Update sylink.xml to restore communications between Endpoint Protection Manager and clients (SylinkDrop)

Article:TECH157585  |  Created: 2011-04-07  |  Updated: 2014-11-25  |  Article URL http://www.symantec.com/docs/TECH157585
Article Type
Technical Solution



This article describes how to change sylink.xml, the communication settings file for Symantec Endpoint Protection (SEP) 12 .1, so clients can report to a new Symantec Endpoint Protection Manager (SEPM).

These steps re-establish communications when SEP clients are not communicating with the management server.


All Windows Environments using SEP 12.1


The location of the sylink.xml file is changed in version 12.1 of Symantec Endpoint Protection.



First, export the sylink.xml file for the client group in which the client receiving the new sylink file should be placed:

         1. Open the Symantec Endpoint Protection Manager Console.

         2. Go to the Clients page. Note: On Symantec Endpoint Protection Manager 12.1 Small Business edition, the Clients page is named Computers.

         3. Right-click the desired group (e.g. Default group) and choose Export communications settings.

         4. Click Browse, and choose a convenient location to save the file.

         5. Rename the file to sylink.xml.

         6. Click Save.


There are multiple methods for importing a new sylink.xml file with Endpoint Protection 12.1. 

Method 1:

Import the sylink.xml using SylinkDrop.exe tool.  This tool is located in the installation folder.  By default:
- SEP Client >> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\<current_install_build_number>\Bin\SylinkDrop.exe.
- SEPM >> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Tools\SylinkDrop\SylinkDrop.exe

Method 2:

Import the sylink.xml within the client by going to Help > Troubleshooting > Click on Import... under Communication Settings

Method 3:

It is still possible to manually replace the sylink.xml file, however in order to do so Tamper Protection must first be disabled.  This can be done on the client by going to Change Settings > Click Configure Settings under Client Management > Tamper Protection (Tab) > Then uncheck the box that says Protect Symantec security software from being tampered with or shut down.

Once tamper protection is disabled:

  1. Stop the SMC service by going to Start > Run > type in > smc -stop.
  2. Once the service is stopped copy the sylink.xml file from the new SEPM and on the client side put that sylink.xml file under

      "\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\<current_install_build_number>\Data\Config"

For Windows 7/2008/vista :

C:\Users\All Users\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Config

  1. Replace the existing file and restart the SMC service with Start > Run > smc -start

Method 4:

Use the Communincation Update Package Deployment from the Symantec Endpoint Protection Manager 12.1 RU2 or newer.

See article: How to deploy/update communication settings from your SEPM to your SEP clients machines with SEP 12.1 RU2 or newer


Article URL http://www.symantec.com/docs/TECH157585

Terms of use for this information are found in Legal Notices