy DLL Location:         local
Tue Dec 31 04:10:58 2019 : AUTH DLL LOCATION: IU will read the DLL location from registry - ISAuthDLL
Tue Dec 31 04:10:58 2019 : REG SUCCESS: Success while opening key 
Tue Dec 31 04:10:58 2019 : REG FAILURE: Failed while fetching the path from registry.
Tue Dec 31 04:10:58 2019 : DEPLOY DLL LOCATION: IU will read the DLL location from registry - ISDeployDLL
Tue Dec 31 04:10:58 2019 : REG SUCCESS: Success while opening key 
Tue Dec 31 04:10:58 2019 : REG FAILURE: Failed while fetching the path from registry.
Tue Dec 31 04:10:58 2019 : IGNORE ENTRY: Ignoring entry for VIRSCAN.zip because of registry read failure. Error occurred while reading the path for the Authorization DLL from the registry.
Tue Dec 31 04:10:58 2019 : The product corresponding to this entry in iuconfig.xml is not installed on the system.
Tue Dec 31 04:10:58 2019 : PROCESSING ENTRY: VIRSCAN.zip - Virus Definitions
Tue Dec 31 04:10:58 2019 : Entry details:
Tue Dec 31 04:10:58 2019 :     Update-File:             VIRSCAN.zip
Tue Dec 31 04:10:58 2019 :     Update-Desc:             Virus Definitions
Tue Dec 31 04:10:58 2019 :     Auth DLL Name:             Norton X64 AuthDLL
Tue Dec 31 04:10:58 2019 :     Auth DLL Location:         local
Tue Dec 31 04:10:58 2019 :     Auth Content-Type:         SDSDefs
Tue Dec 31 04:10:58 2019 :     Deploy Content-Type:         SDSDefs
Tue Dec 31 04:10:58 2019 :     Deploy DLL Name:         Norton X64 DeployDLL
Tue Dec 31 04:10:58 2019 :     Deploy DLL Location:         local
Tue Dec 31 04:10:58 2019 : AUTH DLL LOCATION: IU will read the DLL location from registry - Norton X64 AuthDLL
Tue Dec 31 04:10:58 2019 : REG SUCCESS: Success while opening key 
Tue Dec 31 04:10:58 2019 : REG FAILURE: Failed while fetching the path from registry.
Tue Dec 31 04:10:58 2019 : DEPLOY DLL LOCATION: IU will read the DLL location from registry - Norton X64 DeployDLL
Tue Dec 31 04:10:58 2019 : REG SUCCESS: Success while opening key 
Tue Dec 31 04:10:58 2019 : REG FAILURE: Failed while fetching the path from registry.
Tue Dec 31 04:10:58 2019 : IGNORE ENTRY: Ignoring entry for VIRSCAN.zip because of registry read failure. Error occurred while reading the path for the Authorization DLL from the registry.
Tue Dec 31 04:10:58 2019 : The product corresponding to this entry in iuconfig.xml is not installed on the system.
Tue Dec 31 04:11:25 2019 : Done with IU Operations

Both SEP and the Intelligent Updater are of the newest version (14.2 RU2 build 5323 and 20191229-003-core3sdsv5i64 respectively) and I had used LiveUpdate prior to opening the Intelligent Updater.

While I realise that it's probably unnecessary to use the IU when the SEP has access to LiveUpdate, my current setup will not have internet connection after commissioning and would not be able to update definitions the same way. Is that the only way in which the IU can be used? Is my current error due to having already updated definitions? 

Many thanks for your time.

hi Team, 

i am working for my client. for my client company having 500 clients, out of 500 client machines, 60 machines have effected with dlp issue.

issue: we have created a dicover policy, but accidentally we have marked all the extensions mentioned in the policy. by end of the day, outlook plu-in was tampered. next day we have disabled the policy and deleted the policy. though we have deleted policy still the count of machines effecting is increasing. 

what is the permanant solution without uninstalling the DLP agent?

we restarted outlook many times we have tried most of the things discussed in forums, but we didn't find any solution.

please help me out to resolve this issue.

Regards,

sastry ch 

The subject pretty much says it all. I have a user who would rather not have to manually enter addresses in his Good Senders list and asked if there is a way to automate the process. To my mind it would make sense that releasing a false positive from Quarantine added the sender to the Good Senders list.

Thanks

Guys,

When an end-user receives a download insight pop up and clients click on "allow this file" and the file is a virus would SEP block it?

We are using Altiris 8.5 and SEE 11.3 and feature upgrades work great without having to run the special scripts to allow them to run if the device is encrypted. Yet you still need to send a command to enable the auto login feature which is a manul job we will have to push. Has anyone built this command into their patch managment when the feature upgrade tries to apply? It would be great if in the patch push you could have a detaction check for SEE 11.3, if its there run the command to allow 3 reboots for the feature windows upgrade. Not sure if something like that would even be possible? 

https://support.symantec.com/us/en/article.doc9422...

I have run 1803 to 1903 with 11.3 installed without issue after turning pre-boot off for 3 logins, but now testing 1909 the upgrade is failing when going 1803 to 1909, on devices not running SEE 11.3 the upgrade goes fine.

is 1909 not supported for this yet? I see only 1903 listed in this link:

https://support.symantec.com/us/en/article.howto128509.html