Endpoint Protection Small Business Edition

 View Only
  • 1.  Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Aug 20, 2010 06:26 PM

    I just started a new job about 2 months ago as more or less their I.T. guy.

    I know very little about security software, but as luck would have it I am now in control of a Windows 2003 SP2 server that has SEPM Version 11.0.1000.1375.

    Oh man, where to start?

    1. Do I need to update to a newer version of SEPM?

    2. The virus definitions on here don't look like they've updated since the beginning of January. So I'm not sure how or why this stopped working properly.

    3. Do I need to download and install this "LiveUpdate Administrator" program to be able to update the server side? (LUAESD.exe)

    4. I've read until my eyes bled today trying to figure this out on my own with no success.

    - It looks like it is communicating with the client machines just fine, but looks like live update is disabled for the clients.
    - There's no proxy servers involved. Nothing set for proxy servers addresses.
    - Under the Site Properties for the Local Site (Site HOSTNAME), under Edit Source Servers, it is set to use a specified internal LiveUpdate server. It has the proper hostname specified and the address is that of the server that SEPM is loaded on with port 9090 specified on the end of the IP address.
    - If I click on "Download LiveUpdate Content" it gives me the message, "An unexpected exception has occured [Site: Site HOSTNAME] [Server: HOSTNAME]" over and over and over.....

    Services:

    - IIS is started and running.
    - LiveUpdate services was not running when I originally checked it, but did start it manually, but has made no difference since being enabled.
    - Symantec Embedded Database, started
    - Symantec Endpoint Protection, started
    - Symantec Endpoint Protection Manager, started
    - Symantec Event Manager, started
    - Symantec Management Client, started
    - Symantec Network Access Control, set to manual, no running
    - Symantec Settings Manager, started

    LUALL.EXE says it finished running through SEPM. Then states LiveUpdate failed then goes back to repeating an unexpected exception has occured.

    I did some reading in some of the other threads and went straight to the liveupdate directory and ran LUALL.EXE from there and it definitely starts up running it that way, but says it is connecting to the liveupdate servers, but never gets any farther than that.

    Based off of what I've read in other threads, I've tried to provide some necessary information.

    Any first steps in the right direction would make me rest a lot better.

    Thank  you in advance.

    P.J.
     




    I had to run the .bat file to reset the password and when i log into SEPM it is pointed as localhost:8443



  • 2.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Aug 21, 2010 01:19 AM
    <<<<Under the Site Properties for the Local Site (Site HOSTNAME), under Edit Source Servers, it is set to use a specified internal LiveUpdate server. It has the proper hostname specified and the address is that of the server that SEPM is loaded on with port 9090 specified on the end of the IP address.>>>>>>

     This should be the problem.Here you select use default symantec live update server.(this configuration tells the SEPM from were it has to download the updates.). After doing this select Admin--->servers--->local site and click on download liveupdate content.


    --------------------------------------------------------------------------------------------------------
     11.0.1000.1375. is a very old version which is having tones of bugs.it is recommendable to upgrade your SEPM to Ru6
    Migrating to Symantec Endpoint Protection 11.0 RU6

    You can download it from https://fileconnect.symantec.com


  • 3.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Aug 21, 2010 01:39 AM
    Aravind, 

    I had a feeling it was something simple. I will try going in on my day off tomorrow and making that suggested change and see if it gets me anywhere.

    Thanks for such a quick response.

    P.J.


  • 4.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Aug 21, 2010 03:06 PM
    Your SEPM version is very old upgrade it to RU6 MP1
    It will resolve most of your issues.


  • 5.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Aug 21, 2010 03:53 PM
    Aravind,

    I made the change you suggested and it started up LiveUpdate just fine, but it still gives me the message, "An unexpected exception has occured." over and over.

    Vikram,

    I figured this was an extremely old version. After I post this I'm going to see if I can figure out how to update this, but if you could possibly shoot me a link to where that update file is, I would be extremely grateful. I'm at the office on a Saturday right now trying to get this cleared up.

    Thanks again to both of you.

    P.J.


  • 6.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Aug 21, 2010 04:45 PM
    https://fileconnect.symantec.com

    however you'll need a Serial number for this that would be something M0987654321 type.

    It would be in the email from symantec licensing or if the previous IT guy has left any documentation or notes.

    If you have less number of clients then I'll suggest un-install old sepm and install Fresh SEPM


  • 7.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Sep 01, 2010 04:40 AM

    1. Do I need to update to a newer version of SEPM?
    -- Yes from https://fileconnect.symantec.com but for that you need a serial number which would start with Mxxxxxxxxxx.

    2. The virus definitions on here don't look like they've updated since the beginning of January. So I'm not sure how or why this stopped working properly.
    -- There could be several reasons like client failed to connect to the SEPM server to get the updates or the virus definitions got corrupted, etc... Once you upgrade to the latest verision it should fix the issue.

    3. Do I need to download and install this "LiveUpdate Administrator" program to be able to update the server side? (LUAESD.exe)
    -- No. If the SEPM server can connect to the internet there is no point installing LUA on the same server.

    4. I've read until my eyes bled today trying to figure this out on my own with no success.
    -- You should've posted this before or have called Symantec Support :-).

    5. It looks like it is communicating with the client machines just fine, but looks like live update is disabled for the clients.
    -- Thats normal behaveiour as the default LiveUpdate policy says to disable Liveupdate button so the user cannot download it manually.

    6. There's no proxy servers involved. Nothing set for proxy servers addresses.
    -- If it would've been proxy the client would've not communicated with SEPM.

    7. Under the Site Properties for the Local Site (Site HOSTNAME), under Edit Source Servers, it is set to use a specified internal LiveUpdate server. It has the proper hostname specified and the address is that of the server that SEPM is loaded on with port 9090 specified on the end of the IP address.
    -- Please uncheck the radio button from use a specified internal Liveupdate server.

    8. If I click on "Download LiveUpdate Content" it gives me the message, "An unexpected exception has occured [Site: Site HOSTNAME] [Server: HOSTNAME]" over and over and over.....
    -- Please upgrade to SEP RU6 MP1.
     



  • 8.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Sep 08, 2010 12:21 PM
    Want to be King for a Week?  Here's your chance!  This thread is now included in our weekly Security Solutions Contest.  Solve this thread, among the others included in the contest, and you could win the weekly prize, and be crowned "King For A Week!"

    Find out more at this blog:

    https://www-secure.symantec.com/connect/blogs/security-solutions-contest-be-king-week

    Good luck everyone!

    Eric


  • 9.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Sep 09, 2010 12:12 AM
    Try by updating the SEPM server manually.Below KB can help you in this
    How to update definitions for Symantec Endpoint Protection Manager using a JDB file


  • 10.  RE: Handed a Windows 2003 server with SEPM on it that isn't working properly

    Posted Sep 10, 2010 01:39 AM
    Hi PJSkiboy,
    Can you update the status?