Video Screencast Help
Endpoint Security Blog

RU6 MP1 - its coming!

Created: 12 Aug 2010 • Updated: 17 Aug 2010 • 23 comments
Paul Murgatroyd's picture
+12 12 Votes
Login to vote

Hi All,
 
I just wanted to take some time out and talk about RU6 MP1.  As you may have seen, there are some people on Connect anxiously awaiting its release for a number of reasons.
 
While I cannot give you a definite date at this point, I can tell you it should be available soon.  We hoped to have it out by now, but there is one last issue which we have to fix before we can release.  RU6 MP1 is a maintenance patch for RU6 and RU6a and because of this, its very much focused on customer defects (somewhere around 80 by the time we ship), although we are adding one new feature for you.
 
Some of the issues which are currently fixed (and should be released) are:
 
1925607: DWHxxxx.tmp files are being scanned and re-detected when new definitions arrive and during scheduled scan
Most of you are fairly aware of this one.  We think we have it nailed for the most part, there are a couple of caveats on Windows 7 and Vista though (mainly due to file indexing), but we know what they are and will have a KB up shortly with the details.
 
2038207: After upgrading to RU6 clients are experiencing Denial of Service (DoS) flood attacks.
This one too has caused some issues.  What we saw was that browser prefetching (and other applications that send large numbers of DNS requests at once) were causing the logic behind this signature to be a little too sensitive.  Rather than change the signature, we have made what we believe is a far better change, which is that DNS servers used by the OS at the time of the query will effectively be whitelisted dynamically.
 
2030356: Search return more results than expected.
2034712: SEPM searches no longer find clients after migrating to RU6

These two relate to issues with searching for clients across more than 200 groups, both should be fixed
 
and now, some of the more "special case" defects we are fixing, purely for interest:
 
1945683: Unable to create database with database name starting with a number.
1932182: PTP (COH32) Disables if file "program" exists on Root Drive.
1934825: Embedded DB can't handle TAB key in "Description" field of a ADC policy.

 
and finally, I mentioned a new feature... for those of you who use it (or have wanted to), DoScan has been enhanced to now give the ability to runs scans on a single file, a specific folder, sets of folders, drives, sets of drives or a combination.  It can also run previously scheduled scans by their name.
 
As soon as I know more, I'll be posting to Connect

EDIT: RU6 MP1 has now released, it should hit FileConnect on Wednesday 18th.

Comments 23 CommentsJump to latest comment

nhej-'s picture

Thanks for this information paul. we can inform this to our customers who wants to get RU6 MP1. :p

Cheers!
"Those who Appreciate Quality Enjoy it Responsibly"
---------------:)---------------------------

+1
Login to vote
AravindKM's picture

Thank you for the valuable information....

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

+1
Login to vote
postechgeek's picture

Did the speed of the SEPM get increased?

Thanks,
Mike

+1
Login to vote
ShadowsPapa's picture

i hope - ru6x is the slowest to date...........

+1
Login to vote
Hear4U's picture

Looking for Additional Info on RU6 MP1?  Look No Further!

Quarantine shows date added to quarantine rather than date of the file.
Fix ID: 1810671
Symptom: Quarantine shows date added to quarantine rather than date of the file.
Solution: A new column was added to the Quarantine view to display the date of the file.
 
The display behavior for the number of clients changed in SEP 11 RU5
Fix ID: 1862215
Symptom: The SEPM console is only able to display 1000 clients.
Solution: The console now displays up to 5000 clients.
 
Risk event compression causes duplicate entries in SEPM external logging.
Fix ID: 1917948
Symptom: Compressed alert logs will be sent out again following 'Summarized data'
Solution: Compressed alert logs are filtered. Only the summary alert will be sent out.
 
 
 Notification emails from SEP 11 RU5 SEPM on Windows 2008 contain an unexpected character.
Fix ID: 1919303
Symptom: The email address contains an additional "$" character.
Solution: The default address is now SPC_Server@<domain> if the email address is not configured, else it will use the email address specified.
 
Clients with more than one IP-address show up in search clients result when they should not.
Fix ID: 1919650
Symptom: When using special conditions like IP-address "<>", ">=" or "<=", clients with more than one IP-address show up in search clients result when they should not
Solution: The console was updated to correctly display clients with multiple IP addresses
 
Cannot set scan type "console" as notification condition.
Fix ID: 1920126
Symptom: Cannot set scan type "console" as notification condition.
Solution: "Console" and "System" are not valid scan types, and were removed from the Scan Type dropdown menu.
 
Unable to run reports on SEPM group names that contain SQL reserved keywords like UPDATE, INSERT and SELECT.
Fix ID: 1939212
Symptom: Unable to run reports on SEPM group names that contain SQL reserved keywords like UPDATE, INSERT and SELECT.
Solution: SEPM update to allow reporting on SEPM group names that contain SQL reserved keywords.
 
SEP client status shows out of date definitions after disabling the warning in SEPM.
Fix ID: 1939776
Symptom: SEP client status shows out of date definitions after disabling the warning in SEPM.
Solution: The client status showing that definitions are outdated or is running without definitions is by design. The user interface was updated so that administrators can configure a checkbox (to enable notification) for when definitions are outdated by an X number of days or when SEP is running without definitions.
 
SEPM report drop-down menus disappear unexpectedly and intermittently.
Fix ID: 1952244
Symptom: SEPM report drop-down menus disappear unexpectedly and intermittently.
Solution: The report was updated to correctly show the drop-down menus.
 
Unable to un-select "Check floppies for boot viruses when accessed".
Fix ID: 1952358
Symptom: Upon un-checking "Check floppies for boot viruses when accessed" in SEPM, and saving the change, the checkbox is checked again after reopening the policy.
Solution: SEPM was updated to resolve the logic behind the checkbox.
 
Full Scan does not scan mapped network drives.
Fix ID: 2009958
Symptom: SEP only scans drives that are physically connected to a machine.
Solution: The behavior is as designed. The UI was updated and the option "A password may be required to scan a network drive" from the "What to scan" tab was removed from a Full Scan.
 
Windows Firewall is always disabled by SMC service.
Fix ID: 1992008
Symptom: The Windows Firewall is disabled even though a policy is in place that dictates it to be enabled.
Solution: If SEP Firewall is disabled in a location, the Windows Firewall will be turned on. If SEP Firewall is enabled in a location, the Windows Firewall will be turned off.
 
 


Client and Manager Fixes

Exported scan logs show incorrect status information.
Fix ID: 1098879
Symptom: Exported scan logs show incorrect status information.
Solution: The SEP client was updated so the status column is properly exported.
 
Improper translation for Previous and Next buttons in Chinese Simplified.
Fix ID: 1137601
Symptom: Improper translation for Previous and Next buttons in Chinese Simplified.
Solution: SEPM was updated to accommodate proper translation.
 
Moving firewall rules up or down in SEPM via right-click on the rule name leads to warning that rule name is already in use.
Fix ID: 1509921
Symptom: The message "Rule name is already used" appears when moving firewall rules up and down in SEPM.
Solution: A check was added to ensure that the rule name cell comes out of edit mode before a popup is shown.
 
Location awareness fails to properly recognize wireless connection at 130Mbit speed.
Fix ID: 1519915
Symptom: When network speed is a criterion for location switching, the location does not switch correctly if the speed is 130Mbit.
Solution: The client was modified to enhance the way wireless interfaces are enumerated
 
Anti-Virus events that trigger a Firewall auto-block have no description.
Fix ID: 1534459
Symptom: Anti-Virus events that trigger a Firewall auto-block have no description.
Solution: A default description "Auto-Block event" was added to Firewall auto-block events.
 
A large number of .tmp files builds up in the XFER folder.
Fix ID: 1675729
Symptom: Many files build-up in the XFER folder on a SEP client.
Solution: The SEP client was modified to enhance extraction and clean up of XFER files
 
Weekly scheduled scan is partially migrated when migrating SAV to SEP when using the "Migration and Deployment wizard".
Fix ID: 1763113
Symptom: After a migration from SAV to SEP, the security risks action pane is not shown for the scheduled scan, file-system auto-protect, outlook or lotus notes auto-protect.
Solution: A security risks action default configuration template is used when no action is configured for either Weekly scheduled scan, file-system auto-protect, email, outlook or lotus notes auto-protect
 
 
Virus definitions revert to older date/revision.
Fix ID: 1826779
Symptom: Virus definitions may unexpectedly revert to an older date/revision due to invalid entries in the usage.dat file.
Solution: The SEP client was modified to prevent invalid entries in the usage.dat file.
 
Centralized Exception for "Bloodhound.ExcelMacro" does not prevent detections.
Fix ID: 1876577
Symptom: Bloodhound.ExcelMacro can be selected from a known list within the Exception Policy.
Solution: All risks of type 0 through 3 including Bloodhound.ExcelMacro are now excluded from the known list.
 
Error "The Extend WG Protocol Driver service failed to start due to the following error:” is displayed in event viewer.
Fix ID: 1887681
Symptom: After migrating SPA 5.1 to SEP, you see the following error in the event viewer after a restart of the operating system: "The Extend WG Protocol Driver service failed to start due to the following error: The system cannot find the file specified."
Solution: The SEP client installer was updated to resolve the error message.
 
Multiple event reinsertions to SEPM database.
Fix ID: 1907365
Symptom: A client may forward the same local events (scans, virus detections, definition updates, etc.) to the SEPM server again – resulting in two or more copies of the same event in the database. These events have the exact same date / time as the original events, but because they are forwarded at a different time, the Database Insert timestamp is different. These duplicate events skew the presentation of logs and reports in the Console, and may cause unnecessary alerts and notifications.
Solution: Resolved the internal bookkeeping errors that caused clients to forward the same events to SEPM repeatedly.
 
Access to files located on a network share is significantly slower when ADC (Application and Device Control) is enabled.
Fix ID: 1908362
Symptom: Access to files located on a network share is significantly slower when ADC (Application and Device Control) is enabled.
Solution: The Application and Device Control cache was re-designed to improve performance.
 
Citrix causes SMC start failure.
Fix ID: 1914056
Symptom: SMC and COM+ Event System services do not start when SEP is installed with Citrix PVS Device software.
Solution: The SEP client was modified to allow SMC to start when installed with Citrix.
 
Clients display Host Integrity details when it is in Quarantine.
Fix ID: 1925059
Symptom: Clients display Host Integrity details when it is in Quarantine.
Solution: The server console was updated to properly show host integrity details.
 
DWHxxxx.tmp files are being scanned and re-detected when new definitions arrive or during a scheduled scan.
Fix ID: 1925607
Symptom: DWHxxxx.tmp files are being scanned and re-detected when new definitions arrive or during a scheduled scan.
Solution: After extracting a quarantined item to a temp-file, the file is deleted immediately after it is processed.
 
If Client Log settings expire after 0 days then DAT-files build up under \data\inbox\log\system.
Fix ID: 1926606
Symptom: If Client Log settings expire after 0 days then DAT-files build up under \data\inbox\log\system.
Solution: SEPM was modified to delete DAT-files immediately if the client log settings are set to expire after 0 days.
 
Query failed when running a comprehensive risk reports for the past 24 hours.
Fix ID: 1926711
Symptom: The comprehensive risk reports for the past 24 hours times out and displays a message "Error Query failed: query could not be processed."
Solution: The report now uses a stored procedure along with temporary tables that are used to store interim results.
 
Scheduled scans run at unexpected times.
Fix ID: 1931199
Symptom: Scheduled scans run at unexpected times.
Solution: If a scan is updated, the LastStart value is set to the next immediate run time after the Created time.
 
The SEP client packet log shows incorrect information for the packet type.
Fix ID: 1933067
Symptom: The SEP client packet log shows incorrect information for the packet type.
Solution: The SEP client was updated to correct the type in the packet log output.
 
The embedded database cannot handle the TAB key in the Description field of an Application and Device Control policy.
Fix ID: 1934825
Symptom: The SEP client fails to parse information when a TAB is encountered.
Solution: Tab characters are removed from the description field.
 
SEPM always sets the external log priority to Informational.
Fix ID: 1939492
Symptom: SEPM logs all events to syslog server as "Informational".
Solution: SEPM was updated so that the appropriate log priority is retained when using external logging.
 
 
Packet Log details show incorrect source and destination port information.
Fix ID: 1939648
Symptom: Packet Log details show incorrect source and destination port information.
Solution: The SEP client logging now correctly converts network byte order to native.
 
Re-formatted or re-imaged clients that are part of an Organizational Unit (Active Directory) do not re-register to the same entry.
Fix ID: 1941406
Symptom: Clients that are part of an organizational unit re-register to an incorrect group.
Solution: When using computer mode, a client will now re-register properly and use the same group.
 
Unable to create a database with a database name that starts with a number.
Fix ID: 1945683
Symptom: Unable to create a database with a database name that starts with a number.
Solution: The SEPM installer was updated to allow a database name that starts with a number.
 
Deadlock occurs with third party application called CWAT.
Fix ID: 1947914
Symptom: The computer may deadlock (hang) when the third party application CWAT is installed.
Solution: The SymEvent driver was update to prevent the deadlock.
 
SEP Clients are pulling full definitions from SEPM or GUP rather than deltas.
Fix ID: 1950212
Symptom: Clients download full definitions from SEPM or GUP due to the server generating 0-byte deltas.
Solution: The SEPM definition delta generation was made more robust to ensure deltas are generated properly for distribution to clients and GUPs.
 
Client does not use single GUP when GUP bypass timeout is configured.
Fix ID: 1951175
Symptom: The SEP client does not use "single GUP" when GUP bypass timeout is configured.
Solution: The method in which a GUP is contacted, and the LiveUpdate files are downloaded, was modified to resolve this issue.
 
Replication failure due to Primary Key Violation.
Fix ID: 1958237
Symptom: The SEPM logs display an error "java.sql.BatchUpdateException: Violation of PRIMARY KEY constraint 'PK_SEM_COMPUTER'. Cannot insert duplicate key in object 'dbo.SEM_COMPUTER'".
Solution: If the insert statement batch fails, SEPM will now catch the primary key violation exception and execute the statement one by one to make sure all data is inserted or updated to the database.
 
Under certain conditions SEP or SPA (Symantec Protection Agent) will confuse a packet to VPN server as a packet to SEPM.
Fix ID: 1960378
Symptom: The SEP client may show the IP address of the VPN server as the management server.
Solution: The SEP client was updated to only treat packets from SEP processes as traffic to SEPM.
 
A user can save a default filter to the database, but the default filter value is empty when re-opening the command status details.
Fix ID: 1965510
Symptom: A user can save a default filter to the database, but the default filter value is empty when re-opening the command status details.
Solution: SEPM was updated to properly save and display the filter
 
Firewall rule using the IBM Mobility 6.1.1
VPN adapter selected cannot be saved.
Fix ID: 1973279
Symptom: Firewall rule using the IBM Mobility 6.1.1
VPN adapter selected cannot be saved.
Solution: The SEP client was modified to use the NIC name as the network connection name if it is empty
 
PTP (Proactive Threat Protection) definitions fail to update, and PTP does not start.
Fix ID: 1974386
Symptom: After upgrading SAV 10.1 MR7 to SEP 11, clients may not update PTP definitions
Solution: SEPM was updated to make startup registration more robust.
 
When extracting ZIP files across a share with Network Threat Protection installed, a hang may occur
Fix ID: 1980383
Symptom: When extracting ZIP files across a share with Network Threat Protection installed, a hang may occur
Solution: NTP (Network Threat Protection) was updated to resolve the hang
 
Automatic upgrade to RU6 does not maintain existing configuration for install features.
Fix ID: 1984339
Symptom: Automatic upgrade to RU6 does not maintain existing configuration for install features.
Solution: SEPM was modified to skip rebuilding of the features when a package is imported from the SEP folder
 
Data mismatch between drilled down reports for "Still infected" and Quick Reports/Comprehensive Risk Report.
Fix ID: 1990019
Symptom: Data mismatch between drilled down reports for "Still infected" and Quick Reports/Comprehensive Risk Report.
Solution: SQL queries in SEPM were updated to provide a better match between reports.
 
 
Reports are not sent at expected frequency when configured for once a month.
Fix ID: 1996289
Symptom: Scheduled reports are generated and sent every 30 days rather than once a month.
Solution: SEPM monthly reports were updated to generated the same numeric day that the report was generated unless the numeric day does not exist this month, in which case the report is sent on the last day of this month.
 
LiveUpdate default retry interval does not work after installing SEPM.
Fix ID: 1999871
Symptom: LiveUpdate default retry interval does not work after installing SEPM.
Solution: SEPM was updated to properly set the defaults upon a fresh install.
 
Unable to apply Windows XP Service Pack 3 to SP2 machine with PTP (Proactive Threat Protection) installed.
Fix ID: 2000953
Symptom: Service Pack 3 logs show errors that a number of files are in use by another application. The issue does not occur when PTP is not installed.
Solution: Proactive Threat Protection was updated to allow SP3 to be installed
 
Server does not receive scan logs from a computer in user-control mode that does not have a user logged in.
Fix ID: 2003472
Symptom: SEPM does not receive scan logs from a computer in user-control mode that does not have a user logged in.
Solution: The SEP client was modified to cache the last user name and logon domain.  If no user is logged in, then this information is used to respond to the registration request.
 
Faulting application COH32.exe, version 6.1.9.44, faulting module COH32.exe, version 6.1.9.44.
Fix ID: 2005974
Symptom: After migrating from SEP 11 MR5 to SEP 11 RU6, you may encounter SONAR errors popup every hour.
Solution: Proactive Threat Protection was update to prevent the crash and SONAR pop-up.
 
System hangs when migrating from SAV (Symantec AntiVirus) MR5 to SAV MR5 PP1.
Fix ID: 2008535
Symptom: System hangs when migrating from SAV (Symantec AntiVirus) MR5 to SAV MR5 PP1.
Solution: SEE COMMENT: Although this defect was not reported on SEP, the product was updated to build in additional check during installation when rtvscan.exe is shutting down.
 
Registry key migration from SAV 10.x to SEP 11.x does not work.
Fix ID: 2008749
Symptom: After upgrading from SAV to SEP, multithreaded scan specific registry settings are not properly migrated.
Solution: The SEP installer was updated to ensure a proper migration from SAV 10.x to SEP 11.
 
SEPM Home page "Attention needed" details do not match client properties.
Fix ID: 2009806
Symptom: On the SEPM home page, "More Details, IPS Failures" does not match client properties.
Solution: A SQL query for IPS Failures was updated to that SEPM shows the latest IPS version.
 
Computer experiences Blue Screen of Death (BSOD) referencing sysplant.sys
Fix ID: 2017143
Symptom: Computer experiences Blue Screen of Death (BSOD) referencing sysplant.sys
Solution: Application and Device Control was updated to prevent the crash.
 
LiveUpdate hangs intermittently on SEPM after Post-session processing.
Fix ID: 2029668
Symptom: LiveUpdate hangs intermittently on SEPM after Post-session processing.
Solution: SEPM LiveUpdate was updated to ensure proper freeing of resources.
 
Client search function returns more results than expected.
Fix ID: 2030356
Symptom: Client search function returns more results than expected.
Solution: A SQL query SEPM was updated to display the proper client search results.
 
SEPM is unable to export a client install package after migrating from SEP 11 RU5 to SEP 11 RU6a.
Fix ID: 2031097
Symptom: SEPM is unable to export a client install package after migrating from SEP 11 RU5 to SEP 11 RU6a.
Solution: SEPM was updated to allow the client install to be exported after migration.
 
Install packages created by limited administrator install clients register into the default group rather than specified group.
Fix ID: 2031339
Symptom: Install packages created by limited administrator install clients register into the default group rather than specified group.
Solution: SEPM was updated so that exported packages contain the preferred group information.
 
Client search function does not work when search involves more than 200 groups.
Fix ID: 2034712
Symptom: Client search function does not work when search involves more than 200 groups.
Solution: A SQL query SEPM was updated to display the proper client search results.
 
 
An unexpected UDP flood attack is reported after upgrading to RU6.
Fix ID: 2038207
Symptom: An unexpected UDP flood attack is reported after upgrading to RU6 and blocks what appears to be a legitimate internal DNS server.
Solution: SEP client was updated to verify that the DNS response packet comes from a valid DNS server.
 
After migrating SEPM to RU6, Application and Device Control is enabled on legacy clients.
Fix ID: 2039298
Symptom: Application and Device Control is enabled on legacy clients unexpectedly after migration to RU6.
Solution: SEP was updated on both client and SEPM side to ensure that both legacy clients and SEP clients receive proper settings so that Application and Device Control is not inadvertently enabled.
 
 


Network Access Control Client Enforcement Agent fixes

RSH connections fail on 64-bit windows.
Fix ID: 1927256
Symptom: On 64-bit Windows, RSH connections from 32-bit applications fail due to incompatibility with SNAC 64-bit network provider.
Solution: The SNAC network provider was corrected to be compatible with 32-bit applications on a 64-bit operating system.
 
 
 


Enforcer Changes

Connection dropped due to un-required DHCP renew.
Fix ID: 2028160
Symptom: With 802.1x enabled, the client sends an attempt to re-authenticate after a successful windows dot1x authentication resulting in a DHCP release/renew attempt.
Solution: The VLAN change detection was improved to avoid dot1x re-authentication.
 
SNAC client randomly disconnects with UID INVALID on enforcer.
Fix ID: 2068439
Symptom: Enforcer receives two Radius authentication packets in a single authentication session.
Solution: SNAC was updated to only decode the first request when the Enforcer encounters multiple authentication packets in a single session
 
Gateway Enforcer NIC will randomly go down for 30 seconds.
Fix ID: 2029614
Symptom: On Gateway Enforcer with fail open enabled, the NIC driver is periodically queried for the product ID. The return value is not always valid causing the NIC to go down.
Solution: The unnecessary query to NIC driver for product ID was removed.  Gateway Enforcer was changed to obtain and validate product ID only during startup.
 
Syslog shows incorrect HI status
Fix ID: 1987889
Symptom: "Permit access" is not displayed in syslog even though HI passes.
Solution: Corrected how client and enforcer types are differentiated when displaying logs.
 
MAB request from 3COM switch is not supported
Fix ID: 1967503
Symptom: The MAC address bypass feature of the LAN Enforcer does not work with 3COM switch.
Solution: Added support for 3COM switch with MAB enabled.
 
 


Symantec Endpoint Protection for Macintosh

Managed clients fail to display management information after a period of time
Fix ID: 2075100
Symptom: Managed SEP Mac clients stop displaying management information after event re-writes the SymantecRegistry.xml file to zero-byte size.
Solution: Added functionality to remediate the SymantecRegistry.xml when the file is corrupt or missing.
 
 

Components

Windows components


Component
Version
Symantec Endpoint Protection 11.0.6100
Symantec Network Access Control 11.0.6100
Auto-Protect 10.3.3.4
Avengine 20101.1.0.89
Behavior Blocking 3.5.1.4
ccEraser 2007.0.1.6
COH 6.1.11.13
Common Client 106.5.2.003
DecABI 1.2.5.130
Defutils 4.1.3.2
ECOM 61.3.0.17
VxMS (MS Light) 5.2.0.4
LiveUpdate 3.3.0.96
LiveUpdateAdmin 2.2.2.9
Microdefs 2.7.0.13
QServer 3.6.43
WpsHelper 12.1.0.20
SyKnAppS 3.0.3.3
SymEvent 12.8.3.23
SymNetDrv 7.2.5.9
Teefer2 11.0.5708.18

 


 
Macintosh components


Component
Version
Symantec Endpoint Protection for Macintosh 11.0.6100
LiveUpdate 5.1.2.22
Symantec Scheduler 4.0.3.9
SymProtector 1.0.5
Symantec QuickMenu 2.1.1.5
SymSharedFrameworks 2.3.0.15
Symantec Uninstaller 2.0.23

 

check out the community at www.infoblox.com/community

+3
Login to vote
Absoblogginlutely's picture

This is great news - the dwh temp files is REALLY annoying. Lets hope the installation goes smoothly. So far most of my 11.0.6 installs have required at least one repair/reinstall after the software is initially installed and about 3 hours of troubleshooting with Tech Support PER install. The 11.0.6 console has much better reporting functions - the fact that I can now show all clients in one screen and then click sort as opposed to only sorting the clients that are currently shown on the screen is a big bonus - but that does make the console run a LOT slower.

+1
Login to vote
Symanticus's picture

yes please, when can we get this software update from Fileconnect ?

/* Infrastructure Support Engineer */

+1
Login to vote
ShadowsPapa's picture

no kidding - we need this BADLY - I see 2 or 3 possible fixes in it for us, some critical.
why do gov't agencies have to wait until after others have it
(besides being a TA LOL ;-) )

+1
Login to vote
iamadmin's picture

Hi Paul,

Regarding the DoScan enhancements:

"DoScan has been enhanced to now give the ability to runs scans on a single file, a specific folder, sets of folders, drives, sets of drives or a combination..."

Are 64bit OSes now supported too?

Thanks,

-Mike

+1
Login to vote
P_K_'s picture

SEP RU6MP1 is  available for download on the Fileconnect website.
It can be downloaded from https://fileconnect.symantec.com/

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

+1
Login to vote
ShadowsPapa's picture

No it's not.
LOOK, this is frustrating as &%$@ - everyone gets it but we GOVERNMENT folks and TAs.
whatever happened to the promise of TAs seeing things first?????????????????????????
we need this and I'm going into the hospital for surgery in a few days and will be off for a while.
so while folks get this, we don't and as a TA I'm supposed to know the code and products to work with and help folks - but we're among the very last to even see it?????

AS ALWAYS, I have to come here and find out this stuff like everyone else, no notices,. no email, no PMs, no nothing, and then have to be the last to get it.
I go through this same things month after month, release after release - nothing changes or improves as far as TAs having any knowledge.......................
WOW, do I miss the old days in the 90s when the volunteer help was themselves helped so they could help better.

here's a sample of what's there - and NOT there:

 
 
  File Name File Version Operating System File Type Size (KB) Product Description Date of Posting SHA-1
IT_Analytics_7.0_SEP_Management_Pack_Trial_License.zip 7.0 Windows Base Product 1674 Altiris Analytics 02-Aug-2010 SHA-1
Symantec_Workflow_7.0_Trial_License.zip 7.0 Windows Base Product 5689 Symantec Workflow 02-Aug-2010 SHA-1
Symantec_Network_Access_Control_SE_11.0.6_MP1_AllWin_EN.zip 11.0.6 MP1 Windows Inline Update 401624926 Network Access Control 28-Jul-2010 SHA-1
Symantec_Endpoint_Protection_11.0.6_MP1_Xplat_EN_DVD.zip 11.0.6 MP1 Multi-Platform Inline Update 1239331177 Endpoint Protection 28-Jul-2010 SHA-1
Symantec_Mail_Security_Domino_8.0.6.131_Win32_IN.exe 8.0.6 Windows Base Product + Inline Update 218638848 Mail Security for Domino 22-Jul-2010 SHA-1
Symantec_Mail_Security_Domino_8.0.6.131_Win64_IN.exe 8.0.6 Windows Base Product + Inline Update 118342656 Mail Security for Domino 22-Jul-2010 SHA-1
Symantec_AntiVirus_for_Linux_1.0.10_EN.zip 1.0.10 Linux Base Product + Inline Update 552741237 AntiVirus for Linux 16-Jul-2010 SHA-

 

+2
Login to vote
Absoblogginlutely's picture

Nice to see that the file size to download is still 1.2 TB in size ;-)
Additionally your screenshot actually shows the download - "Symantec_Endpoint_Protection_11.0.6_MP1_Xplat_EN_DVD.zip"

Having said that it also shows the file as being posted 7/28 which was a bit sooner than the posting saying this file was coming. Seeing as though the filesize is also completely wrong i doubt the date is correct either.

+1
Login to vote
ShadowsPapa's picture

so do I spend 30+ minutes attempting 2 get this thing that's probably all wrong anyway? can't trust 'em to get a file posting corrct - do I trust the file????

+1
Login to vote
iamadmin's picture

But isn't this it?

Symantec_Endpoint_Protection_11.0.6_MP1_Xplat_EN_DVD.zip 11.0.6 MP1 Multi-Platform Inline Update 1239331177 Endpoint Protection 28-Jul-2010 SHA-1

Weird date...but hey, who's perfect.

:-)

-Mike

+1
Login to vote
ShadowsPapa's picture

I check the dates last night b4 leaving (at 4:30 cdt) and there wasn't anything with mp1 there  - so, it was "inserted" after 4:30 our time and not uploaded at that date.
It wasn't in the list ladt night in other words - there was nothing since early july, then it jumped to aug 2.
so - someone faked that date - geesh- why?
It was certainly NOT posted the 28th - I've been checking several times a day 4 2 or 3 days now.  NO way it's been there 4 3 weeks now.

+1
Login to vote
Absoblogginlutely's picture

Sorry Shadowspapa, but your screenshot you posted above shows the download - 4th one down

+1
Login to vote
ShadowsPapa's picture

frankly with the screwed up date and size - not sure I'd trust it!

How can a brand new file be posted b4 it was created?

+1
Login to vote
ShadowsPapa's picture

update - this "patch" or new version actually rolled out VERY quickly via assigned package and with few failures, and so far, no choking of the networks like RU6/6a did last time.
The process via package assigned to a group is as fast as I've ever seen.
the sepm upgrade was quick and clean.
the console is still quite slow.......  ;-)  but so far, the process of getting it out there is nice. Great since I'm not able to type and use a mouse for a few weeks.............

+1
Login to vote
Jedi_B's picture

Yes, i was annoyed there was no mailshot for this MR.

MCSA 2003. MCP.MCTS.MCITP. Symantec Certified Specialist.

+1
Login to vote
Mahesh Roja's picture

Thanks for the Update

If this Info helps to resolve the issue please Mark as Solution

Thanks

+1
Login to vote
Absoblogginlutely's picture

Just a note from the full release notes at http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007121216360648
Symantec Endpoint Protection RU6 MP1 (11.0.6100) provides fixes since the release of RU6 and RU6a. This maintenance patch cannot be installed over any versions of Symantec Endpoint Protection or Symantec Endpoint Protection Manager prior to RU6. It must be installed over RU6 or RU6a.

I only read the release notes at the top of this post which didn't mention the prerequisites. The fact that this is yet another 1.3gb download also implies this is a full release and not a maintenance patch. The fact that the software upgrades older versions and even shows the old version number also implies this is a full release.

However you may have issues if you upgrade older versions without upgrading to 11.06 first. I have one server that now hangs on accessing the console (which to be honest is not that unusual) after upgrading from 11.0.5 - I had not got round to upgrading to 11.0.6 at this particular location- especially as a lot of the bugs had still not been fixed. Now that a lot of them are apparently fixed I downloaded the maintenenance patch, installed (as there were no program warmings that this was not recommended) and now have a borked install :-(

How hard is it to put a pre-requisite check in to see if 11.0.6 is already installed???
And 2.6GB for an upgrade with two installs??? Do Symantec really think we have nothing better to do than sit around waiting for downloads and installs to occur?

+2
Login to vote
cna training's picture

Thanks for this update.  Will get the word out with our network.


CNA Training
, CNA Certification and CNA Online Information & Resources

+1
Login to vote
dk01's picture

Good update

______________

data protection

+1
Login to vote