A job warning alert "The Symantec ThreatCon Level is not up-to-date" is generated in Backup Exec 12.5, 2010 and 2010 R2

Article:TECH65649  |  Created: 2008-01-02  |  Updated: 2012-10-24  |  Article URL http://www.symantec.com/docs/TECH65649
Article Type
Technical Solution

Product(s)


Issue



A job warning alert "The Symantec ThreatCon Level is not up-to-date" is generated in Backup Exec 12.5, 2010 and 2010 R2


Solution



In Backup Exec 12.0, it was possible to configure Backup Exec to trigger backup jobs to be run, when an increased Symantec ThreatCon Level was detected. Symantec Endpoint Protection Manager (SEPM) was required to be installed on the Media Server to use this functionality.

With effect from Backup Exec 12.5, the requirement for the local SEPM installation was removed. Backup Exec instead polls the Internet directly to retrieve the current Symantec ThreatCon status. The error shown in (FIGURE 1) is encountered if:

1. There is no access to the Internet.
2. If there is no response or a delay in response from the Internet.


(FIGURE 1)
 



NOTES:
1) The above alert is still generated, regardless of whether or not Symantec Endpoint Protection Manager is installed on the Backup Exec Media Server.
2) Receiving this alert prevents backup jobs, that are configured to activate on an elevated Symantec ThreatCon level, from being run.


For Backup Exec 12.5:
The above mentioned issue is fixed by way of a Hotfix (340792). Please refer the Related Documents section for more information.

After applying the Hotfix an additional registry key will need to be created on the Backup Exec Media Server and its value set to 1 (FIGURE 2)


Warning: Incorrect use of the Windows registry editor may prevent the operating system from functioning properly. Great care should be taken when making changes to a Windows registry. Registry modifications should only be carried-out by persons experienced in the use of the registry editor application. It is recommended that a complete backup of the registry and workstation be made prior to making any registry changes.


1. Open the Registry Editor. Start -> Run -> regedit
2. Browse to HKLM\Software\Symantec\Backup Exec For Windows\Backup Exec\Server
3. Click Edit | New | DWORD Value = DisableThreatconStatusPolling

    Set the Value data to 1 decimal to disable the status polling
   
Note the default value is 0 to enable ThreatconPolling.
4. Close out of the Registry Editor.
5. Restart the Backup Exec Services.

(FIGURE 2)
 



For Backup Exec 2010:
 
The above mentioned issue is fixed by way of a Backup Exec 2010 Hotfix (354913) TECH138851Please refer the Related Documents section for more information.  The registry key modification and service restart detailed in  the Backup Exec 12.5 information above will still be required.
  
 
For Backup Exec 2010 R2:
The code to address this issue is included in the release resulting in no requirement to apply a hotfix. However, the registry key modification and service restart detailed in the Backup Exec 12.5 information above will still be required.




 

Supplemental Materials

SourceETrack
Value1468279
Description

CORE: Symantec ThreatCon Warning Alerts being received regularly in BE 12.5 console


SourceETrack
Value1831087
Description

Backup Exec polls securityresponse.symantec.com even when no job is configured for ThreatCon


SourceETrack
Value1845605
Description

BEWS CORE Option to disable Threatcon Polling


SourceETrack
Value1944882
Description

BEWS CORE Option to disable Threatcon Polling



Legacy ID



315592


Article URL http://www.symantec.com/docs/TECH65649


Terms of use for this information are found in Legal Notices