Troubleshooting Symantec Endpoint Encryption Device Control: client logs are not being retrieved.

Article:TECH199468  |  Created: 2012-11-07  |  Updated: 2013-10-16  |  Article URL http://www.symantec.com/docs/TECH199468
Article Type
Technical Solution


Issue



Symantec Endpoint Encryption Device Control Client logs are not being sent to the Device Control Management Server after the log interval has completed.


Cause



This could be caused by one of the following reasons:


Solution



  • No policy has been applied on the client, which is evident by clicking the Symantec Endpoint Encryption Device Control icon. If Initial is displayed under the policy name, it means a policy hasn't been applied to the client. To resolve this, make sure to apply a policy on the client (either by using GPO or registry files), and make sure the client is enforcing it. To verify that the client is enforcing the policy, Symantec Endpoint Encryption Device Control icon, the policy name will be displayed.
  • The client is not receiving policies published by the Device Control Management Server, nor is the Device Control Management Server's Web Service Log. A decryption failure will be noted regarding the logs from the Symantec Endpoint Encryption Device Control client. This is occurring because the client is installed with different encryption keys Than that of the Device Control Management Server. Uninstall the client, then install with the ClientConfig.scc file created with the existing Device Control Management Server.
  • The Device Control Management Server computer is down and cannot be contacted because the Device Control Management Server services are not all started and/or the Device Control Management Server website has been stopped. Make sure that the Symantec Endpoint Encryption Device Control domain service and Symantec Endpoint Encryption Device Control local service are started on the Device Control Management Server machine. Additionally, open the IIS Manager and verify that the Symantec Endpoint Encryption Device Control Web Site and Symantec Endpoint Encryption Device Control Web Site WS websites are running.
  • When trying to browse to https://ServerName/SymantecEndpointEncryptionDeviceControlWS/EventSinkWebService.cs.asmx (where ServerName is the name of the Device Control Management Server) the page does not load and when trying to ping the Device Control Management Server from the client a failure occurs. This happens because DNS issues are preventing the client from accessing the Device Control Management Server. Make sure the client machine has the correct DNS server in their network connection definitions. Additionally, make sure the Device Control Management Server machine record is listed in the DNS server records.
  • The active firewall on the client or Device Control Management Server is not allowing the SSL port (default is 443) because the SSL communication port is blocked. Allow the SSL port in the active firewall and make sure the new definitions take place.



Article URL http://www.symantec.com/docs/TECH199468


Terms of use for this information are found in Legal Notices