Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Difference between SEP & SEPM?

Created: 23 Jan 2013 • Updated: 24 Jan 2013 | 7 comments
This issue has been solved. See solution.

Hi, I am a techical support guy. I used a vulnerability manager product and it says that a system is vulnerable to SYM12-019 (http://www.symantec.com/security_response/security...). It seems to be detecting %programfiles%\SEP\CLIENT\SymCorpUI.exe.

The vulnerable system is based out of my geographical area and hence I can not confirm if this is SEP or SEPM. Based on the file name and location, it seems as if it is SEP. What is the difference between Symantec Endpoint Protection and Symantec Endpoint Protection Manager?

Is the vulnerable detection correct?

Thanks!

- M.

 

Comments 7 CommentsJump to latest comment

pete_4u2002's picture

this is SEPM (management console) vulnerability. check the affected product list from the link.

Rafeeq's picture

SEPM is the managment console and not the Antivirus software

SEP is the AV software which runs on the client.

SymcorpUI is the exe name for the Graphical interface of SEP

Ambesh_444's picture

Hi,

SEPM mean from where we can manage our sep clients like (virus definition,policy,Group).

and SEP (symantec endpoint protection) is a client base anti virus software.

 

Inshort we can say that sep managed by SEPM.

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

Metahuman's picture

Thanks all for the replies!

But, I have seen that SymCorpUI.exe is found in all Endpoint installations. This takes me to another question - what is the difference between SEPM (management console) and SEPM alone?

If the vulnerability is with SEPM (management console), how do I detect all of my installations? Do I have to look for vulnerable SymCorpUI.exe versions too?

pete_4u2002's picture

But, I have seen that SymCorpUI.exe is found in all Endpoint installations. This takes me to another question - what is the difference between SEPM (management console) and SEPM alone?

its the same. on the SEPM machine you have management console installed.

If the vulnerability is with SEPM (management console), how do I detect all of my installations? Do I have to look for vulnerable SymCorpUI.exe versions too

No, its not SymCorupUI. it will be machine where SEPM is installed. i.e. machine having PHP .

SOLUTION
Metahuman's picture

Awesome! Thanks a lot pete_4u2002. Could you please link me up with a document that I can read up more about SEPM (management console)?

pete_4u2002's picture

its nothing but a GUI , this is where all the configurations changes are made, policies are set, commands are issues for clients. Also used for reporting prupose, client status view etc.