Readme.txt file for Symantec Endpoint Protection Small Business Edition

Article:TECH93752  |  Created: 2009-01-30  |  Updated: 2010-08-13  |  Article URL http://www.symantec.com/docs/TECH93752
Article Type
Technical Solution


Issue





 

 


Solution



====================================================================================
Symantec Endpoint Protection Small Business Edition README.TXT Date: March 2009
Copyright (c) 2009 Symantec Corporation. All rights reserved.

Symantec, the Symantec Logo, LiveUpdate, Sygate, Symantec AntiVirus, Norton, TruScan, and Symantec Protection Center are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in Commercial Computer Software or Commercial Computer Software Documentation", as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.

====================================================================================


====================================================================================

README FILE

Please review this entire document before you install or roll out Symantec Endpoint Protection Small Business Edition, or call for technical support. It contains information that is not included in the Symantec Endpoint Protection Small Business Edition documentation or the online Help.

====================================================================================


====================================================================================

TABLE OF CONTENTS

This document contains the following sections:

* System requirements

* User documentation changes summary

* Upgrades, installation, and uninstallation

* Migration

* Symantec Protection Center

* Symantec Protection Center policies

* Symantec Endpoint Protection Small Business Edition client

* Documentation

* Third-party Issues

* Symantec Software License Agreement

====================================================================================

====================================================================================

====================================================================================

SYSTEM REQUIREMENTS
====================================================================================

----------------------------------------------------
Service pack requirements for Symantec Protection Center
----------------------------------------------------
The system requirements for the Symantec Protection Center list Windows 2000 Server and Windows XP as valid operating systems for Symantec Endpoint Protection Small Business Edition, though the required service packs were not included.

Valid operating systems for the Symantec Protection Center server include Windows 2000 Server SP3 or later, and Windows XP SP1.

----------------------------------------------------
Latest information about supported operating systems
----------------------------------------------------
After the product release, system requirements might change due to changes in supported operating systems, such as a service pack release. To view the latest system requirements, see the Symantec Technical Support Knowledge Base at the following URL:

http://www.symantec.com/business/support/overview.jsp?pid=55357&view=kb

====================================================================================

USER DOCUMENTATION CHANGES SUMMARY
====================================================================================

Updates are included in the Documentation section of this readme.

You can view the most current documentation at:
http://www.symantec.com/enterprise/support/documentation.jsp?pid=55357

====================================================================================
UPGRADES, INSTALLATION, AND UNINSTALLATION
====================================================================================

UPGRADES
--------

-----------------------------------------------------------------------------------------
You cannot migrate the Symantec Endpoint Protection Manager to Symantec Protection Center
-----------------------------------------------------------------------------------------
You cannot migrate the management server from Symantec Endpoint Protection version 11 to Symantec Endpoint Protection Small Business Edition version 12. Symantec Endpoint Protection Manager in version 11 has changed to Symantec Protection Center in version 12. Installed clients can upgrade in place, but the server cannot. To install Symantec Protection Center server version 12, you must uninstall the version 11 server first, and then install Symantec Endpoint Protection Small Business Edition, version 12. To maintain your version 11 policies, you must export them prior to uninstalling the version 11 server, and then import them after installing Symantec Endpoint Protection Small Business Edition version 12.

--------------------------------------------------------
When upgrading the Symantec Protection Center console, administrators may not get a notification that a new agent (client package) is available
--------------------------------------------------------
After upgrading Symantec Protection Center, administrators do not receive a "New Agent" notification, though clients are automatically upgraded to the newer version.

----------------------------------------------------------------------
Client computers that take a long time to be automatically upgraded to Symantec Endpoint Protection Small Business Edition may need to be restarted
----------------------------------------------------------------------
Client computers that take a long time to automatically upgrade to Symantec Endpoint Protection Small Business Edition may need to be restarted. This occurs on client computers that run Windows Vista or Windows Server 2008.

--------------------------------------------------------
Network connectivity is sometimes lost during an upgrade
--------------------------------------------------------
This issue occurs because a network driver must be replaced during the upgrade. The issue disappears after you restart the computer.


INSTALLATION
------------

------------------------------------------------------------------
Installation of unmanaged client fails during installation from CD on Windows 2008 64-bit and Windows Vista 64-bit systems
------------------------------------------------------------------
When you attempt to install an unmanaged Symantec Endpoint Protection Small Business Edition client on either a Windows 2008 64-bit or Windows Vista 64-bit system, during the installation, a message appears indicating that there's not enough free space on the CD to install the software. The installation program appears to try to install the client software onto the CD.

To work around this issue, you can install the unmanaged client successfully if you copy the contents of the CD to disk, and run the installation from disk rather than from the CD.

------------------------------------------------------------------
Low disk space error when creating client custom package
------------------------------------------------------------------
When you deploy a client using Custom Installation, and the client computer has low disk space, you receive an empty error dialog or an unexpected server error. The error message should state that no free space is available to create the custom packages.

----------------------------------------------------------------------
Remote deployment of custom installation packages may cause issues on some operating systems
----------------------------------------------------------------------
Custom installation packages deployed to systems using ClientRemote and other
third-party systems on some operating systems may fail.

You can work around this issue only if, in the Client Installation Wizard, for the file format for the installation package, you choose Generate all files separately. This workaround is not available if you select to create a single file for the installation package.
To work around this issue, you can modify the "setAid.ini" file and change the
following setting from
InstallUserInterfaceLevel=u
to
InstallUserInterfaceLevel=s

Another option is to use the Remote Push method in the Client Installation Wizard.

----------------------------------------------------------------------
Proactive Threat Protection is disabled and does not run on several versions of Windows operating systems
----------------------------------------------------------------------
During the client installation program, Proactive Threat Protection appears in the list of protection types to be installed but will not run on several versions of the Windows operating system. It does not run on Windows server operating systems and Windows 64-bit operating systems.

As part of the client installation program, Proactive Threat Protection can be installed and run on all 32-bit non-server operating systems like Windows Vista 32-bit, Windows XP 32-bit, and Windows 2000 Professional.

--------------------------------------------------------------------
An error message may appear when, in the Client Installation wizard, a group with a long group name is selected and the Email Installation type is selected
--------------------------------------------------------------------
This happens when a group name exceeds 126 characters. Group names that exceed 126 characters cause the Windows path limit to exceed the maximum length, which is 255 characters. This prevents the client package creation and causes the
error message to display.

To avoid this issue, ensure that group names do not exceed 126 characters.

--------------------------------------------------------------------
On Windows 2008 64-bit machines, scans may fail if Symantec Endpoint Protection is installed after Symantec Mail Security and Exchange 2007
--------------------------------------------------------------------
The configuration described is not supported. For Symantec Endpoint Protection scans to work, please install Symantec Endpoint Protection first.

--------------------------------------------------------------------
Path names that contain certain special characters are not permitted
when creating custom installation packages
--------------------------------------------------------------------
In the Client Installation Wizard, when Custom Installation package is selected, you are prompted to enter a valid path to which the package will be exported. An error "Error opening URL" appears if the path name includes the # character, followed by or preceded by \. An example of an invalid path is c:\#\a.

----------------------------------
Tools not working
----------------------------------
On Windows 2008 systems, tools (e.g., collectlog.cmd) under $InstallFolder$\Tools do not work when the Windows User Account Control (UAC) is enabled.

To work around this issue, disable the Windows UAC.

------------------------------------------------------------
Login credentials not validated during Remote Push install
------------------------------------------------------------
In the Client Installation wizard, when the Remote Push install option is selected and a computer is found after a search, an error message may appear after valid login credentials are entered.

When the Windows User Account Control (UAC) is enabled on Vista Enterprise 64-bit client machines, valid logins are blocked.

To work around this issue, disable the Windows UAC.

-------------------------------------------------------------------------
Microsoft Mail on Vista systems blocks installation email messages
-------------------------------------------------------------------------
On Windows Vista systems using Microsoft Mail, when receiving an email package for installation, Windows Mail displays a pop-up message indicating that the message is suspicious and that the message has been blocked.

To work around this issue, use the Unblock button to access the email.

------------------------------------------------------------
Client computers are unable to receive addresses through DHCP after installing Symantec Endpoint Protection Small Business Edition
------------------------------------------------------------
This can happen if Symantec Endpoint Protection is installed with Network Threat Protection on a DHCP server. For information about configuring Network Threat Protection to allow DHCP traffic, see the Technical Support Knowledge Base article at the following URL:

http://service1.symantec.com/support/ent-security.nsf/docid/2007101210172548?Open&seg=ent

-----------------------------------------------------------------------------
Do not install Network Threat Protection on a Windows Essential Business Server 2008 that runs Forefront
-----------------------------------------------------------------------------
Symantec Endpoint Protection Small Business Edition with Network Threat Protection (firewall) is not supported when Forefront Threat Management Gateway is installed on Windows Essential Business Server 2008.

--------------------------------------------------------------
The client installation fails and displays a C++ runtime error
--------------------------------------------------------------
If ThinkVantage Client Security Solution 8.2 is installed on the client computer and Windows User Access Control is enabled, the client installation can fail.

--------------------------------------------------------------
The client cache must be present when you install a patch for Symantec Endpoint Protection Small Business Edition 12.x
--------------------------------------------------------------
If you install a patch for Symantec Endpoint Protection Small Business Edition, the client cache should be present. On the client computer, check the Documents and Settings\All Users\Application Data\Symantec\Cached Installs folder. Make sure the folder contains content; do not delete the files. Do not install a patch with the client cache turned off.

----------------------------------------------
Installing the client with the cache on or off
----------------------------------------------
You can install the client with the cache on or off. If you install the client with the cache on, you can also specify a custom location.

To install with the cache off, use the following MSI command:

msiexec /i "MSI FILE" CACHEINSTALL=0

To install with the cache on (default) and to specify a custom location for the install cache, use the following MSI command:

msiexec /i "MSI FILE" CACHEINSTALL=1 CACHED_INSTALLS="cache location"

------------------------------------------------------------------------------------
BEST PRACTICE: Do not install Network Threat Protection on client computers that currently run third-party firewalls.
------------------------------------------------------------------------------------
Do not install Network Threat Protection on client computers that currently run third-party firewalls. Two firewalls that run on one computer at the same time can drain resources, and the firewalls might have rules that conflict with each other. Third-party firewalls include Microsoft ISA firewall.

------------------------------------------------------------------------------------
Restart prompt appears if you use the REBOOT=suppress MSI command to install client packages that are configured with the restart option disabled
------------------------------------------------------------------------------------
The restart prompt appears after installation if you install client packages configured with the reboot option disabled and you use the following MSI command:

msiexec /i "Symantec AntiVirus.msi" REBOOT=suppress

To make sure the reboot option does not appear after installation, use setup.exe instead to install the client packages or use the following MSI command:

msiexec /i "Symantec AntiVirus.msi" REBOOT=ReallySuppress

------------------------------------------------------------------------------------
Starting MSP from a command window when you upgrade 32-bit client computers causes a message to appear that instructs you to close the cmd.exe application
------------------------------------------------------------------------------------
When you upgrade client computers by running the Windows MSP executable from a command window, the installer displays a message that instructs you to close the cmd.exe application and click Retry. This message appears on the Core Server installations of Windows Server 2008.

When the message appears, close the command window, and then click Retry to continue with the upgrade.

Note: This message also appears on 32-bit client computers that run other Windows operating systems if any command window is open when you upgrade.

-----------------------------------------------------------------------
Symantec Endpoint Protection Small Business Edition is not compatible with Norton Confidential
-----------------------------------------------------------------------
Symantec Endpoint Protection Small Business Edition does not work properly when Norton Confidential is installed on the same computer. If Symantec Endpoint Protection Small Business Edition is installed first, Norton Confidential does not install and is blocked. If Norton Confidential is installed first, Symantec Endpoint Protection Small Business Edition does install. If you install both software programs on the same computer, Symantec Endpoint Protection Small Business Edition does not properly process the application whitelist. Proactive Threat Protection uses the application whitelist, which contains signatures for applications that are permitted to run on the client computer.

------------------------------------------------------------------------------------
Microsoft Outlook email protection is not installed by default when using the CD to install
------------------------------------------------------------------------------------
If Microsoft Outlook is not installed and running on the client computer, Virus and Spyware email protection for Microsoft Outlook is not installed when you install Symantec Endpoint Protection Small Business Edition from the CD. To install Microsoft Outlook email protection, customize the installation and check the Microsoft Outlook option.

If Microsoft Outlook is installed and running on the client computer, then Virus and Spyware email protection for Microsoft Outlook is automatically installed. Internet Email protection is never installed on server operating systems for performance reasons.

-------------------------------------------------------------------------
The Windows Control Panel does not show the correct amount of disk space that Symantec Protection Center or the Symantec Endpoint Protection Small Business Edition client uses
-------------------------------------------------------------------------
In the Windows Control Panel, select Add or Remove Programs. The Add or Remove Programs window shows the minimum disk space that is required to install and run the Symantec Protection Center or the Symantec Endpoint Protection Small Business Edition client. It does not reflect how much disk space the product currently uses. After initial installation of the product, the Control Panel value is higher than the actual amount of disk space used. Then, over time, the product uses additional disk space for tasks like LiveUpdate content downloads. The Control Panel is not updated to reflect changes in disk space usage.


UNINSTALLATION
--------------
------------------------------------------------------------------------------------
Uninstalling Symantec Endpoint Protection Small Business Edition on Windows Vista by using Remote Desktop on Windows Vista is not supported
------------------------------------------------------------------------------------
If you use Remote Desktop on a Windows Vista system to uninstall Symantec Endpoint Protection Small Business Edition on a computer that runs Windows Vista, the uninstallation does not work.

If you try the uninstallation from a computer that runs Windows Vista, a Windows Vista restart prompt appears, due to a pending change. If you restart Windows Vista and try to uninstall Symantec Endpoint Protection Small Business Edition again, the Windows Vista restart prompt appears again, due to a pending change.

To work around this problem, you can uninstall Symantec Endpoint Protection Small Business Edition from a computer that runs Windows XP. For example, you can start a Remote Desktop session from a computer that runs Windows XP and log on to a computer that runs Windows Vista and Symantec Endpoint Protection Small Business Edition. You can then uninstall Symantec Endpoint Protection Small Business Edition successfully.


====================================================================================

MIGRATION
====================================================================================

---------------------------------------------
Web site for the latest migration information
---------------------------------------------
You can find the latest information about migration at the following Web site:

http://www.symantec.com/endpointsecurity/migrate

-------------------------------------------------------------------
Unable to configure security risk actions for policies that include scheduled scans when migrated from Symantec AntiVirus (SAV) 9.x to Symantec Endpoint Protection Small Business Edition 12.x
-------------------------------------------------------------------
When migrating from SAV 9.x to Symantec Endpoint Protection Small Business Edition 12.x, if you migrate policies that have scheduled scans, when you view the migrated policies in Symantec Protection Center, you may see an error. Go to Policies > select a Virus and Spyware policy > edit an Administrator-defined Scan > go to the Actions tab. In the table, under the Detection column, the Security Risks subgroups are missing and, therefore, not configurable.

To work around this issue, create a new policy in Symantec Protection Center using the settings from the SAV 9.x policy.

------------------------------------------------------------------------------------------------------------------------------------
Migration from Symantec Endpoint Protection 11.x managed client fails to install as unmanaged when installed from CD of version 12.x
------------------------------------------------------------------------------------------------------------------------------------
The expected behavior when installing from the CD of Symantec Endpoint Protection Small Business Edition 12.x is that the installed client will be unmanaged. Instead, when migrating a managed client from the CD, the client that is installed is managed, but is not reporting to the Symantec Protection Center server.

The workarounds for this issue depend upon the desired outcome:

To install a managed client that reports properly to the Symantec Protection Center server: Deploy the Symantec Protection Center, export a managed-client package, and deploy that package to the affected computer.

To install an unmanaged client: Uninstall the managed client and install the unmanaged 12.0 client from the CD.

------------------------------------------------------------------------------------
Files in Quarantine folder are deleted during migration from Symantec Client Security client 10.1.8 to Symantec Endpoint Protection Small Business Edition client 12.x
------------------------------------------------------------------------------------
When migrating Symantec Client Security 10.1.8 clients to Symantec Endpoint Protection Small Business Edition 12.x clients, you are asked to specify if you want to permanently delete any items in the Quarantine folder. If you click No (that you do not want to delete any files in Quarantine), files that reside in Quarantine are not deleted, though they are not migrated to Symantec Endpoint Protection.

This is because, in Symantec Client Security 10.1.8 the quarantine directory is:
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec
AntiVirus Corporate Edition\7.5\Quarantine
The Symantec Endpoint Protection Small Business Edition loads Quarantine from:
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint
Protection\Quarantine

To work around this issue, before migrating to Symantec Endpoint Protection Small Business Edition, delete items from the Quarantine folder.

------------------------------------------------------------------------------------
Migrating legacy Symantec AntiVirus servers to Symantec Endpoint Protection Small Business Edition clients does not unshare the VPHOME directory
------------------------------------------------------------------------------------
Legacy Symantec AntiVirus and Symantec Client Security servers create and use a shared directory. The location of the shared directory is \\Program Files\SAV. The name of the share is VPHOME. In some instances, after migration to the Symantec Endpoint Protection Small Business Edition client, this directory and share is retained with read-only permission.

To delete the VPHOME share:

1. Right-click the \\Program Files\SAV directory.
2. Click Properties.
3. In the SAV Properties dialog box, on the Sharing tab, click Do Not Share This Folder, if it is enabled.


====================================================================================

SYMANTEC PROTECTION CENTER
====================================================================================

-------------------------------------
Symantec Protection Center unable to send emails through a Microsoft Exchange 2007 server
-------------------------------------
When you configure Symantec Protection Center to send email through a Microsoft Exchange 2007 server, Symantec Protection Center may be unable to send mail. This may happen in a Windows Essential Business Server (EBS) 2008 or Windows Small Business Server (SBS) 2008 environment when Symantec Protection Center sends an email to an internal email address. By default, Exchange 2007 on EBS 2008 or SBS 2008 requires users to authenticate using the NTLM authentication method. Symantec Protection Center does not support the NTLM authentication method.

To work around this issue, enable Symantec Protection Center to send emails using the Exchange 2007 server by doing one of the following:
a) Use an external email address instead.
b) Configure Exchange 2007 to allow anonymous logins from the Symantec Protection Center server.
To configure Exchange 2007 to allow anonymous logins from the Symantec Protection Center server, follow the steps under "To use the Exchange Management Console to create a new Receive connector that grants the relay permission to anonymous connections" on this Microsoft page: http://technet.microsoft.com/en-us/library/bb232021.aspx
In step 5b, enter the IP address of the Symantec Protection Center server.


-------------------------------------
Unexpected server error message may appear when disk space is low
-------------------------------------
When disk space is low, you may see an "Unexpected server error" message. You may see this error if the disk space on the Symantec Protection Center server is 40 MB or less and the console is idle for more than two hours. This error indicates that the database service, Symantec Embedded Database, has stopped running and the Symantec Protection Center console has stopped responding.

To work around this issue, do the following:
1. Free up space on the Symantec Protection Center server.
2. Start the database service (Symantec Embedded Database) manually.
3. Log on to the Symantec Protection Center console.

--------------------------------------------
Prompt when repairing Symantec Protection Center if program was installed from CD
--------------------------------------------
If you have installed Symantec Protection Center from a CD, and you choose to repair the Symantec Protection Center program (e.g., on Windows 2008 systems, click Start > Settings > Control Panel > Programs and Features and then right-click Symantec Protection Center and click Repair), a message appears prompting you to insert the installation CD. This message appears because, after installation from CD, a folder that contains required files for repair is erroneously deleted from the system.

To work around this issue, copy the installation files to the system, or insert the CD, and then browse to and select the installation folder to complete the repair.

---------------------------------------------------
When launching updatedbtime.bat, you do not need to stop IIS Admin service
---------------------------------------------------
If you launch updatedbtime.bat, which resides in the Symantec Protection Center Tools directory, and click Set Time, you are directed to manually stop the IISAdmin service to continue. This is incorrect. You do not need to stop IIS Admin to continue.

If you manually stop the IIS Admin service, the service is not restarted after the tool completes running. You need to restart IIS Admin manually.

---------------------------------------------------------
Some features may not work as expected when logged in as a Limited Administrator
---------------------------------------------------------
When logged in as Limited Administrator, the following issues may be seen:
- On Windows Vista Ultimate x64 systems, Symantec Endpoint Protection can be disabled and enabled.
- On Windows 2000 Professional SP4 (32-bit) systems, the Proactive Threat Protection (PTP) log will not be created.
- The Fix button is not available when Network Threat Protection is disabled.

----------------------------------------
Symantec Protection Center functions abnormally after Symantec Ghost Solution Suite 2.5 installation on the same computer
----------------------------------------
If Symantec Protection Center is installed and then Symantec Ghost Solution Suite 2.5 is installed on the same computer, Symantec Protection Center does not function properly. This is due to a port conflict.

To work around this issue, uninstall Symantec Protection Center and install Symantec Ghost Solution Suite 2.5 first. Then, re-install Symantec Protection Center and, during server configuration, the port conflict is auto-resolved.

---------------------------------------------------------------
After initial product installation, you must add exceptions to the Windows Firewall to permit Symantec Protection Center communication
--------------------------------------------------------------
Note: You must have administrative rights to configure Windows Firewall

To add a port to the exceptions list for a specific connection:
1. Open Windows Firewall, and then click the Exceptions tab.
2. Click Add Program.
3. Click Browse.
3. Browse to the location of httpd.exe.
The default location is:
C:\Program Files\Symantec\Symantec Protection Center\apache\bin\httpd.exe
4. Click Open.
5. Click OK.

If you receive the following error:
'<File Name>' is already in the list of exceptions,
the program is already on the exceptions list.

To ensure that the program rule is enabled:
1. Click OK to close the error.
2. On the Exceptions tab in the Windows Firewall dialog box, Search the list of programs for the program you just added.
3. Ensure that there is a check mark next to it.

If there is a check mark but clients still cannot connect, check the scope of the rule (that is, click Edit, and then click Change scope). Ensure that the Any computer (inlcuding those on the Internet) option is selected.

The Windows Firewall is now configured to allow SEP client communication. To allow Remote Console communication, repeat the steps above, but instead of selecting httpd.exe in step 3, select SemSrv.exe. The default location is: C:\Program Files\Symantec\Symantec Protection Center\tomcat\bin\SemSvc.exe

Optionally, you can set the firewall to allow only computers from within your subnet to connect to your server. The default setting is to allow any computer. If you allow only computers within your subnet, clients cannot connect to the server if they are in a different subnet.

To set the rule to only allow computers within your subnet:
1. Select the program in the list on the Exceptions tab.
2. Click Edit.
3. Click Change scope.
4. Select My network (subnet) only.
5. Click OK.
6. Click OK.

---------------------------------------------------------------
SSL connection not supported for internet email server
---------------------------------------------------------------
Secure Sockets Layer (SSL) is a protocol for managing the security of a message transmission on the Internet. Symantec Protection Center does not support using SSL connections when using your internet email provider as a mail server.

---------------------------------------------------------------
Data loss when deleting an online client
---------------------------------------------------------------
Deleting an online client will result in losing all data for that client. If you need to retain data for the client, use the Backup and Restore utility to back up the client records before deleting the client.

---------------------------------------------------------------
Unable to select folders for administrator-defined scan
---------------------------------------------------------------
When you specify an administrator-defined scan, and you select Custom Scan before you select Active Scan, the "Scan the following folders" option is unavailable. You must define the folders for a Custom Scan. Specify an Active Scan, and then specify the Custom Scan.

---------------------------------------------------------------
Deleting client raw packages causes logging of inaccurate information
---------------------------------------------------------------
Inaccurate information is logged when you delete client raw packages from the Symantec Protection Center server and try to deploy clients through the email install method. In this case, package creation fails with empty folders being created under <SEPM Install Folder>\Inetpub\EmailInstallPackages. But, the server activity logs show "package creation successful" instead of "package creation failed."

---------------------------------------------------------------
Unable to import data from Symantec AntiVirus 10.x log files
---------------------------------------------------------------
You cannot import data from Symantec AntiVirus 10.x log files to Symantec Protection Center. The Enable Upload Symantec AntiVirus version 10.x log files option does not work at this time.

---------------------------------------------------------------
Scan progress might not be visible if logged on to client using a remote desktop session
---------------------------------------------------------------
You cannot view the progress dialog for a scheduled scan while you are logged on to a client computer using a remote desktop session. To view the progress dialog, log on to the client computer locally.

---------------------------------------------------------------
When you run a scan from the Symantec Protection Console, the scan may not fully remediate security risks on 64-bit client computers
---------------------------------------------------------------
To remove security risks from a 64-bit client computer:
1. Log on to the client computer.
2. Run a local Active Scan, with all the scan enhancements checked.

---------------------------------------------------------------
The exported Computer Status Log does not provide Protection Technologies information
---------------------------------------------------------------
You can view the Protection Technologies in the Computer Status Log as follows:
1. On the Monitors page, on the Logs tab, in the Log type box, select Computer Status.
2. Optionally select a saved filter.
3. Click View Log.

---------------------------------------------------------------
Filter settings for Command Status reports not saved when Auto-refresh set to any value other than Never
---------------------------------------------------------------
The Command Status window (Monitors > Command Status tab) shows the status of the commands that have been issued from the console and their details. When you select a command, and then click Details, and then change the Auto-refresh to any value other than Never, your settings are not saved when you can choose Save Filter.

------------------------------------------------------------
Repeatedly running commands might disconnect client computer
------------------------------------------------------------
In the Computers section of Symantec Protection Center, you can run a command on a client computer by selecting a client computer, clicking Run a command on computers, and then selecting a command to run from the drop-down list.

If commands are issued repeatedly and continuously, the selected client computer might disconnect and appear offline in the Symantec Protection Center console. This condition has been found when repeatedly issuing as few as 20 commands.

To recover, either reboot the client computer or restart the Symantec Endpoint Protection Small Business Edition client.

---------------------------------------------------------------------
Embedded database creation fails in the Management Server Configuration wizard on 2008 Small Business Server systems
---------------------------------------------------------------------
If Windows User Account Control (UAC) is enabled on a Windows 2008 Small Business Server system, an application that is required to create the embedded database is launched with inadequate access privileges, and the database creation fails.

To ensure that the embedded database is created, disable Windows UAC.

-----------------------------------
After LiveUpdate and migration operations, the size of the client packages folder may exceed the recommended 2GB recommended size limit
-----------------------------------
Client packages reside at \program files\symantec\symantec protection center\Inetpub\clientPackages. Delete any packages or files that are no longer needed.

------------------------------------------------------
Symantec Protection Center legacy support feature does not work
-------------------------------------------------------
The Symantec Protection Center console has a Legacy Support feature located at Home > Preferences > Logs and Reports > Legacy Support. Client computers running legacy Symantec software can be configured to report information to the Symantec Protection Center console. Data reported from clients appears in the Symantec Protection Center report logs.

Although the Legacy Support feature is enabled in the Symantec Protection Center console user interface, the report logs might not include data for some client computers running legacy software. This issue has been identified on Symantec Protection Center Small Business Edition and client computers running SAV 10.x.

There is no workaround at this time.

----------------------------------------------
Error when creating the database in the Management Server Configuration wizard
----------------------------------------------
In the Management Server Configuration wizard, an error may display when you attempt to create the database.

This occurs when the Windows User Account Control (UAC) is enabled. A workaround is to disable the UAC.

--------------------------------------------------------------------------------
Login screen is not visible if the Symantec Protection Center console is idle for more than one hour
--------------------------------------------------------------------------------
On Windows 2008 systems, if the console is idle for more than one hour, the console might stop responding and not close properly. The login screen is not visible and you are not able to log on to Symantec Protection Center. This problem occurs when Windows User Account Control (UAC) is enabled.

To work around this issue, disable the Windows UAC. Also, to start the console, repair the Symantec Protection Center using the Windows Add/Remove Programs function.

-------------------------------------------------------------------------
Access rights for a Limited Administrator must be set at the time the account is created
-------------------------------------------------------------------------
If you need to edit the access rights for a Limited Administrator, you must create a new Limited Administrator account and set the desired access rights.

--------------------------------------------------------------------------------
When accessing Symantec Protection Center using a remote console, the Home, Monitors, and Reports pages may appear blank
-------------------------------------------------------------------------------
If you log on to Symantec Protection Center using a remote console, and that machine runs Windows Server 2008, Home, Monitors, and Reports pages may appear blank. This problem occurs when the Windows User Account Control (UAC) is enabled.

To work around this issue, disable the Windows UAC.

---------------------------------------------------------------------------
The Symantec Protection Center console shows English folder names
---------------------------------------------------------------------------
If you install Symantec Protection Center on a French version of Windows Server 2008 or Windows Vista, some folder names appear in English.

------------------------------------------------------------------------------------
After you configure the console timeout, the console does not close properly if running on Windows Server 2008
------------------------------------------------------------------------------------
If you configure the console timeout feature on Windows Server 2008, the console might stop responding and not close properly. Also, the management server might not open the Home, Monitors, and Reports pages. This problem occurs when Windows Server 2008 User Account Control is enabled.

To work around this issue, disable the Windows User Account Control.

-------------------------------------------------------
Cannot log on remotely to the management server console
-------------------------------------------------------
This issue occurs only on computers that run Sun JDK 6 upgrade 4 or earlier. To solve the issue, upgrade the JDK to version 6 update 5. This issue is caused by a known Sun defect (id 6514454).

If no JDK is present on the computer that logs on remotely, Symantec Endpoint Protection Small Business Edition automatically installs the correct version of the JDK.

------------------------------------------------------------------------------------
The scm-server-0.log displays a SAXParseException with the following type of error message: "The entity name must immediately follow the '=' in the entity reference"
------------------------------------------------------------------------------------
Client computer names that contain an equal sign (=) or double quote (") in the Computer description display an error in the scm-server-0.log.

To work around this issue, perform the following steps:
1. On the client computer desktop, right-click My Computer, and then click Properties.
2. On the Computer Name tab, change the Computer description so that it does not contains an equal sign (=) or a double-quote (").
3. Update the policy on the client or wait until the next heartbeat.

-----------------------------------------------------------
Unilingual support for Symantec Protection Center
-----------------------------------------------------------
The Symantec Protection Center server supports a unilingual user interface. This means that a specific language operating system can only install and run that same language on the Symantec Protection Center console. The end user must configure the user locale to be the same as the operating system language when running the Symantec Protection Center console.

- A specific language Symantec Protection Center server only supports the Symantec Protection Center console that is in English language or in the same specific language as the server.

- The Symantec Protection Center server and the Symantec Protection Center console must both be configured to use a user locale that is the same as the operating system language.


REPORTING
---------
--------------------------------------------------
Report data may not load when accessed from the Home page
--------------------------------------------------
On Windows 2008 systems, when you choose to load report data from the Home page, the request may cause the system to stop responding. This occurs when Windows User Account Control (UAC) is enabled.

To work around this issue, disable Windows UAC and restart the system.

--------------------------------------------------------------------
Pie charts do not display correcly when report name contains a hyphen
--------------------------------------------------------------------
The pie chart components of reports do not display correctly if the report name contains a hyphen (e.g., report-daily).

To avoid this issue, do not use a hyphen when naming reports.

-------------------------------------------------------------------
Inaccurate scan time reported in Endpoint Status report
-------------------------------------------------------------------
The Endpoint Status report shows another client computer's last scan time for computers that have never been scanned. The report should show the last scan time as "Not scanned."

-------------------------------------------------------------------
Multiple group names not saved in report filter option
-------------------------------------------------------------------
When using a saved filter to generate a Network Threat Protection report, the group names may become garbled. Re-enter the group names and generate the report.

-------------------------------------------------------------------
Reports may not display when viewed from a remote console on a Windows 2008 Enterprise Edition 64-bit system
-------------------------------------------------------------------
This issue is exclusive to Windows 2008 Enterprise Edition 64-bit systems.

To work around this issue, view the reports using the local console, or using a remote console on another operating system.

------------------------------------------------------
Pie chart components of reports do not always appear in emailed reports
------------------------------------------------------
Some reports contain pie chart components (e.g., Daily Status, Weekly Status and Comprehensive Risk Report). When these reports are generated and emailed from the Symantec Protection Center console, the pie charts do not always appear.

If you experience this issue, view reports that have incomplete pie charts from the Symantec Protection Center console.

--------------------------------------------------------------------------
The exported Computer Status log does not provide Protection Technologies information
--------------------------------------------------------------------------
You can view the Protection Technologies in the Computer Status Log as follows:
1. On the Monitors page, on the Logs tab, in the Log type box, select Computer Status.
2. Optionally select a saved filter.
3. Click View Log.

--------------------------------------------------------------------------
The Symantec Protection Center may report more or fewer client changes than indicated in email notifications
--------------------------------------------------------------------------
This is caused by timing differences between the reporting SQL query and the PHP notification events. Check the Symantec Protection Center reports for the most accurate information about client changes.

--------------------------------------------------------------------------
Unable to view filter options for Snapshots reports under Favorite Reports on Home page
--------------------------------------------------------------------------
When configuring Favorite Reports on the Home page, if you select Computer Status for the Report Type, and then select any of the snapshot reports [e.g., Client Software Rollout (Snapshots)], you will not be able to edit the filter options for this report. The Filter field will be blank.

To change the filter options for this report, generate the report from Reports > Scheduled Reports.

-------------------------------------------------
The Unknown Device Failures report does not report data
-------------------------------------------------
When viewing Security Status details [Home > View Details (in the Security Status panel)], the report functionality associated with Unknown Device Failures component has been removed from this product. Disregard any content displayed for Unknown Device Failures.

-----------------------------------------------------------------
The Risk Distribution by Attacker report contains no information
-----------------------------------------------------------------
The functionality associated with this report (Monitors > Summary tab > Virus and Spyware Protection summary type > Risk Distribution by Attacker) is disabled in this release.

--------------------------------------------------------------
Report results could be blank for a group if the group name includes an apostrophe
--------------------------------------------------------------
Group names that contain an apostrophe (e.g., Nancy's) are not valid.

To work around this issue, delete apostrophes from all group names, and rerun reports.

-----------------------------------------------------------------------
Columns of some larger reports do not print appropriately from Symantec Protection Center
-----------------------------------------------------------------------
These reports include the Endpoint Status Report, Virus and Spyware Activity Summary Report, and the Risk > Infected and At Risk Computers Report. This occurs because the default page layout orientation when printing reports is set to portrait, which is not wide enough to print all data in these reports.

To work around this issue, set the page layout orientation to landscape before printing these reports.

--------------------------------------------------------------------------------
Reports are saved as .php files instead of .mht files when using Windows XP or Windows Server 2000 and Internet Explorer version 6.0 with no service packs installed
--------------------------------------------------------------------------------
If you run Microsoft Internet Explorer version 6.0 with no service packs installed on either a Windows XP system or a Windows Server 2000 system with SP4 installed, when you save a Symantec Endpoint Protection report, you are prompted to save the report as a .php file instead of the default .mht file type.

To solve this issue, install the latest service packs for your operating system and for Internet Explorer version 6.0. If you do not want to install the service packs, you can save the report as prompted. Then, change the filename extension to .mht before you view it.

------------------------------------------------------------------------------------
Reporting pages can fail to appear if loopback addresses are disabled on the computer
------------------------------------------------------------------------------------
If you have disabled loopback addresses on your computer, and you try to log on to the management console or to access the reporting functions, you see the following error message:

Unable to communicate with Reporting component

The Home, Monitors, and Reports pages are blank; the Policies, Computers, and Admin pages look and function normally.

If you have disabled loopback addresses on your computer, you must associate the word localhost with your computer IP address. You can use the Windows hosts file to do this. For example, on computers running Windows XP, do the following:

1. Change the directory to the location of your hosts file. By default, the hosts file is located in%SystemRoot%\system32\drivers\etc.

2. Open the hosts file with an editor.

3. Add the following line to the file:

xxx.xxx.xxx.xx localhost # to log on to reporting functions

where xxx.xxx.xxx.xx is replaced with the IP address of your computer.

4. Save and close the hosts file.

------------------------------------------------------------------------------------
Internet configuration settings needed to view the reporting functions in the Symantec Protection Center console
------------------------------------------------------------------------------------
To view the information on the Home page, Monitors page, and Reports page in the Symantec Protection Center console when using Internet Explorer, you must have some minimum Internet Options settings enabled. Click "Custom Level" on the Security tab of the Tools > Internet Options menu to find these settings.

The following settings must be enabled when using Internet Explorer 6:

- Under ActiveX controls and plug-ins: Initialize and script ActiveX controls not marked as safe

- Under Miscellaneous: Submit nonencrypted form data

- Under Miscellaneous: User data persistence

- Under Scripting: Active scripting

The following settings must be enabled when using Internet Explorer 7:

- Under Miscellaneous: Submit non-encrypted form data

- Under Scripting: Active Scripting

- Under Scripting: Allow status bar updates via script

---------------------------------------------------------------------------
The View Log button does not work on Windows XP Professional Service Pack 3
---------------------------------------------------------------------------
In the Symantec Protection Center console, the View Log function might not work because of your Internet Explorer security settings. To access the View Log button, click Monitors > Logs, select a log, and then click View Log.

Make sure you add the site as a trusted site in Internet Explorer, and then the View Log page appears.

----------------------------------------------------------------
Email reports sent to Microsoft Outlook do not format correctly
----------------------------------------------------------------
A scheduled email report that is generated and then sent to Microsoft Outlook might not be formatted correctly. The report might contain missing line feeds between the different sections.

This issue occurs only when the recipient's Microsoft Outlook software has a particular setting enabled. In the E-mail Options pane, uncheck the "Remove extra line breaks in plain text messages" checkbox. When this option is turned off, the email message that is sent with the report is formatted correctly.

The following text shows the content of an email that contains the formatting issue:
=============================================
Report scheduled by: admin
Report generated on: 2007-04-04 21:31:19 Report type: System Report Report
description: Test description

=============================================
The following text shows the correct formatting of the email content:
=============================================
Report scheduled by: admin
Report generated on: 2007-04- 04 21:31:19
Report type: System Report
Report description: Test description

=============================================

------------------------------------------------------------------------------------
When you log on through a Web browser, reporting tabs might not appear if the Internet Explorer cache is full
------------------------------------------------------------------------------------
If the tabs across the top of the page do not appear when you log onto the Symantec Protection Center reporting functions through a Web browser, try clearing the Internet Explorer temporary files cache. Delete temporary Internet files in Internet Explorer 6 by clicking "Delete Files" under the Temporary Internet files group box on the General tab of the Internet Explorer Tools> Internet Options menu. In Internet Explorer 7, click Delete under Browsing History.

-----------------------------------------
Printing the background colors in reports
-----------------------------------------
You can print the background colors when you print a report. To print background colors, open the Internet Explorer Tools > Internet Options menu. Check the "Print background colors and images" check box on the Advanced tab.


====================================================================================
SYMANTEC PROTECTION CENTER POLICIES
====================================================================================

-------------------------------------------------------------------
Full path may not appear when adding a folder to centralized exceptions policy
-------------------------------------------------------------------
When viewing the Risk log, you can select an action to add an entry to the Centralized Exceptions Policy. When you select the Add Folder to Centralized Exceptions Policy action and click Add, the full path may not appear, though it is added to the policy correctly.

You can verify that the exception was added and the full path appears; click Policies > Centralized Exceptions > double-click the Centralized Exception Policy > click Centralized Exceptions. The exception, including the full path, appears in the list.

---------------------------------------------------------------
Cannot browse to folders and files to add centralized exceptions on clients
---------------------------------------------------------------
On 64-bit operating systems, when you try to add an exclusion on the client, you will not be able to browse to the native Windows system32 directory. For example, you cannot browse to %windir%\system32\inetinfo.exe to add it as an exception. Because of the file redirection feature on 64-bit platforms, Windows automatically redirects the client to the 32-bit subsystem Windows system32 directory, which is %windir%\SysWOW64.

To work around this issue, the user must log on to the Symantec Protection Center console and create a Centralized Exception for the file or folder in question and apply this to the client.

----------------------------------------------------------------------------------
File System Auto-Protect is automatically re-enabled
-----------------------------------------------------------------------------------
When File System Auto-Protect is disabled in a policy in Symantec Protection Center and pushed to the client, File System Auto-Protect is automatically reset to enabled after five minutes.

This is by design. By default, the File System Auto-Protect setting is automatically re-enabled after five minutes.

------------------------------------------------------------------------------------
Importing policies with names longer than 255 characters results in empty policy names on the console
------------------------------------------------------------------------------------
If you import a policy, provide a name that is no longer than 255 characters. Using a longer name results in an empty policy name.

-------------------
LIVEUPDATE POLICIES
-------------------

------------------------------------------------------------------------------------
Third party management tools may not update virus definition content on clients that run non-English operating systems
------------------------------------------------------------------------------------
If you use third party management tools on a client computer that runs a non-English operating system and try to add all content types at the same time, the client may not apply virus definition content.

If this occurs, add the virus definition content again and it will apply.

------------------------------------------------------------------------------
More than one LiveUpdate session is required to obtain all the content updates
------------------------------------------------------------------------------
Some content might not be downloaded to the Symantec Protection Center computer during the first LiveUpdate session.

To download the missing content, re-run the following command: LUALL

-------------------------------------------------------------------------
Disk full message erroneously appears when downloading LiveUpdate updates
-------------------------------------------------------------------------
If your network environment already supports the proxy servers that are compliant with the HTTP 1.1 protocol or later, you can disregard this entry.

After you have tried to download LiveUpdate for the first time, the following message might appear:

"LU1863: Insufficient free disk space
There is not enough free disk space for LiveUpdate to operate properly. Please free up disk space on your computer and run LiveUpdate again."

You might have insufficient disk space. However, it is much more probable that this message appears in error because the proxy server is unable to send the correct Contents-Length header field.

This error message might appear on Symantec Protection Center or a Symantec Endpoint Protection client.

You should verify that the disk drive to which you downloaded LiveUpdate has sufficient disk space. If you verified that the disk drive has sufficient space, then most likely a proxy server caused the problem.

If a proxy server receives an HTTP reply that does not include a Content-Length header field, then the above-listed message erroneously appears. The erroneous message appears on the computer on which the LiveUpdate has been downloaded.

The proxy servers that are compliant with HTTP 1.1 protocols automatically include Content-Length header-entity fields. The proxy servers that are compliant with HTTP 1.0 protocols do not automatically include Content-Length header-entity fields.

You should ensure that the proxy servers in your network are compliant with the HTTP 1.1. protocol.

See the documentation that accompanies the proxy server for information about how to make a proxy server compliant with HTTP 1.1 protocols.

-----------------------------------------------
Setting the retry interval in the LiveUpdate Policy
-----------------------------------------------
LiveUpdate Settings policies contain a LiveUpdate Retry Interval feature that does not work. With a LiveUpdate Settings policy, you can schedule how often clients run LiveUpdate to check for updates from LiveUpdate servers. As part of this scheduling, you can specify a Retry Interval. If a client does not successfully run LiveUpdate at the scheduled time, the Retry Interval tells the client to keep trying to run LiveUpdate for a specified amount of time. If this feature is important to you, the workaround is to update the scheduled frequency with which clients run LiveUpdate with the LiveUpdate Settings policy.


------------------------------------
VIRUS AND SPYWARE PROTECTION
------------------------------------

-----------------------------------------------------------------------
Setting exclusions for volumes that have mount points and drive letters
-----------------------------------------------------------------------

On-demand scans
---------------
If you create a security risk exception for folders and files on a Windows mount point or drive, the on-demand scans do not exclude these folders and files when the client scans the volume content on that mount point or drive.
For example, suppose that drive E:\ is mounted to C:\Mount and you create an exception for C:\Mount\Foo\. If the client scans E:\Foo\ or C:\Mount\Foo\, the on-demand scan does not exclude the folder content. And if you create an exception for E:\Foo\ and the client scans C:\Mount\Foo\, the folder content does not get excluded. However, if the client scans E:\Foo\, the on-demand scan does exclude the folder content.

Auto-Protect scans
------------------

-----------------------------------------------
Microsoft Outlook fails to save or open an infected attachment file if the name contains Unicode characters
-----------------------------------------------
When Microsoft Outlook Auto-Protect is enabled and the first action for macro and non-macro viruses is set to Clean, Microsoft Outlook fails to save or open an infected attachment file if the name contains Unicode characters. The file is saved as a zero byte file. The infected file is cleaned, but the cleaned file is not copied to the target file location.

To work around this issue and have the cleaned file copied to the target location, open the file, and save it. The file will be saved with the contents intact.

--------------------------------------------------------------
Possible error when running on-demand scan on unmanaged clients
--------------------------------------------------------------
You may receive a runtime error in conjunction with disabling/enabling Auto-
Protect and running the on-demand scan on an unmanaged client. This issue
affects unmanaged clients that run Windows Vista SP1 32-bit and Windows XP SP3
32-bit operating systems.

--------------------------------------------------------
Auto-Protect scans may not exclude folders and files
--------------------------------------------------------
If you create a security risk exception for folders and files on a Windows mount point or drive, the Auto-Protect scans do not exclude the folders and files when the client browses the volume content on that mount point or drive.
For example, if drive E:\ is mounted to C:\Mount and you create an exception for C:\Mount\Foo\, the Auto-Protect scans do not exclude the E:\Foo\ or the C:\Mount\Foo\ folder content.

If an excluded folder or file is a mount point, such as C:\Mount\Foo\, you must manually add the alternate path with the drive letter (such as E:\Foo\) to the Centralized Exceptions policy.


Exchange Server exceptions
--------------------------
To find the paths for Exchange Server folder and file exceptions, refer to the following registry locations:
On a 32-bit operating system: HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint Protection\AV\Exclusions
On a 64-bit operating system: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Symantec\Symantec Endpoint Protection\AV\Exclusions
For more information, refer to the Knowledge Base article at the Technical Support Web site, located at the following URL: www.symantec.com/techsupp/

-------------------------
INTRUSION PREVENTION
-------------------------

-----------------------------------------------------
Active Response triggers intermittently on vmware for IPS attacks
-----------------------------------------------------
The Active Response feature automatically blocks an attacker's IP address for a
specified period of time. This feature is enabled by default when the Intrusion
Prevention is enabled in a policy. When a client is installed on vmware, Active
Response does not always trigger.

To work around this issue, install and run the Symantec Endpoint Protection
Small Business Edition client on a physical machine.

-------------------------
NETWORK THREAT PROTECTION
-------------------------

----------------------------------------
Firewall rules imported from Symantec Endpoint Protection 11.0 may not retain settings after editing
----------------------------------------
If you import firewall policies that you created in Symantec Endpoint Protection version 11.0, and edit one or more of the firewall rules, the original settings of the rule may not be retained. You may see errors in security level and how rules are processed, and the edit state of the rule may be affected.

To work around this issue, do not edit rules in firewall policies that were imported from Symantec Endpoint Protection version 11.0. If you need to change one or more rules, recreate the policy and rules in Symantec Endpoint Protection Small Business Edition.

------------------------------------------------------------------
Firewall rule marked as uneditable after it is moved down in the list
------------------------------------------------------------------
When you enable a firewall policy, and choose to customize the default settings, several rules that are included at the bottom of the Firewall Rules list are uneditable and the rows are shaded grey. These rules apply to all network traffic not covered by the firewall rules above it in the list.

It is possible that if a rule that is positioned two rows above the first uneditable rule is deleted, the rule that is auto-selected can be moved down in the list, causing it to be uneditable.

To work around this issue, create a duplicate rule of the one that is uneditable, changing the action. For example, if the rule that is uneditable allows the specified traffic, then create a duplicate rule with a block action and position it in the Firewall Rules list as appropriate.

------------------------------------------------------------------------------------
For more than 500 groups, it takes 1.5 minutes to display the Firewall Policy Overview page
------------------------------------------------------------------------------------
If you click the Add a Firewall Policy command, it can take up to 1.5 minutes for the Firewall Policy Overview page to appear. This occurs if the management server contains 500 or more groups. The problem occurs because it takes time for the Overview page to display all the groups that the existing firewall policies are assigned to.

To work around this issue, perform the following steps:
1. Close all instances of the Symantec Protection Center console.
2. Open the file %temp%/sesm.xml.
3. Locate the following line:
<login locationCounting="true" option="more" vistaWarn="false" />
4. Change the "locationCounting" attribute from "true" to "false" and save the file.
5. Restart the console.
6. In the console, click Policies > Firewall > Add a Firewall Policy.
On the Firewall Policy Overview page, under "Groups Using This Policy," the text "The group list is currently hidden" appears instead of the groups.


---------------------------
PROACTIVE THREAT PROTECTION
---------------------------

------------------------------------------------------------------------------------
TruScan(tm) Proactive Threat Scan Technology detects a process that runs from a network or mapped drive but the process does not appear in the list of detected processes for centralized exceptions
------------------------------------------------------------------------------------
When a proactive threat scan detects a process that runs from a network or a mapped drive, the event appears in the log on the client computer. However, the management server does not register this event, so the event does not appear in the logs in the management console. You also cannot create an exception for the process because it does not appear in the list of detected processes for centralized exceptions.


====================================================================================

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION CLIENT
====================================================================================

------------------------------------------------------
Pausing an Administrator-defined scan and closing the dialog box prevents subsequent scans
------------------------------------------------------
When configuring Administrator-defined scans in Symantec Protection Center, one of the options an administrator can set is to allow users to pause scans. When this option is enabled, and an Administrator-defined scan is running on a Symantec Endpoint Protection Small Business Edition client, you are allowed to pause the scan. However, if you pause a scan and close the dialog box that appears using the close icon (e.g., click X), subsequent scans will not run.

To work around this issue, restart the client machine. To avoid this issue, when a scan is paused, close the dialog box using the buttons in the dialog box.

--------------------------------------------------------------------------------
Symantec Endpoint Protection Small Business Edition client installs without detecting and excluding Forefront Threat Management Gateway (TMG) product
--------------------------------------------------------------------------------
When installing the Symantec Endpoint Protection Small Business Edition client on a Windows Essential Business Server 2008 system, the installation process should detect and autoexclude the Forefront TMG product to avoid potential compatibility issues. This does not occur during installation.

To work around this issue, after client installation, create centralized exceptions in the Symantec Protection Center console to exclude the Forefront TMG product. Then, ensure that the policy is applied to the client. To determine what folders/files to exclude, reference the following Microsoft KB article: http://technet.microsoft.com/en-us/library/cc707727.aspx

----------------------------------------------------------------
Unable to view connection status information on client machine with French operating system
----------------------------------------------------------------
When the Symantec Endpoint Protection Small Business Edition client is installed on a machine with a French operating system, you may be unable to view information on connection status with Symantec Protection Center. Click Help > Troubleshooting > Connection Status. The data for Last Attempted Connection, Server Name, and Port Number may be truncated.

To work around this issue, export this data to a file and view it from the file.

---------------------------------------------------------------
Protocol name incorrect in client security logs
---------------------------------------------------------------
In the client security logs, the protocol name appears as NONE for UDP comprehensive attacks. The protocol name should be UDP.

---------------------------------------------
Issue with icon size setting when creating a new application firewall rule
---------------------------------------------
For clients installed on Windows Vista, when adding a new application firewall rule, selecting Small Icons will render the Small Icons check box unusable.

To work around this issue, right-click the Application List, and choose "Details". The checkboxes will then function properly.

---------------------------------------------
Scan state change may not be saved when editing client scans
---------------------------------------------
When editing a scan, if you change the state in the Enable the scan check box on the Scan Name tab, then move to another tab in Scan Properties, and then click OK, the change may not be saved.

To work around this issue, change the state and then click OK before moving off the Scan Name tab to save the setting.

-----------------------------------
Clients installed on Windows Essential Business Server (EBS) 2008 systems do not communicate with Symantec Protection Center installed on Windows EBS 2008
-----------------------------------
You must configure the Microsoft Threat Management Gateway (TMG) security component to allow Symantec Protection Center/client communications on port TCP 8014.

--------------------------------------------------------------------------------
The client does not use proxy settings on Windows 2008 Core editions
--------------------------------------------------------------------------------
The client uses the Internet Explorer (IE) WinInet for the proxy feature. Since Windows 2008 Core does not have IE installed, the client cannot communicate through a proxy when installed on Windows 2008 Core editions.

There is no documented workaround for this issue.

--------------------------------------------------------------------------------
Restore action fails when run from the Symantec Antivirus Detection Results dialog box
--------------------------------------------------------------------------------
When found, Auto-Protect displays detected risks in the Symantec AntiVirus Detection Results dialog box. From this dialog box, clicking Other Actions > Restore might fail to restore the file. When it fails, the action produces a failed status or displays a runtime error message.

To restore successfully, you should run the restore action from the Quarantine section.

----------------------------------------------------------------------------------
When the client is first installed, virus definitions appear to be out-of-date
----------------------------------------------------------------------------------
When the product is first installed, a message can appear in the system tray icon and main user interface that mistakenly indicates that virus definitions are out-of-date. This can safely be ignored.

After LiveUpdate runs, however, all messages should be accurate. Messages include a popup message box and a red or yellow status icon.

-------------------------------------------------------------
The client stops running after the Windows page file fills up
-------------------------------------------------------------
If the client closes or stops running after displaying a runtime error or an out of memory error, the client computer does not have enough memory. This can occur if the Windows page file is too full. To view the page file, open the Task Manager on the client computer, click the Performance tab, and look at the PF Usage graph.

To work around this issue, either increase the memory on your client computer, or close applications that you do not need.

-------------------------------------------------------------
Users must always restart the client computer for an unattended installation
-------------------------------------------------------------
The client computer does not restart the computer automatically for an unattended installation. If you have configured the Client Install Settings for a client installation package as "Unattended" and "Restart the computer after installation," users must still restart the computer.

-------------------------------------------------------------
Clients can no longer connect to Symantec Protection Center after the management server has been disconnected from and reconnected to the network
-------------------------------------------------------------
If you create a client installation package while the management server is disconnected from the network, the sylink.xml file that is part of the client installation package no longer includes the IP address of the management server. When you deploy and install this client installation package with a missing IP address in the sylink.xml file, the clients are unable to connect to the management server.

You can replace the sylink.xml file using the SyklinkDrop tool. You can find the tool in the
Tools\NoSupport folder on the product disc.

Alternately, you can set up a domain name service (DNS) server to resolve the management server's IP address based on its host name. If you do not have a DNS server, you can also resolve the management server's IP address based on its host name by mapping the management server's IP address to its host name in the C:\WINDOWS\system32\drivers\etc\hosts file that is located on the client computer.

----------------------------------------------------------------
LiveUpdate schedule changes require restart on unmanaged clients
----------------------------------------------------------------
If the schedule is changed for how often LiveUpdate runs on unmanaged clients, the change does not take effect until the smc process is restarted, or until the computer is restarted. For example, if the schedule is set for LiveUpdate to run weekly, and if the schedule is changed to run daily, you must restart the process or computer.

To restart the process:

1. Display a command prompt.
2. Use the CD command to move to the \Symantec\Symantec Endpoint Protection directory.
3. Execute smc -stop

-------------------------------------------------------------
Notification does not appear on a managed client computer when a proactive threat scan detects a threat and uses an action of "log only"
-------------------------------------------------------------
If you configure proactive threat scan detection notifications to appear on client computers, and if the action for a proactive threat detection is log only, when the scan makes the detection, a popup notification does not appear on a managed client computer. If any other action is configured for the detection, a popup notification always appears on the client computer. In either case, the user can always view the detection information in the Proactive Threat Protection log.

-------------------------------------------------------------
TruScan proactive threat scan status appears red on the client before LiveUpdate runs
-------------------------------------------------------------
When you install the client, the TruScan proactive threat scans use LiveUpdate to get the latest content. The Proactive Threat Protection status appears green while the client waits to get its content updates from LiveUpdate. If you run a proactive threat scan before LiveUpdate downloads the latest proactive threat scan content, the TruScan status appears red.

-------------------------------------------------------------
Pop-up message that states an application is being blocked does not always appear when expected
-------------------------------------------------------------
The pop-up message that notifies you of a blocked application might not always appear each time that the firewall blocks an application. The absence of this pop-up message might occur in the following situations:

- If you run multiple instances of the same application. For example, suppose a firewall rule blocks Internet Explorer. If you start Internet Explorer and try to locate a Web site, the pop-up message appears. If you then open a second instance of Internet Explorer without closing the first window, a pop-up message does not appear.
- If you run an application, close it, and then run the application again within a short period.

-------------------------------------------------------------
Debug log settings apply to Virus and Spyware Protection and Proactive Threat Protection scans
-------------------------------------------------------------
In the Troubleshooting dialog, the debug log settings under the heading "Symantec Endpoint Protection" apply only to Virus and Spyware Protection and Proactive Threat Protection scans.

-------------------------------------------------------------
If the user or a script runs the password-protected smc command and the supplied password is incorrect, the client incorrectly returns a value of 0
-------------------------------------------------------------
The administrator might require a password for the -stop, -importconfig, and -exportconfig parameters for the smc command. When a user or a script runs the password-protected smc command and the supplied password is wrong, the smc command incorrectly returns an error code of 0, which states that the password was successful. Use a method other than the smc return value to check if the command was successful.

-----------------------------------------------------------------
Red "X" on Status page can indicate limited access to the product
-----------------------------------------------------------------
Restricted users cannot access all aspects of the product. Usually, those items are grayed out, but sometimes they appear with a red X. This does not indicate a problem, but rather limited privileges.

---------------------------------------------------
System standby does not occur after designated time
---------------------------------------------------
You can set up system standby on your computer to occur after a designated time. However, system standby never occurs on the computer on which you installed the client, despite the setting being enabled.

If you want to correct this problem on the computer on which you installed the client, you need to manually enable system standby. You can manually enable Standby in the Shutdown Windows dialog box. Or, see the documentation that was shipped with your operating system for more information on how to manually enable system standby.

This problem can occur on all supported platforms on which you can install the client.

------------------------------------------------------
Auto-Protect repair can cause a crash on Windows Vista
------------------------------------------------------
On client computers that run Windows Vista, if you select Repair when Auto-Protect notifies you of a risk, the computer might crash. The crash only occurs when Auto-Protect is disabled, risks add unrepairable files to the computer, Auto-Protect is re-enabled, and then you try to repair the files. To prevent the computer from crashing, turn off Quarantine and back up the files first. Then repair the files.

Check Microsoft for the latest information about Windows Vista. A fix has been released to address this issue. See the Microsoft Knowledge Base article 951250.

--------------------------------------------
Using the firewall with a bridged connection
--------------------------------------------
A client computer that uses two network cards and that connects to the same network switch might not be able to communicate if the network uses a bridged connection. When traffic passes through the firewall, the firewall can cause a packet storm so that the network cannot broadcast traffic. If a client computer uses two NIC cards, uses a bridged connection, and cannot communicate, you might need to unbridge the connection.

------------------------------------------------------------------------------------
If the user attempts to block a protocol driver from the View Network Activity or Application List dialog boxes, the firewall still allows the driver
------------------------------------------------------------------------------------
If the client runs a protocol driver, the driver appears in the Network Activity dialog box and the Application List dialog box. If the user then tries to block the driver from these dialog boxes, the firewall ignores the block action and continues to allow the driver. To work around the problem, the user can create a firewall rule that blocks traffic from the protocol driver.


====================================================================================

DOCUMENTATION
====================================================================================

---------------------
LATEST DOCUMENTATION
---------------------
The user documentation might be updated between product releases. You can locate the latest user documentation at the following Symantec Technical Support Web sites:

Symantec Endpoint Protection Small Business Edition documentation
http://www.symantec.com/enterprise/support/documentation.jsp?pid=55357


---------------------
IMPLEMENTATION GUIDE
---------------------

-------------------------------------------------------------------------
Some topics associated with importing a license may include some incorrect information
-------------------------------------------------------------------------
See chapter 12, "Managing product licenses," in the section called "Importing a license," to import the following licenses into Symantec Protection Center: New paid license Additional paid license Renewed license License from Symantec legacy virus protection software

-------------------------------------------------------------------------
Additional step for moving a server
-------------------------------------------------------------------------
See chapter 17, "Managing disaster recovery," in the section called "Moving the
server," client communication will not work after performing the steps to move
the server unless the new Symantec Protection Center system has the same IP
address as the original Symantec Protection Center system. Ensure that you assign the IP address of the original Symantec Protection Center system to the new Symantec Protection Center system.


---------------------------------------
CONSOLE HELP AND CONTEXT-SENSITIVE HELP
---------------------------------------

---------------------------------------------------------------
Default notification addition to the About the default notifications help topic
---------------------------------------------------------------
One additional default notification should be listed in the table. Client list changed is a default notification that alerts administrators about changes to the client list.

---------------------------------------------------------------
The License Main Page help topic includes some incorrect information
---------------------------------------------------------------
In the table, in the first column, second row, the option Register to download a license file is listed as a valid option. This is incorrect and this option should be removed.

---------------------------------------------------------------
The Downloading a license file help topic includes some incorrect information
---------------------------------------------------------------
In the topic titled Downloading a license file, in step 2, you are instructed to click Register to download a license file, though this option does not exist. You should click Register a serial number.

--------------------------------------------------------------------------
The Configure Notifications help topic includes some incorrect information about wildcards
--------------------------------------------------------------------------
In the Configure Notifications topic, in the first table (Possible filter options when you create a notification), Help states that you can use the ? wildcard in the Computer and Risk name fields. This is not accurate. The ? wildcard is not accepted to filter using these fields.

--------------------------------------------------------------------------
The Firewall Rules (Rules: Rules) help topic includes some incorrect information about specifying applications
--------------------------------------------------------------------------
In The Rules: Rules topic (in the Firewall Rules window, on the Rules tab, click Help), in the second table (Rules list columns), for Application, Help states that when you specify an application for a rule, you can search from a list of applications that are uploaded from each client. This is not accurate. This feature is not supported in this release.

--------------------------------------------------------------------------
The Policies help topic includes some incorrect information about custom IPS signatures
--------------------------------------------------------------------------
In the Policies topic (in Policies window, click Help), in the table, for Intrusion Prevention, Help states (in the last sentence) that you can import and create custom IPS signatures. This is not accurate. This feature is not supported in this release.


------------
CLIENT GUIDE
------------

---------------------------------------------------------
The Client Guide incorrectly states that the notification area icon does not appear on centrally managed clients
---------------------------------------------------------
See Chapter 2, "Getting started with the client," in the section called "About the notification area icon." The sentence "On centrally managed clients, the notification area icon does not appear" was removed. The notification area icon does appear on a centrally managed client.

---------------------------------------------------------
The Client Guide incorrectly states that for an expired paid license, you can click the Fix button
---------------------------------------------------------
See Chapter 3, "Responding to alerts and notifications," in the section called "Responding to messages about an expired license." The description for a paid license states that if you click Fix, a message appears. However, the Fix button does not appear.

---------------------------------------------------------
The Client Guide incorrectly states that you can disable LiveUpdate
---------------------------------------------------------
See Chapter 4, "Making sure that your computer is protected," in the section called "Updating the client's protection." The description for "Update your protection on a schedule" states that "On a self-managed client, you might also be able to disable LiveUpdate or change the LiveUpdate schedule." This sentence should say "On a self-managed client, you can disable or change a LiveUpdate schedule."

---------------------------------------------------------
The Client Guide incorrectly states that for centrally managed clients, users can configure File System Auto-Protect only
---------------------------------------------------------
See Chapter 5, "Managing scans," in the section called "About the types of protection scans." The scan types table for Auto-Protect incorrectly states that you can configure Microsoft Outlook Auto-Protect on self-managed clients only. The note also incorrectly states that on centrally managed clients, you can configure File System Auto-Protect only. However, users can configure all types of Auto-Protect technology on centrally managed clients, if the administrator or user has installed the technology. For Internet Email Auto-Protect, the client must run on 32-bit non-server operating systems only, such as Windows Vista and Windows XP.

--------------------------------------
CLIENT HELP AND CONTEXT-SENSITIVE HELP
--------------------------------------

--------------------------------------------------------------------------
The Advanced Scan Options Help topic incorrectly states that you can configure storage migration options
--------------------------------------------------------------------------
In the Advanced Scan Options topic (on the Status page, create a new scan, click Next, and then click Advanced), Help states that you can configure storage migration options for a scan. This feature is not supported in this release.

==============================================================================

THIRD-PARTY ISSUES
==============================================================================

----------------------------------------------------------------
Symantec Endpoint Protection Small Business Edition client and a Nortel VPN client both fail to start when installed at the same time with Nortel VPN AutoConnect enabled
----------------------------------------------------------------
If a Nortel VPN client and a Symantec Endpoint Protection Small Business Edition client are installed at the same time and the Nortel AutoConnect feature is enabled, then when the computer is restarted, neither client starts and neither system tray icon appears.

Restarting the computer can resolve the issue. If it does not, then as a workaround, disabling Nortel AutoConnect allows the Symantec Endpoint Protection Small Business Edition client to start. Because the AutoConnect feature can be enabled by the VPN server, the user should disable the AutoConnect feature after every VPN connection.

-----------------------------------------------------------
Trend Micro OfficeScan 7.3 conflicts and installation order
-----------------------------------------------------------
If you want to run Trend Micro OfficeScan 7.3 with Symantec Endpoint Protection Small Business Edition client software, you must install Trend Micro OfficeScan first, and then install Symantec Endpoint Protection Small Business Edition client software. Otherwise, when the Trend Micro OfficeScan installer detects LiveUpdate, it attempts to uninstall it, fails, and exits.

-------------------------------------------------------------
The firewall does not work with Google Web Accelerator and Internet Explorer
-------------------------------------------------------------
The firewall does not work with Google Web Accelerator in combination with Internet Explorer. This issue affects any Symantec Enterprise Protection client that has both Internet Explorer and Google Web Accelerator installed.

The issue occurs when the client computer tries to use a firewall rule to block access to a remote Web site. All platforms are affected.

Symantec Corporation recommends that you avoid using Internet Explorer, Google Web Accelerator, and firewall combinations. No workaround exists for this issue.


==============================================================================

SYMANTEC SOFTWARE LICENSE AGREEMENT
==============================================================================

SYMANTEC CORPORATION AND/OR ITS AFFILIATES ("SYMANTEC") IS WILLING TO LICENSE THE LICENSED SOFTWARE TO YOU AS THE INDIVIDUAL, THE COMPANY, OR THE LEGAL ENTITY THAT WILL BE UTILIZING THE LICENSED SOFTWARE (REFERENCED BELOW AS "YOU" OR "YOUR") ONLY ON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS OF THIS LICENSE AGREEMENT ("LICENSE AGREEMENT"). READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT CAREFULLY BEFORE USING THE LICENSED SOFTWARE. THIS IS A LEGAL AND ENFORCEABLE CONTRACT BETWEEN YOU AND SYMANTEC. BY OPENING THE LICENSED SOFTWARE PACKAGE, BREAKING THE LICENSED SOFTWARE SEAL, CLICKING THE "I AGREE" OR "YES" BUTTON, OR OTHERWISE INDICATING ASSENT ELECTRONICALLY, OR LOADING THE LICENSED SOFTWARE OR OTHERWISE USING THE LICENSED SOFTWARE, YOU AGREE TO THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT. IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS, CLICK THE "I DO NOT AGREE" OR "NO" BUTTON OR OTHERWISE INDICATE REFUSAL AND MAKE NO FURTHER USE OF THE LICENSED SOFTWARE. UNLESS OTHERWISE DEFINED HEREIN, CAPITALIZED TERMS WILL HAVE THE MEANING GIVEN IN THE "DEFINITIONS" SECTION OF THIS LICENSE AGREEMENT AND SUCH CAPITALIZED TERMS MAY BE USED IN THE SINGULAR OR IN THE PLURAL, AS THE CONTEXT REQUIRES.

1. DEFINITIONS.

"Content Updates" means content used by certain Symantec products which is updated from time to time, including but not limited to: updated anti-spyware definitions for anti-spyware products; updated antispam rules for antispam products; updated virus definitions for antivirus and crimeware products; updated URL lists for content filtering and antiphishing products; updated firewall rules for firewall products; updated intrusion detection data for intrusion detection products; updated lists of authenticated web pages for website authentication products; updated policy compliance rules for policy compliance products; and updated vulnerability signatures for vulnerability assessment products.

"Documentation" means the user documentation Symantec provides with the Licensed Software.

"License Instrument" means one or more of the following applicable documents which further defines Your license rights to the Licensed Software: a Symantec license certificate or a similar license document issued by Symantec, or a written agreement between You and Symantec, that accompanies, precedes or follows this License Agreement.

"Licensed Software" means the Symantec software product, in object code form, accompanying this License Agreement, including any Documentation included in, or provided for use with, such software or that accompanies this License Agreement.

"Support Certificate" means the certificate sent by Symantec confirming Your purchase of the applicable Symantec maintenance/support for the Licensed Software.

"Upgrade" means any version of the Licensed Software that has been released to the public and which replaces the prior version of the Licensed Software on Symantec's price list pursuant to Symantec's then-current upgrade policies.

"Use Level" means the license use meter or model (which may include operating system, hardware system, application or machine tier limitations, if applicable) by which Symantec measures, prices and licenses the right to use the Licensed Software, in effect at the time an order is placed for such Licensed Software, as indicated in this License Agreement and the applicable License Instrument.

2. LICENSE GRANT. Subject to Your compliance with the terms and conditions of this License Agreement, Symantec grants to You the following rights: (i) a non-exclusive, non-transferable (except as stated otherwise in Section 16.1) license to use the Licensed Software solely in support of Your internal business operations in the quantities and at the Use Levels described in this License Agreement and the applicable License Instrument; and (ii) the right to make a single uninstalled copy of the Licensed Software for archival purposes which You may use and install for disaster-recovery purposes (i.e. where the primary installation of the Licensed Software becomes unavailable for use).

2.1 TERM. The term of the Licensed Software license granted under this License Agreement shall be perpetual (subject to Section 14) unless stated otherwise in Section 17 or unless You have obtained the Licensed Software on a non-perpetual basis, such as, under a subscription or term-based license for the period of time indicated on the applicable License Instrument. If You have obtained the Licensed Software on a non-perpetual basis, Your rights to use such Licensed Software shall end on the applicable end date as indicated on the applicable License Instrument and You shall cease use of the Licensed Software as of such applicable end date.

3. LICENSE RESTRICTIONS. You may not, without Symantec's prior written consent, conduct, cause or permit the: (i) use, copying, modification, rental, lease, sublease, sublicense, or transfer of the Licensed Software except as expressly provided in this License Agreement; (ii) creation of any derivative works based on the Licensed Software; (iii) reverse engineering, disassembly, or decompiling of the Licensed Software (except that You may decompile the Licensed Software for the purposes of interoperability only to the extent permitted by and subject to strict compliance under applicable law); (iv) use of the Licensed Software in connection with service bureau, facility management, timeshare, service provider or like activity whereby You operate or use the Licensed Software for the benefit of a third party; (v) use of the Licensed Software by any party other than You; (vi) use of a later version of the Licensed Software other than the version that accompanies this License Agreement unless You have separately acquired the right to use such later version through a License Instrument or Support Certificate; nor (vii) use of the Licensed Software above the quantity and Use Level that have been licensed to You under this License Agreement or the applicable License Instrument.

4. OWNERSHIP/TITLE. The Licensed Software is the proprietary property of Symantec or its licensors and is protected by copyright law. Symantec and its licensors retain any and all rights, title and interest in and to the Licensed Software, including in all copies, improvements, enhancements, modifications and derivative works of the Licensed Software. Your rights to use the Licensed Software shall be limited to those expressly granted in this License Agreement. All rights not expressly granted to You are retained by Symantec and/or its licensors.

5. CONTENT UPDATES. If You purchase a Symantec maintenance/support offering consisting of or including Content Updates, as indicated on Your Support Certificate, You are granted the right to use, as part of the Licensed Software, such Content Updates as and when they are made generally available to Symantec's end user customers who have purchased such maintenance/support offering and for such period of time as indicated on the face of the applicable Support Certificate. This License Agreement does not otherwise permit You to obtain and use Content Updates.

6. UPGRADES/CROSS-GRADES. Symantec reserves the right to require that any upgrades (if any) of the Licensed Software may only be obtained in a quantity equal to the number indicated on the applicable License Instrument. An upgrade to an existing license shall not be deemed to increase the number of licenses which You are authorized to use. Additionally, if You upgrade a Licensed Software license, or purchase a Licensed Software license listed on the applicable License Instrument to cross-grade an existing license (i.e. to increase its functionality, and/or transfer it to a new operating system, hardware tier or licensing meter), then Symantec issues the applicable Licensed Instrument based on the understanding that You agree to cease using the original license. Any such license upgrade or cross-grade is provided under Symantec's policies in effect at the time of order. This License Agreement does not separately license You for additional licenses beyond those which You have purchased, and which have been authorized by Symantec as indicated on the applicable License Instrument.

7. LIMITED WARRANTY.

7.1. MEDIA WARRANTY. If Symantec provides the Licensed Software to You on tangible media, Symantec warrants that the magnetic media upon which the Licensed Software is recorded will not be defective under normal use, for a period of ninety (90) days from delivery. Symantec will replace any defective media returned to Symantec within the warranty period at no charge to You. The above warranty is inapplicable in the event the Licensed Software media becomes defective due to unauthorized use of the Licensed Software. THE FOREGOING IS YOUR SOLE AND EXCLUSIVE REMEDY FOR SYMANTEC'S BREACH OF THIS WARRANTY.

7.2. PERFORMANCE WARRANTY. Symantec warrants that the Licensed Software, as delivered by Symantec and when used in accordance with the Documentation, will substantially conform to the Documentation for a period of ninety (90) days from delivery. If the Licensed Software does not comply with this warranty and such non-compliance is reported by You to Symantec within the ninety (90) day warranty period, Symantec will do one of the following, selected at Symantec's reasonable discretion: either (i) repair the Licensed Software, (ii) replace the Licensed Software with software of substantially the same functionality, or (iii) terminate this License Agreement and refund the relevant license fees paid for such non-compliant Licensed Software. The above warranty specifically excludes defects resulting from accident, abuse, unauthorized repair, modifications or enhancements, or misapplication. THE FOREGOING IS YOUR SOLE AND EXCLUSIVE REMEDY FOR SYMANTEC'S BREACH OF THIS WARRANTY.

8. WARRANTY DISCLAIMERS. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE WARRANTIES SET FORTH IN SECTIONS 7.1 AND 7.2 ARE YOUR EXCLUSIVE WARRANTIES AND ARE IN LIEU OF ALL OTHER WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS. SYMANTEC MAKES NO WARRANTIES OR REPRESENTATIONS THAT THE LICENSED SOFTWARE, CONTENT UPDATES OR UPGRADES WILL MEET YOUR REQUIREMENTS OR THAT OPERATION OR USE OF THE LICENSED SOFTWARE, CONTENT UPDATES, AND UPGRADES WILL BE UNINTERRUPTED OR ERROR-FREE. YOU MAY HAVE OTHER WARRANTY RIGHTS, WHICH MAY VARY FROM STATE TO STATE AND COUNTRY TO COUNTRY.

9. LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW AND REGARDLESS OF WHETHER ANY REMEDY SET FORTH HEREIN FAILS OF ITS ESSENTIAL PURPOSE, IN NO EVENT WILL SYMANTEC OR ITS LICENSORS, RESELLERS, SUPPLIERS OR AGENTS BE LIABLE TO YOU FOR (i) ANY COSTS OF PROCUREMENT OF SUBSTITUTE OR REPLACEMENT GOODS AND SERVICES, LOSS OF PROFITS, LOSS OF USE, LOSS OF OR CORRUPTION TO DATA, BUSINESS INTERRUPTION, LOSS OF PRODUCTION, LOSS OF REVENUES, LOSS OF CONTRACTS, LOSS OF GOODWILL, OR ANTICIPATED SAVINGS OR WASTED MANAGEMENT AND STAFF TIME; OR (ii) ANY SPECIAL, CONSEQUENTIAL, INCIDENTAL OR INDIRECT DAMAGES WHETHER ARISING DIRECTLY OR INDIRECTLY OUT OF THIS LICENSE AGREEMENT, EVEN IF SYMANTEC OR ITS LICENSORS, RESELLERS, SUPPLIERS OR AGENTS HAS BEEN ADVISED SUCH DAMAGES MIGHT OCCUR. IN NO CASE SHALL SYMANTEC'S LIABILITY EXCEED THE FEES YOU PAID FOR THE LICENSED SOFTWARE GIVING RISE TO THE CLAIM. NOTHING IN THIS AGREEMENT SHALL OPERATE SO AS TO EXCLUDE OR LIMIT SYMANTEC'S LIABILITY TO YOU FOR DEATH OR PERSONAL INJURY ARISING OUT OF NEGLIGENCE OR FOR ANY OTHER LIABILITY WHICH CANNOT BE EXCLUDED OR LIMITED BY LAW. THE DISCLAIMERS AND LIMITATIONS SET FORTH ABOVE WILL APPLY REGARDLESS OF WHETHER OR NOT YOU ACCEPT THE LICENSED SOFTWARE, CONTENT UPDATES OR UPGRADES.

10. MAINTENANCE/SUPPORT. Symantec has no obligation under this License Agreement to provide maintenance/support for the Licensed Software. Any maintenance/support purchased for the Licensed Software is subject to Symantec's then-current maintenance/support policies.

11. SOFTWARE EVALUATION. If the Licensed Software is provided to You for evaluation purposes and You have an evaluation agreement with Symantec for the Licensed Software, Your rights to evaluate the Licensed Software will be pursuant to the terms of such evaluation agreement. If You do not have an evaluation agreement with Symantec for the Licensed Software and if You are provided the Licensed Software for evaluation purposes, the following terms and conditions shall apply. Symantec grants to You a nonexclusive, temporary, royalty-free, non-assignable license to use the Licensed Software solely for internal non-production evaluation. Such evaluation license shall terminate (i) on the end date of the pre-determined evaluation period, if an evaluation period is pre-determined in the Licensed Software or (ii) sixty (60) days from the date of Your initial installation of the Licensed Software, if no such evaluation period is pre-determined in the Licensed Software ("Evaluation Period"). The Licensed Software may not be transferred and is provided "AS IS" without warranty of any kind. You are solely responsible to take appropriate measures to back up Your system and take other measures to prevent any loss of files or data. The Licensed Software may contain an automatic disabling mechanism that prevents its use after a certain period of time. Upon expiration of the Licensed Software Evaluation Period, You will cease use of the Licensed Software and destroy all copies of the Licensed Software. All other terms and conditions of this License Agreement shall otherwise apply to Your evaluation of the Licensed Software as permitted herein.

12. U.S. GOVERNMENT RESTRICTED RIGHTS. The Licensed Software is deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Licensed Software - Restricted Rights" and DFARS 227.7202, "Rights in Commercial Computer Licensed Software or Commercial Computer Licensed Software Documentation", as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software by the U.S. Government shall be solely in accordance with the terms of this License Agreement.

13. EXPORT REGULATION. You acknowledge that the Licensed Software and related technical data and services (collectively "Controlled Technology") are subject to the import and export laws of the United States, specifically the U.S. Export Administration Regulations (EAR), and the laws of any country where Controlled Technology is imported or re-exported. You agree to comply with all relevant laws and will not to export any Controlled Technology in contravention to U.S. law nor to any prohibited country, entity, or person for which an export license or other governmental approval is required. All Symantec products, including the Controlled Technology are prohibited for export or re-export to Cuba, North Korea, Iran, Syria and Sudan and to any country subject to relevant trade sanctions. You hereby agree that You will not export or sell any Controlled Technology for use in connection with chemical, biological, or nuclear weapons, or missiles, drones or space launch vehicles capable of delivering such weapons.

14. TERMINATION. This License Agreement shall terminate upon Your breach of any term contained herein. Upon termination, You shall immediately stop using and destroy all copies of the Licensed Software.

15. SURVIVAL. The following provisions of this License Agreement survive termination of this License Agreement: Definitions, License Restrictions and any other restrictions on use of intellectual property, Ownership/Title, Warranty Disclaimers, Limitation of Liability, U.S. Government Restricted Rights, Export Regulation, Survival, and General.

16. GENERAL.

16.1. ASSIGNMENT. You may not assign the rights granted hereunder or this License Agreement, in whole or in part and whether by operation of contract, law or otherwise, without Symantec's prior express written consent.

16.2. COMPLIANCE WITH APPLICABLE LAW. You are solely responsible for Your compliance with, and You agree to comply with, all applicable laws, rules, and regulations in connection with Your use of the Licensed Software.

16.3. AUDIT. An auditor, selected by Symantec and reasonably acceptable to You, may, upon reasonable notice and during normal business hours, but not more often than once each year, inspect Your records and deployment in order to confirm that Your use of the Licensed Software complies with this License Agreement and the applicable License Instrument. Symantec shall bear the costs of any such audit, except where the audit demonstrates that the Manufacturer's Suggested Reseller Price (MSRP) value of Your non-compliant usage exceeds five percent (5%) of the MSRP value of Your compliant deployments. In such case, in addition to purchasing appropriate licenses for any over-deployed Licensed Software, You shall reimburse Symantec for the auditor's reasonable actual fees for such audit.

16.4. GOVERNING LAW; SEVERABILITY; WAIVER. If You are located in North America or Latin America, this License Agreement will be governed by the laws of the State of California, United States of America. If you are located in China, this License Agreement will be governed by the laws of the Peoples Republic of China. Otherwise, this License Agreement will be governed by the laws of England. Such governing laws are exclusive of any provisions of the United Nations Convention on Contracts for Sale of Goods, including any amendments thereto, and without regard to principles of conflicts of law. If any provision of this License Agreement is found partly or wholly illegal or unenforceable, such provision shall be enforced to the maximum extent permissible, and remaining provisions of this License Agreement shall remain in full force and effect. A waiver of any breach or default under this License Agreement shall not constitute a waiver of any other subsequent breach or default.

16.5. THIRD PARTY PROGRAMS. This Licensed Software may contain third party software programs ("Third Party Programs") that are available under open source or free software licenses. This License Agreement does not alter any rights or obligations You may have under those open source or free software licenses. Notwithstanding anything to the contrary contained in such licenses, the disclaimer of warranties and the limitation of liability provisions in this License Agreement shall apply to such Third Party Programs.

16.6. CUSTOMER SERVICE. Should You have any questions concerning this License Agreement, or if You desire to contact Symantec for any reason, please write to: (i) Symantec Enterprise Customer Care, 555 International Way, Springfield, Oregon 97477, U.S.A., (ii) Symantec Enterprise Customer Care Center, PO BOX 5689, Dublin 15, Ireland, or (iii) Symantec Enterprise Customer Care, 1 Julius Ave, North Ryde, NSW 2113, Australia.

16.7. ENTIRE AGREEMENT. This License Agreement and any related License Instrument are the complete and exclusive agreement between You and Symantec relating to the Licensed Software and supersede any previous or contemporaneous oral or written communications, proposals, and representations with respect to its subject matter. This License Agreement prevails over any conflicting or additional terms of any purchase order, ordering document, acknowledgement or confirmation or other document issued by You, even if signed and returned. This License Agreement may only be modified by a License Instrument that accompanies or follows this License Agreement.

17. ADDITIONAL TERMS AND CONDITIONS. Your use of the Licensed Software is subject to the terms and conditions below in addition to those stated above.

17.1. You may use the Licensed Software for the number of licensed User(s) and at the Use Levels as have been licensed to You by Symantec herein and as indicated in the applicable License Instrument. Your License Instrument shall constitute proof of Your right to make and use such copies. For purposes of this License Agreement, "User(s)" means an individual person and/or device authorized by You to use and/or benefits from the use of the Licensed Software, or is the person and/or device who actually uses any portion of the Licensed Software.

17.2. Notwithstanding anything to the contrary contained in this License Agreement, if the Licensed Software is Symantec Endpoint Protection, each running instance (physical and/or virtual) of such Software must be licensed. You create an "instance" of software by executing the software's setup or install procedure. You also create an "instance" of software by duplicating an existing instance. References to software include "instances" of the software. You "run an instance" of software by loading it into memory and executing one or more of its instructions. Once running, an instance is considered to be running (whether or not its instructions continue to execute) until it is removed from memory.

17.3. Privacy; Data Protection. From time to time, the Licensed Software may collect certain information from the device on which it is installed, which may include:
(i) Information regarding installation of the Licensed Software. This information indicates to Symantec whether installation of the Licensed Software was successfully completed and is collected by Symantec for the purpose of evaluating and improving Symantec's product installation success rate. This information will not be correlated with any personally identifiable information.
(ii) Information on potential security risks as well as URLs of websites visited that the Licensed Software deems potentially fraudulent. This information is collected by Symantec for the purpose of evaluating and improving the ability of Symantec's products to detect malicious behavior, potentially fraudulent websites and other Internet security risks. This information will not be correlated with any personally identifiable information.
(iii) Portable executable files that are identified as malware. These files are submitted to Symantec using the Licensed Software's automatic submission function. The collected files could contain personally identifiable information that has been obtained by the malware without your permission. Files of this type are being collected by Symantec only for the purpose of improving the ability of Symantec's products to detect malicious behavior. Symantec will not correlate these files with any personally identifiable information. Such automatic submission function may be deactivated after installation by following the instructions in the Documentation for applicable products.
(iv) The name given during initial setup to the device on which the Licensed Software is being installed. If collected, the name will be used by Symantec as an account name for such device under which you may elect to receive additional services and/or under which you may use certain features of the Licensed Software. You may change the account name at any time after installation of the Licensed Software (recommended).
(v) The International Mobile Equipment Identity (IMEI) and International Mobile Subscriber Identity (IMSI) for the mobile telecommunications device used with the Licensed Software. This information is being collected for the purpose of being able to identify the telecommunications device eligible to receive Content Updates for the Licensed Software. This information will not be correlated with any other personally identifiable information.
(vi) Other information used for purposes of analyzing and improving the functionality of Symantec's products. This information will not be correlated with any personally identifiable information.

The collected information as set out above is necessary for the purpose of optimizing the functionality of Symantec's products and may be transferred to the Symantec group in the United States or other countries that may have less protective data protection standards than the region in which You are situated (including the European Union), but Symantec has taken steps so that the collected information, if transferred, receives an adequate level of protection. Symantec may disclose the collected information if asked to do so by a law enforcement official as required or permitted by law or in response to a subpoena or other legal process. In order to promote awareness, detection and prevention of Internet security risks, Symantec may share certain information with research organizations and other security software vendors. Symantec may also use statistics derived from the information to track and publish reports on security risk trends. By using the Licensed Software, you acknowledge and agree that Symantec may collect, transmit, store, disclose and analyze such information for these purposes.

Certain features such as the Symantec Protection Manager and the Gateway Enforcer may collect and store, on the customer side only, certain personally identifiable information such as user name, as well as non-personally identifiable information, which could be combined with personally identifiably information by You, subject to the terms of Your privacy policy. This information is not transmitted to or stored by Symantec, unless You voluntarily provide such information.




 



Legacy ID



2009043017262948


Article URL http://www.symantec.com/docs/TECH93752


Terms of use for this information are found in Legal Notices