Endpoint Protection

I install SEP 11 MR4MP2 client on Windows Server 2003. Setup process was successful. After 1-2 minutes server lost all network connections. I try pinging this server, but it was unreachible.
When I restart server network works.

Last record before restart in SEP System log is "Network Threat Protection applied a new IPS library ".  I check General Settings on client group and option "Block all traffic before firewall start and until firewall stop " was disabled.

I setup SEP 11 client on another Windows Server 2003 with same configuration without any problems.

Somebody knowns about this issuer?
 

Could you please let us know what are the components of SEP is installed on the server. ( AV and AVS, PTP and NTP ) ?
If all 3 are installed uinstall NTP and PTP from the server and see if that works

Install only AV & AVS on server OS.

NTP & PTP are not recomended for Server OS.

Regards...
Ramji Iyyer

Hi,

Yes it is recommended to Install Only AV on the Servers. However, the reason why we don't recommend or we see the Proactive Threat Protection to be OFF on all the Server OS is because it's a (Behaviour) heuristics Scan. It not only Scans your file and folders on the disk, but also Scans the Temporary files in the Ram area based on their behaviour, thus impacting the performance of the system. So, the PTP is not designed for the Server's, its only for the Clients.

You may want to install Network Threat Protection on the Server's, provided the Firewall Rules are configured correctly for the Servers.
If you are running the latest release of SEP on your network, and you have NTP installed on the Server, I don't think the default Firewall policy should have a negative impact on the network.

If you are using DFS ( distributed file system) on the file server then this problem is common hence uninstall the NTP & PTP that should help you :)

hey kavin,

Would you have any information on , as in how NTP should matter if DFS is installed on the server ?

Hello Prachand.

I installed all components to server. Troubles would be only after installation. After reboot server works fine for 4 days. I dont see any troubles on this server now.

I want to use Application and Device Control functionality on our servers. What components of SEP 11 I must leave on my servers for this functionality?
 

For the application and device control to work we need all the 3  components

AV and  AVS
NTP
PTP

Hello Everyone!

So far I have not seen problem on servers if only AVAS is installed on servers operating systems, may include POP3/SMTP scanner and don't include Microsoft Outlook and Lotus Notes scanners.

SA of the server should manage shares/permissions/authentications, etc.  to better control the system.

Thank you!