Debugging secure communication in Symantec AntiVirus Corporate Edition 10.x and Symantec Client Security 3.x

Article:TECH101219  |  Created: 2005-01-15  |  Updated: 2008-01-30  |  Article URL http://www.symantec.com/docs/TECH101219
Article Type
Technical Solution

Product(s)

Environment

Issue



Symantec Technical Support requested that you enable debugging for secure communication.


Solution





WARNING: The debugging of secure communication causes performance loss on Symantec AntiVirus servers directly proportional to the number of clients that the server manages. The performance loss increases if Symantec System Center is also installed on the computer. The debugging flags should be used with care and only for a short time.


Basic debugging
The following flags can be added to the HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\ProductControl\Debug value:


LSaves all output to the Vpdebug.log in the Symantec AntiVirus program folder.
To find this folder, see the Technical Information section of this document.
QEShows errors that occur when servers roll out virus definitions, settings, firewall policies, licenses, and root certificates to clients.
XWPrevents the debug console window from showing. Debug events are written to the log file only.
Enabling debugging has a negative impact on performance. This flag greatly reduces that impact. Even with this flag, debugging should not be enabled for long periods of time on busy servers.
CC and CPShows certificate and communication errors.
These flags are not recommended for servers with more than 100 clients because of the potential for high performance loss on the server.
ALLShows all of the errors that are associated with the QE, XW, CC, and CP flags.
This flag is not recommended for servers with more than 100 clients because of the potential for high performance loss on the server.


To enable basic debugging
  1. In the Registry Editor, go to the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\ProductControl

  2. In the right pane, double-click the Debug value.
  3. In the Value data field, type the debug flag(s) that you want, and then click OK.
    You must use a space between each flag.
    The debug window opens immediately, unless you use the XW flag.
  4. Exit the Registry Editor.
    The debugging output appears in the Vpdebug.log file in the Symantec AntiVirus program folder.
    To locate this folder, read the Technical Information section of this document.

To disable basic debugging
  1. In the Registry Editor, go to the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\ProductControl

  2. In the right pane, double-click the Debug value.
  3. In the Value data field, press the Backspace key until the field is empty, and then click OK.
    If the debug window is open, it will close immediately.
  4. Exit the Registry Editor.


Advanced debugging
To use the advanced debugging options, you must first enable basic debugging. For directions, read the "To enable basic debugging" section of this document. Then you must create a number of registry keys and create the DebugFlags value.

The following flags can be added to the HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Client Security\SecureComms\Debug\DebugFlags value:

CTCurrent time
IDThread ID
CEDetailed communication errors
CXMessage-related errors
SESSL errors
VECertificate verification errors, including errors related to time synchronization and communication issues
IEFor servers, errors related to issuing certificates
XEErrors related to loading certificates and private keys
ALLShows all of the errors that are associated with the above flags.
This flag is not recommended for servers with more than 100 clients because of the potential for high performance loss on the server.



To enable advanced debugging of secure communication
  1. In the Registry Editor, click the following key to select it:

    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec

  2. On the Edit menu, click New > Key.
  3. Type Symantec Client Security for the key's name and press Enter.
  4. Click the following key to select it:

    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Client Security

  5. On the Edit menu, click New > Key.
  6. Type SecureComms for the key's name and press Enter.
  7. Click the following key to select it:

    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Client Security\SecureComms

  8. On the Edit menu, click New> Key.
  9. Type Debug for the key's name and press Enter.
  10. Click the following key to select it:

    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Client Security\SecureComms\Debug

  11. On the Edit menu, click New> String Value.
  12. Type DebugFlags for the value's name and press Enter.
  13. Double-click the DebugFlags value.
  14. In the Value data field, type the advanced debug flag(s) that you want, and then click OK.
    The debug window opens immediately, unless you used the XW flags.
  15. Exit the Registry Editor.


Debugging output is written to the log file only when an error occurs or when the Symantec AntiVirus service starts. The debugging output appears in the Vpdebug.log file in the Windows\System32 folder or in the Winnt\System32 folder.

To disable advanced debugging
  1. In the Registry Editor, go to the following key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Client Security\SecureComms\Debug

  2. In the right pane, double-click the DebugFlags value.
  3. In the Value data field, press the Backspace key until the field is empty, and then click OK.
    If the debug window is open, it will close immediately.
  4. Exit the Registry Editor.




Technical Information
To find the Symantec AntiVirus program folder
  1. On the Windows taskbar, click Start > Run.
  2. In the Open box, type the following text:

    cmd

  3. Click OK.
  4. At the command prompt, type the following command:

    net share

  5. Under Share name, find the VPHOME listing.
    The folder that appears in the Resource column is the Symantec AntiVirus program folder.




Legacy ID



2005041515105448


Article URL http://www.symantec.com/docs/TECH101219


Terms of use for this information are found in Legal Notices