Endpoint Protection

 View Only

  • 1.  Identifying updated Exceptions

    Posted Aug 07, 2012 10:30 AM

    Hello,

     

    We're currently using SEP12.1 and was wondering how do we identify if/or when a client receives updated exceptions.  I know once we make a change to the overall policy, the policy number is updated.  But I do not see that or any change, in the console or on the client, when we add additional exceptions.

     

    Thanks,

    Danny



  • 2.  RE: Identifying updated Exceptions
    Best Answer

    Trusted Advisor
    Posted Aug 07, 2012 10:39 AM

    Hello,

    Check these Articles:

    How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory

    http://www.symantec.com/docs/TECH105814

    and 

     
    Hope that helps!


  • 3.  RE: Identifying updated Exceptions

    Posted Aug 07, 2012 11:18 AM

    Hi Mithun,

     

    Thanks for the quick response.  Is there anything in the console that shows if a client has the latest exclusions?  And I'm guessing that if there's a change to the exclusions list, that the clients will received them based on their heatbeat interval.  Am I correct?

     

    Thanks,

    Danny



  • 4.  RE: Identifying updated Exceptions

    Posted Aug 07, 2012 11:54 AM

    Only exceptions that were added will be shown in the console.

    Yes, when the clients check in on next heartbeat, they will receive the latest policy.

    You can verify what latest policy number is by selecting the group and clicking the Details tab. It is under Policy Serial Number.



  • 5.  RE: Identifying updated Exceptions

    Posted Aug 07, 2012 12:01 PM

    Hi Brian,

     

    I'm noticing the Policy Serial Number doesn't change when I update just exceptions.  Are you seeing differently?

     

    Thanks,

    Danny



  • 6.  RE: Identifying updated Exceptions

    Posted Aug 07, 2012 12:06 PM

    Hello pito78,

    The only way you can check if the exceptions are added to the SEP client is by checking the registrie which  Mithun has suggested.

    However from the Manager, you can only check if the client has the Latest Policy number, by which we can assume that the exceptions that you have applied in the manager has been applied to the client as well.

    --Cheers--



  • 7.  RE: Identifying updated Exceptions

    Trusted Advisor
    Posted Aug 07, 2012 12:53 PM

    Hello,

    When the Policy number does not change then restart the SEPM services or Reboot the SEPM system.

    Check this Article: 

    Policy serial numbers do not get updated/created unless the SEPM service is restarted

    http://www.symantec.com/docs/TECH173941

    Hope that helps!!



  • 8.  RE: Identifying updated Exceptions

    Posted Aug 07, 2012 12:56 PM

    Yes, the policy number does change when I edit the exceptions only. I just confirmed it in my SEPM.

     



  • 9.  RE: Identifying updated Exceptions

    Posted Aug 08, 2012 04:43 PM

    Before restarting SEPM as suggested by Mithun further below, I would say your best best is to wait 5-10 seconds and then hit the refresh button. I've seen it take that long for the policy number to be updated.