Does anyone out there have any knowledge working with Symantec DLP 15 with Dell Isilon? I can't get Content Root Enumeration to enumerate the shares. CRE works for all other server shares, and for the Isilon Server Names enumeration. But when I check off to include enumerating shares, it fails with unknown error and no information. Support has been zero help.
We can’t upgrade one pair of proxysg 300-5 from version 6.5.9.12 to 6.7.4.3, the error message we encountered during image installation was “ failed to extract system image” .
Could you please help me what will be minor version need to upgrade .
Hi
As DLP 15.7 has been released last week with no new version for ICT as was the case in the previous version and this version should introduce more integration between DLP and ICT to be on one console and as well to be able to apply classification on the network discovery level which didnt happen on that release.
So my question here , is ICT , ICE will be deprecated ? or this will be achievable next version
Thanks
We downloaded Symantec Update 13 Jan 2020 (reduced size for standard clients) and after pushing the update fol issues are being observed.
1. A large no of scripts placed in group policy which are downloaded during user logon are being identified as malware by Symantec. This issue is however solved intermittently by adding the scripts in exception list.
2. The outstanding issue is that now on our Windows Server 2012 R2 application servers, shared printers connect slowly (when you do it via \\PRINTSERVER\PrinterName) or otherwise when client side extension of printer policy is being executed during user logon. Due to this, user logon times has terribly increased and no log etc is available for troubleshooting. Also, we have even tried stopping sep client using smc -stop command and than try to reproduce the problem, interestingly the problem still is not resolved. However, when we completely removed symantec endpoint client from our server and reproduce the problem, it is gone.
3. After digging down a lot, I also found that not all kinds of printers are being slowly processed during group policy processing at user logon, rather only some HP Laserjet models are slow..
PLEASE HELP!!!
Hi there,
Please advise if we can enable Memry Exploit Mitication ( Network and host exploit mitigation) for prod servers.
Hi
I have a problem with login to SMG.
whenever I try to open SMG web interface it ask me a certificate for authentication. the old version didt have this and this error made our users confused whenever they try to release or view a spam email.
where can I disable this feature?
I made scan my files with SymDiag .This software connect for a lot of server .I check one of it .Server listing folders.I think Apache should not allow for it.
http://port-205-196.nextconnex.net/
http://port-205-196.nextconnex.net/js/
http://port-205-196.nextconnex.net/include/
http://port-205-196.nextconnex.net/html/
http://port-205-196.nextconnex.net/css/
http://port-205-196.nextconnex.net/api/
http://port-205-196.nextconnex.net/api/v1/
Hi all,
We have Symantec ICT and DLP working together.
We just have a rule in DLP to work with ICT. The rule was created to block all documents classified as "Internal" to send to a external domain.
Is a simple rule.
Problem:
When we have just one external domain in the "recipient", the e-mail or document is blocked to moving by e-mail, web or removible storage. But when we have a external domain and internal domain together in the "recipient", the e-mail or documents not is blocked by prevents. Emails with "Internal" tagging is passing by Prevents.
Samebody have this problem?
Tks!
Has anyone successfully created an exception to tune out a phone number from being detected as an SSN?
I have attempted to create exceptions using keyword matches, regexs, and data identifiers with no luck.
Hi,
we are testing the new SEP 14.2.2MP1 and the installer for Catalina keeps giving me an error 'The application "Symantec Endpoint Protection Installer" can't be opened'. I checked in 'System Preferences|Security & Privacy' if the installer needs special permission but it is not listed there. Anyone else has seen this issue and how can it be resolved?
Thanks
Hi,
I am trying to configure the Quarantine console and Quarantine Server on Windows 2008 R2 standard edition as we have symantec protection engine on our Environemnt. I have installed both Console and Server on a same server. But i am unable to connect to the server. Even i don't see the Quarantine Console services. I have done the reboot after the installtion even though it's not showing the services of Console. When i am trying to open the Console i am poping up with the window to connect to the server, if i select this computer and click on finish "Can't Connect to the Server""Make sure the Quarantine server is installed on the specified machine". Please some one help with this issue ASAP. I referred the below configuration document
https://symwisedownload.symantec.com/resources/sit...
Hello, I've been using Ghost to image my personal machines for about 20 years. I simply boot off the CD and create backups to another drive, and restore in the same fashion. Now I just bought a new laptop, that doesn't have a CD drive. So I created a bootable USB, which works on my older machines, but not the new laptop. The laptop bios settings include: storage controller RST mode (not entirely sure why this laptop requires this), boot mode UEFI (can't go to Legacy boot mode in RST), and USB boot enabled. I've tried multiple different settings and the laptop just will not bring up the USB in the boot menu. I tried taking the SSD out to put it in my old machine, but then realized it's not SATA (it's NVMe PCIe).
So can someone please enlighten me on how best create a Ghost image of this hard drive? Many thanks in advance!
Hi all,
Hope someone can give me some directions. We are using SEPM 14.2.2 and i've written a powershell script thats able to get the number of assets in a group and to get the list of computers in all groups. This method is based on the REST-API from SEPM and it's required for billing purposes.
I intend to migrate it all to SEP cloud so i'm already running hybrid so all agents in SEPM are also visible in the cloud console.
A showstopper is the reporting part I use with SEPM. It has to work against the cloud to be able to move it all over. But I just cant seem to find how to connect and authenticate to the cloud console using powershell command invoke-restmethod.
This is the script i used to run against SEPM:
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $True }
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
$cred= @{
username = "%admin account%"
password = "%admin password%"
domain = ""}
$auth = $cred | ConvertTo-Json
$token = (Invoke-RestMethod -Uri https://localhost:8446/sepm/api/v1/identity/authen... -Method Post -Body $auth -ContentType 'application/json').token
groups = (Invoke-RestMethod -Uri "https://localhost:8446/sepm/api/v1/groups?pageIndex=1&pageSize=250" -ContentType application/json -Headers @{Authorization='Bearer '+"$token"}).content | select-object FullPathName,numberOfPhysicalComputers
But simply changing the URL doesnt work as you might guess. So can anyone point me in the right direction or example script?
Hi,
we try to buy add on license for about 4 moths now and their partner say Symantec worldwide has problem taking orders or selling license and we are not the only customer with is problem.
this is hard to believe, it you talk about hours, yes maybe, but months?
they are destroying Symantec name if this is not true.
We are in Singapore, can any one confirm this matter?>
Hello,
I'm reaching out to you for an ideea how perform an Windows 10 upgrade from versions <=1803 to 1809/1909 and I'm having dificulties understanding how the bypass (autologin MSI) and SEE upgrade scripts can be incorporated into an SCCM In Place Upgrade Task Sequence.
The environment i'm working on is with SEE 11.2.0 and with Windows versions varying from 1507 up to 1803 included. My task now is to perform an upgrade using the SCCM platform to Windows 10 build 1809 or 1909 (but SEE 11.2 is not officially supported on 1909 so I'm expecting only 1809 question to be answered).
Could you please provide some insight how those upgrade scripts can be incorporated into an SCCM upgrade task sequence ?
https://support.symantec.com/us/en/article.howto125875.html does not seem very friendly with the SCCM platform.
I'd rather bypass the encryption when upgrading it then removing the encryption and then applying it oncemore.
Thank you.
Hi to all
I have a problem with .pdf files detonated in Adobe Reader XI - files do not suport this version of Adobe.
The guide says that you must install XI version and use the ready temp registry.
I tested for the new DC version, mapped the registry key to the DC version, but the result is low score.
There is any sloution for it (mayby ready .temp file?)
Kind Regards
JB
Hi all!
We have Symantec Endpoint Protection v 14.2.4815 on our endpoints. I'm trying to configure peer-to-peer authentication on some servers, to prevent network connection from hosts without Symantec.
When I activate firewall policy with "peer-to-peer authentication" enabled on that server, it begins to block all traffic from hosts that are not excluded, even if SEP is installed on them and host integrity check is passed.
Am I doing something wrong, or peer-to-peer authentication works in different manner?
Thanks in advance.
Elvin
Hi All,
I have a use case where the user requires DLP to monitor (and block if possible moving forward) the files downloaded by user.
The files are located in an internet facing file sharing platform hosted in the company network.
This platform allows authorized users to download the files out of company network via internet.
Hence they had setup a reverse proxy between the file sharing platform and the internet.
Users shall communicate with the file sharing platform via the reverse proxy.
If I'm not mistaken, user file download request to the platform shall be the request traffic while the file download transfer from the platform to the user shall be the respond traffic.
Hence we shall configure respond modification instead of request modification based on the above concept.
May I know if this is the right concept and also supported by DLP?
Thanks!
Hi,
I do have a ticket raised on Symantec and i'm looking support on a current issue.
At the moment we have couple of servers with SEP 14.2 RU2, and SEP is unable to clean detected risks while doing schedule scans, however if we do run them manually the infected files are cleaned. This is some of things we already review:
Can some aditional information being provided regards on how the schedule scans actually work? Which components of the AV are involved, etc
Thank you.
Bonjour,
J'ai installé symantec endpoint protection manager version 14, je suis toujours renvoyer vers l'emplacement où il faut introduire le ficher .slf lors de l'activation de sa licence représentéé par le numéro de série.
Je ne possède pas le fichier .slf, c'est seulement le numéro de serie.
votre aide s'il vous plaît.