Proactive Threat Protection (PTP) definitions are current, but its status remains OFF on systems running Windows Server 200x, Windows 7 or a 64-bit version of Windows XP

Article:TECH97928  |  Created: 2009-01-04  |  Updated: 2011-08-18  |  Article URL http://www.symantec.com/docs/TECH97928
Article Type
Technical Solution


Environment

Issue



Why does the PTP status show as OFF even though it is receiving updates on systems running Windows Server 200x?

Symptoms
A client installation package for Symantec Endpoint Protection 11.0.x or 12.x SBE client software is configured to include Antivirus and Antispyware Protection and Proactive Threat Protection (PTP). It is applied to a system running Windows Server 200x. Antivirus and Antispyware Protection is operating normally, but although PTP receives regular updates its status stays OFF.


Cause



This is expected behavior.


Solution



The "Scan for trojans and worms" and the "Scan for keyloggers" options are currently not supported on Windows server operating systems or 64-bit Windows XP Professional. The "Scan for keyloggers" option is also not supported on Windows 7.

Intrusion Prevention System (IPS) technology is fully compatible with Windows server operating systems, and should be used to protect all servers.
Note: Proactive Threat Protection is not the same thing as IPS. Proactive Threat Protection is not compatible with server operating systems.

In order to enable IPS, you must have the client firewall portion of Symantec Endpoint Protection installed and running. This can seem like a problem if you want to run IPS but do not want to use the firewall. To work around this, withdraw the firewall policy. This ensures that IPS is enabled and protecting your network without forcing you to use the client firewall.


References
For additional information, please refer to the "Readme.txt" available on the SEP CD, or contact Symantec Technical Support for assistance.


For additional Information about enabling IPS on a server OS visit the Knowledge Based Document: Best practices regarding Intrusion Prevention System technology .
www.symantec.com/docs/TECH95347

 



Legacy ID



2009120505581948


Article URL http://www.symantec.com/docs/TECH97928


Terms of use for this information are found in Legal Notices