Afternoon,
At my company we have a SEPm infrastructure configured with two SEPm servers and just over 1000 SEP client endpoints. We are required to upgrade our clients from 11.0.X to 12.1.X now that support for 11.X is ending soon. We've had it long before I joined the company and I'm trying to fix some issues we've been having.
We've been doing some testing over the last 3-6 months and keep running into problems with how the 12.1.X SEP client is handling WMI traffic, specifically relating to the Microsoft volume activation management tool (VAMT) and a few other monitoring type client applications.
Our SEPm is the latest version (12.1.4a) and the majority of our clients are on 11.0.5. We have upgraded a select test group to all releases of 12.1 to test (at different times), but each has had the same issue.
If the endpoint is running 11.0.X, we have no issue with the VAMT (or any WMI query for that matter), but as soon as we replace SEP with 12.1.X, WMI traffic seems to be blocked. If we un install it and revert to the previous version, WMI behaves as we expect.
We have NTP installed on the endpoints, but the firewall is disabled globally (purely by no enforced firewall policy from SEPm). So, theoretically, the firewall should not be blocking anything; but our experience is saying otherwise.
This is an issue blocking our client upgrade because we use WMI for numerous things on all our endpoints (desktops, laptops and servers). Any help anyone can provide will be greatly appreciated.
Trent.