Question for Henri

Hi

I am interested in knowing what the Symantec team is doing to improve startup time. Sometimes it can take over 10-12 mins for my laptop to reboot.

Many thanks, 

CSU

Hello, I have 2 qestions.

- What is the status of integrating a single (or 2) SEPM server(s) in order to have control for both a MAC world and PC world?  Using something like an integrated to AD Mac Server for example over LDAP and the ability to deploy and configure both, including End-Point protection over the MACs.

- Do we have an ETA as to when the "final build" for a x64 world will be completed, integrating all the aspects of x86?

Thank you.

Connectivity between Liveupdate, SEPM and clients is very poor.  Compared to NAV 10.x and before I'm always working on getting a client to communicate with SEPM, and still don't have the level of success that I'd say I'm finally comfortable with it working.  Looking at these forums, that's a majority of the problems we have.

What's being done to get this program back to the level of quality that previous versions were at and when do we finally expect to have that program?  I feel that we keep adding maintenance releases, and the product is just not right.  Livestate went through this process, they ended up giving up on that and changing it to BESR which is not as easy of a product to work with like it's predecessor.    SEPM's interface is much more difficult to get the answers to the questions that you have such as versions of virus sigs on on all of the computers.  There's no table.  You have to run reports and scroll and page next trying to audit the clients.

There's no simple dashboard of client info.  It's all tabbed or in menus.   I know that SEPM does a lot more, but at this point I'm just trying to get Antivirus and Spyware parts working before anything else is added.

This program like many should be a "install and forget, and let me know when there's an exception" type of system, but instead it requires constant monitoring.

Why is it so difficult to find the special tools to clean off Symantec programs, often having to get support involved in order to download the programs.  I work nights, there is no support and email is another poor solution.  Just make them available.  Better yet, why not just have the programs get removed when you removed them from  "Add or Remove Programs"?

Hi!

I want to know when you have a SEP11 client for Linux systems.

/Fredrik

I have 2 questions:

- What steps are being taken to improve performance?  SEP11 seems very bloated, boot time is increased ALOT by having it on the system, and the program takes up far too much RAM and CPU.  See NOD32 for how much resources an AV client should use....

- What steps are being taken to increase performance in a virtual environment?

There are serious issues installing SEP on to terminal servers, how soon can we expect a resolution?

The interaction between SEP and Backup Exec, even the newest version is not optimal, is there a plan to make these two Symantec products get along a little better?

Why is Novell Netware being ignored in SEP 11 products?

Will SEP ever have scanning capabilities inside of GroupWise?

This isn't a Microsoft only world anymore. When can we expect Symantec to bring management of Windows, Linux, and Mac OS to a single management console?

What is on the roadmap for Group Update Provider (GUP) support in SEP?  When can we expect to see expanded functionality in this area?

These are my questions:

1) What is roadmap of Proactive protection in SEP? Current implimentation is a mess and Symantec are far beyond other competitions such as NOD32 and Kaspersky and Avira

2) What is roadmap of Device Control? Currently we can only enable/disable a device, are there any more options to come?

3) Symantec still lacks good interface and reporting in comparison with others (even Microsoft), is it going to change? Specially using slow PHP pages for reports are frustrating.

Hi,

My questions are about:

-Terminal Server and CITRIX too, because i can't install SEP on theses servers (just NAV 10.1.5).

-The administration's interface too (very heavy for poor fonctions)(an exemple: if you wan't to know wich computer has an older version of SEP, you can't).

 Regards,

Siegfried

Is it still planned that Linux and Mac clients for SEP will be available *and* managed from SEPM?

Can GUP be extended to run on Linux clients and servers as well as Windows clients?  Even better, it would be good to see SEPM servers that can run on Linux.  But GUP running on Linux would be a wonderful stop-gap until then.

Finally, there has been recent Symantec news that its consumer products have been revamped to be faster than ever.  I found it strange that this approach was not begun with Symantec's corporate products.  When can we expect this "faster" tech to be incorporated into SEP?

Thanks for the opportunity, here you go:

1) Could you develop a "learning mode" such that setting up SEP firewall rules for our enterprise would be as easy as using Zone Alarm's firweall?

2) Is Endpoint Encryption management being folded into SEPM? If so, when?

3) When will Symantec AV for Exchange be manageable by SEPM?

4) I'm signed up for the SEP bulletins but all I get are notices that there's a new version of SEP Intrusion Detection signatures.  Can you add some more useful content? It sounds like this forthcoming video Q&A feature is a step in the right direction (please link to it in the bulletin!)...

1)I find the reporting piece to be very confusing.  For instance there is a report that advises on the different Definitions throughout the organization, but it doesn't allow me to narrow down on machines that might not be updating. 

2)Reporting data mis-match.  For instance, under Security Status, it might tell me I have 387 out of 400 computers with up to date definitions.  However on the Virus Definition Distribution report (main screen) the numbers it displays are always lower....quite lower.  Not sure why??

3)Management Console.  Wondering if thought is being given to creating an IIS version of this console that does not use Java??  Using a .NET Framework would be much more efficient. 

My question is:

Why virus definition on client can't update after we use System lockdown.

Thank you

1)  When will SEPM on Server 2008 be supported?

2)  One of the concerns we have is the significant processor/memory usage of the various SEP components on clients.  Specifically, rtvscan, smc and smcgui always seem to be consuming farily significant amounts of RAM/CPU cycles even when they are not doing anything.  In the case of rtvscan it is somewhat understandable, but some of the other components should really be "toned down" a bit.

Hi,

Is there any RoadMap for Endpoitn Encrytion feature getting added in SEP...? If yes then when it is expected and which version of SEP it would be...

The SYmantec System Center Console dashboard was excellent as compare to current SEP. In SSC in a single glance we were able to notice the machines which are infected with virus, we can easily see the versions of the SAV client machines. We can easily locate the definition date as well as the machines wihch are having old definition and machines which are not getting updated with the latest definition.

Here in SEP we need to Either goto Monitor or Report for the same which indeed is a very complex and time consuming.

Also I've seen that Kaspersky Antivirus scan engine is tooo good as compare to Symantec. Most of the Autorun.inf viruses easliy get detected and cleaned/delete by KAV as compare to symantec. If Symantec have release SEP, it must hve good and powerfll scan engine which must detect such viruses/worms.

Rgrds,

SAM

1. Another vote for integrating management of Mac and Linux clients into SEPM console

2. The ability to push SEP client or upgrade immediately by right clicking on single or multiple clients in SEPM console instead of having to use discovery utility would be nice for the helpdesk

3. I am sure there is no way this will change, but why didn’t Symantec at least offer the ability to see if a client in SEPM is running a legacy version.  We don’t care if we can’t manage it, but knowing it is outdated is kind of important don’t you think.  Probably not a problem for SMB but distributed enterprise is VERY painful

X64 !! Endpoint is not functioning correctly on X64 systems. The most eye catching bug being that no on demand folder or file scan is possible. There is no rightclick option "scan for virusses" in the Windows explorer of an 64 bit Windows system. This is the case on all the 64 bit Windows systems, wether servers or clients.

All,

I'd like to echo Hutch's comments, but emphasize especially item #3. I see a lot of references from folks like Murgatroyd in here that Symantec are going to move from a hybrid IIS/tomcat model to a pure tomcat installation because"...it's too hard to program for (the security model in???) IIS7...". So, because it's 'hard', we're going to be saddled with a slow, kludgy, crashy interface? Please - the last couple of iterations of the SAV 10.1.n console were WAY better than this.

I do, however, really appreciate the additional info and reporting options - when I can find them. :)

Loel

This is a great forum for getting input and I've been encouraged since the forums were started...unfiltered raw data...it's great.  It's even better that engineering is engaging in the volume of real world experience that's available here. My question extends this interaction...and it's a question that I get from my customers repeatedly:  What is Symantec doing to engage it largest customers to get truly strategic feedback regarding the direction of the product.  I work with clients that range from 10k users to well over 100k...and they do not consider it acceptable to submit their feedback via an online 'enhancement request'. 

SEP 11 gives us many things we wanted...and as a professional consultant that has worked with SAV since 7.x...it's headed in the right direction.  I would patently disagree with anyone that suggests the SSC was better than the new interface.  I encourage people to utilize notifications and reports to gather the information they need on a daily basis to help them 'target' where they need to go once in the console.  The 'Clients' tab is for managing the configuration of your environment...once your learn how to effectively utilize reports-->monitors-->logs you should not be hitting that clients tab.  With that in mind...serious efforts need to continue to ease the availability of the information through the Reports and Monitors tabs.  It's not intuitive...the data is there...but it's hard to find. 

In my opinion, the 'migration utility' should never have been released.  It PUNISHES large environments and Admins that haven't taken the time to learn the capabilities and intricacies of the product.  I had one customer that 'migrated' in over 100 groups which resulted in 100 policies for each type of policy and needless to say the performance was atrocious.  And the reality was they only needed 2 AV policies...but wound up with 98 extra.  I've encouraged every customer to rethink their approach to AV...and abandon old philosophies as the new functionality offers capabilities that I don't think the majority of folks understand.  The migration wizard encourages people to think of this as an 'upgrade' and not as the deployment of what is essentially a whole new product. 

Engage your partners and field force.  We're working with this stuff in production environments every single day...and facing the wrath of 'our' customers...and I lump you guys into that 'our'...as they are your customers and they are my customers…and we both represent Symantec.  I have personally tried to reach out to the SEP team several times and I'm willing to commit personal time and resources to the effort...but I have not received any response. 

Finally…strong consideration should be given to creating a version of SEP that caters to the small to mid market.  Many of the complaints that I’ve followed on the board related to usability are from folks that don’t have the time to dedicate to understanding the depth and capabilities that are available within SEP…and ultimately configure it in a less than ‘optimum’ manner.  It’s not as ‘simple’ as some of the competitors, and these guys pay the price.  Once I’ve finished working customers through a ‘modernized’ SEP design…I have not had one customer ask for the ‘simplicity’ back.  The simplicity of the new version is achieved through elegant design that is only possible due to the complexities.  So personally I think the strategic direction of the product is spot on.

I lied…final request: Performance.

What are you doing about system performance? 

After installing your product we noticed a significant decrease in system performance.  We are finding that our old systems can now outperform our new systems.  When I say old systems I mean old.. 486, and 386 systems.  New systems are Duel Core Processors with 2 and 4 gig of ram; running XP SP3. 

You have to wonder; if the cure is worse than the disease maybe we need to remove the cure. 

I'm not trying to be difficult, just pointing out a problem that Symantec seems to ignore.  I have been using and recommending Symantec products for 10 or more years now and I have to say I'm finding it more and more difficult to defend my position as it pertains to Symantecs anti virus and protection software and systems.  The game is performance and it looks like your loosing the battle.  Please fix the performance problems before you loose the war.

Though I've already commented on this thread I want to second the thought made a couple of posts ago about offering a better forum for customers.  CipherTrust (now secure Computing) is great at this-- regional user group meetings for peer networking, roadmap discussions, and direct feedback to the powers that be about the relevant products.

  I too am pleased with the direction of SEP but feel that Symantec and customers could benefit from better collaboration.

Bill_K wrote:

Though I've already commented on this thread I want to second the thought made a couple of posts ago about offering a better forum for customers.  CipherTrust (now secure Computing) is great at this-- regional user group meetings for peer networking, roadmap discussions, and direct feedback to the powers that be about the relevant products.

  I too am pleased with the direction of SEP but feel that Symantec and customers could benefit from better collaboration.

Bill_K wrote:

Though I've already commented on this thread I want to second the thought made a couple of posts ago about offering a better forum for customers.  CipherTrust (now secure Computing) is great at this-- regional user group meetings for peer networking, roadmap discussions, and direct feedback to the powers that be about the relevant products.

  I too am pleased with the direction of SEP but feel that Symantec and customers could benefit from better collaboration.

Hello Bill,

I totally agree with you.  Symantec is working towards growing our forum community.  We have lots of idea in the works but welcome all suggests about how to build a more active, vibrant, collaborative community. Please feel free to PM me with all your suggestions.

What steps are being done to improve the performance foot print of this product?

What is the roadmap especially relating to version control, right now the MR's and MP are coming faster than we can test them and apply them.

AMoss,

Re: "...I would patently disagree with anyone that suggests the SSC was better than the new interface...":

I take your point about information that WAS in a single pane NOW being in Reports and Monitors and the breadth of info being much greater, but my comments (can't speak for others) about the SSC being better have mostly to do with speed and stability, and preferring that Symantec steer away from the Java stuff.

Still, there should be better tools for customizing the UI - it's just too confusing getting to a place where you can see status and immediately take an action, per client computer.

Just my 25 cents or so.

(OBTW - I have a small-to-medium sized environment - 2200 seats mainly on three campuses at a university. The total count including other colleges and student comps is about 30,000 seats in 15-20 semi-autonomous units.)

Loel

A) Would be nice to get away from Java for console, however platform portability would get lost.

B) I would like to see an option for exporting policies in "english". This would help with documentation on large deployments.

C) Better application white listing capability. Like it or not this is where the world is heading at the moment. Days of lazy IT practices may soon be at an end.

Helen,

  Any update on the video presentation mentioned at the start of this thread?  BTW I'd love to see videos (or Captivate demonstrations) of on how to get more out of SEP(M) along the lines of the "NAV10 vs SEP11" page.  For example, I was recently having issues getting an application control policy working to stop folks from installing Chrome.  I'm probably missing something obvious and just haven't had the bandwidth to call tech support...

- Bill

@ Got Root?

Re: A) Java s***s - at least implented this way in SEPM, if you have a chance check ePO 4 from McAfee - It's fully web based - no Java required and it's designed in far more intuitive way than SEPM

B) Agree - At the moment there is a Tool called SPAViewer that allows you to check firewall policy on the client.

I would like to know what is being done about the product quality.  Every MR and MP has had significant issues new to that release.  I will grant that the product is getting better, but the level of issues that continue to persist are still a concern to me.  EndPoint STILL does not look like a finished product.

As an example, there's an issue regarding fresh installs of MR3 and before.  This is not some strange precondition, it is a CLEAN install!  How hard can this be to test?

Perhaps the product is too complex to operate successfully on such a broad base of configurations?  Whatever the problem, it needs to be fixed.

Thanks,

Greg

I just wanted to jump in the middle of this conversation and thank all of you for your feedback.  The SEP team has been following this thread closely and it has generated good discussion among our product managers and will certainly contribute to the future direction of SEP. 

Some of you may have already seen that we posed the first set of questions to our product development team a few weeks back and posted a video.  Click here to go to our video section and see the results.  Since we realized that many of the questions were addressed with MR3, much of the video also talks about the changes we made in the latest release.

Stay tuned for additional video responses to this thread and keep the questions coming!

.peter

STN Community Manager

Client performance is a big issue with us.  The product reliability has improved and we are grateful. On the general scale I would love to see better drill down capacity in the management console.  I can pull a report that tells me how many clients are not updating to the newest build, but I can't get a list of who those clients are.  I can see a list of infected machines, but I can't see a breakdown of infections by type.  I.E.. Machines 1-10 all have the same type malware.

Proactive threat protection needs a serious jolt in the arm.  I've had to rebuild 13 machines in the last two weeks, most of which had SEP11 MR3 in good working order.  I know the smitfraud family of malware is being aggressively developed, but I don't have time to keep rebuilding workstations.  PTP is supposed to be the cure for what ails me and its not doing it.

We have an issue where the Network Threat Protection breaks our SafeNet based VPN solution.  Supports fix is to upgrade to 10.8.3+.  We OEM the code and only have access to the 10.7.x code base.  Support has told me that engineering will likely not consider the issue as its fixed by SafeNet.  I would counter that not only is my company and all its customers affected, so are the customers of several other Safenet OEM partners.  The cost to move up in the codebase is enormous, about $120 per seat.  This bug has stalled our migration from Proventia Desktop to SEP until we get a resolution. (case 312-029-945)

Hi There,

I'd really like the the Status Summary pane on the main window to update properly even if i have to click refresh.

Mine currently shows tamper protectiuon off, Auto-protect off and 2 notifications but if i click on these it says 'Nothing to report'.

It seems the whole page doesn't auto-update. Is this a problem with the Java part of the interface?

Cheers,

Rob