Endpoint Protection

Has anyone ever encountered a situation where a company sold you End Point but failed to install the software?

Did your sales person promise to install SEP for you? Was ths an authorized Symantec reseller?

Are you tried to install it?If tried what is the problem you are facing?

Hello,

Cycletech is right, can you check it? they must to install it in your company.

Best Regards.

Fatih

Either:

a.) You bought the product as is and they just gave you the installer.

b.) They tried and failed installing.

a.) Answer to that would have to wait until you get the specifications of your SEPM server and the number of PCs and their specifications  in your domain.

b.) you can get some logs - %Winddir%\Temp\SEP_INST.LOG and share it with us

They never tried to install the sofware.

They sold us the software,  then simply never intalled the software. They said our prior version was OK. Then we were attacked by a virus which took our server down.

They sold it to us, we paid for it and they never instyalled it. Yes they are an authorized Symantec reseller.

If you had an agreement for the reseller to install the software then contact them directly. If you need to do it yourself, here are some helpful documents on getting started.

http://www.symantec.com/business/support/index?page=content&id=TECH131651&locale=en_US

Top 10 Symantec Best Practices - Deploying Symantec Endpoint Protection Architecture

http://www.symantec.com/business/support/index?page=content&id=TECH92051&locale=en_US

Symantec Endpoint Protection 11.0 Top Articles

http://www.symantec.com/business/support/index?page=content&id=TECH105322&locale=en_US

You should also make sure you are running the Security Response recommendations for Symantec Endpoint Protection settings.

http://www.symantec.com/business/support/index?page=content&id=TECH122943&locale=en_US

Best,

Thomas

They simply never installed the software. They billed us for it, we paid for it, but they simply did not install it. We asked them to, but they said our current version was working just fine. Then we were attacked by a virus. Immediatly after the attack they installed the EndPoint.

They claim not installing the software had nothing to do with us being vulnerable to attack.

The sofwware is installed now. The problem is that it was not installed and our server was attacked by a virus that EndPoint would have protected from. AFter our server came back up they immediatly installed EndPoint.

It cost us thousands to clean up the mess.

Symantec does not install the software..it must be a 3rd party who takes care of your IT Security may be..

@ Maine,

If you have not installed SEPM yet, I would recommend that you visit https:\\fileconnect.symantec.com and using your S/N on your symantec order confirmation to download the latest versions which would be in this order:

1. Symantec_Endpoint_Protection_11.0.6A_Xplat_EN_DVD.zip

2. Symantec_Endpoint_Protection_11.0.6_MP1_Xplat_EN_DVD.zip

You will need to install 11.0.6.A first as MP1 is a patch.

In these zip files under \Documentation you will find a lot of good information that will help you install it. Plus, with Connect and tech support you have some good resources, if you need help.

Good luck!

Your reseller is not responsible for the issue. Your IT department needs to be on top of your security posture.

If you are outsourcing your IT responsibilities and they are not doing a good job of maintaining your IT security then it is time to look for another IT provider.

They installed it after they cleaned up from the attack. But that's like closing the gate after the cow has already left the barn. I'm left with thousands of expenses and 4 days lost time.

I just wondered if this is common and what Symantic might have to say about this.

Yes we have a third party. Supposed to be very reputable, but did not do their job here. Now they are hiding behond the liability limitations of thier contract.

I understand your problem..however these thing Happen in IT Industry..now since you have got SEP installed and Virus under control I think you issue is no more a issues any more..If I am correct ?

We outsourced it to the copmpay that sold us the anti-virus software. We do have a new service provider now.

Yea, excpet for the damange and costs they caused, which was substantial.

The issue now is their failure to accept responsibility for not installing the software.

If you think they have failed to keep your Company secure and have not something which was essential you should probably either escalate this matter this higher authority of that company or change the vendor.

However over here Symantec is not at fault which both of us agree..

However I would like to know which Threat Infected your Company and what was the version you were using earlier ?

Because even SAV 10.1.9.9000 or SAV 10.2.2.xxx had no vulnerabilities as such.

10.1.6.6

They were also not updating the dat files, apparently.

Can I make a compliant to Symantic about them?

Unfortunately NO..Symantec is a product company..Your Vendor is a service Provider and both of them have no connection.

Whatever action you have to take you have to directly take against that Vendor.

You can question them why was SAV not at 10.1.9.9000 and when Symantec has stopped supporting SAV 10.x and Declared it EOL ( End Of Life ) Product why were they using it.

If the Definitons weren't updating that means it was out of compliance .

What SLA had you agreed with the client normally it is

95% Clients update to with definitions and 98% Clients without Virus Infection.

Even if you were using 10.1.6.600 any kind of Virus outbreak could have been handled easily if correct and timely action would have been taken.

@MainEndPointUser: As what everybody else have said. The actual respolsibility lies with your security vendor. It is their responsibility to keep your IT security systems in check. All software providers (Windows, Symantec, etc...) always recommend to have your system up-to-date with the latest patches. And based from personal experience - SAV 10 onwards do detect threats as long as the definitions are updated.

Vendors usually are members of PartnetNet, both the client and the vendor can call Symantec when problems arise (e.g. They can be your first level of escalation which then in turn calls on Symantec for help.)

When the Symantec AV failed on your system, they should have made some fixes. There are a lot of solutions available in the KB that they could've implemented.

Our company does deployments and when we fail - we keep on trying. :D

Glad you have resolved the issue. And may I suggest for your team to have a discussion with them on the following topics:

1. Deployment and update plan - both for software and definitions.

2. Disaster recovery plan - both for system failure and outbreak.

3. System monitoring.

Cheers.