Endpoint Protection

 View Only

  • 1.  Mitigating Post client install-reboot firewall choice for non-admins

    Posted May 17, 2013 10:54 AM

    Hello,

         We recently upgraded the SEPM server from 12.1 to 12.1.2.  Most clients are 12.1 on Windows 7 Enterprise 64-bit.  SEPM Server is a Windows 2008 Standard 64-bit.

         The auto-upgrade of clients during testing have resulted in a red alert from the Windows Action Center regading the need to choose which firewall to enable.

         Almost all of our users don't have admin rights on their PC's.  When they make this choice, it fails with an error like, "This program will not run. The program Symantec Endpoint Protection provided Windowss to fid this issue did not run." When these users are granted admin rights, they don't get this message.

       I need to do 2 things here:

    1) I need to make this choice for them -  There should/ought to be a way of setting this via the install, but I can't find one.

    2) I need to get around the end user's lack or admin rights - hopefully making the firewall choice under the install's credentials will prevent problems with admin rights.

    Any assistance is appreciated

     



  • 2.  RE: Mitigating Post client install-reboot firewall choice for non-admins

    Posted May 17, 2013 11:09 AM

    You can manage the firewall options, and whether or not the Windows Action Center notifies about the firewall, from SEP's FW policy, under Windows Integration.

    Might be worth playing around with these?

    #EDIT#

    Article on the FW -> Windows Integration options can be found below:

    http://www.symantec.com/docs/HOWTO81043

    #EDIT2#

    On a related note, if you're not using the SEP firewall (nor have the NTP component installed), then you may be experiencing the below issue:

    http://www.symantec.com/docs/TECH200415



  • 3.  RE: Mitigating Post client install-reboot firewall choice for non-admins

    Posted May 17, 2013 02:23 PM

    How many clients having the issue?



  • 4.  RE: Mitigating Post client install-reboot firewall choice for non-admins

    Posted May 17, 2013 02:32 PM

    Every client who's user isn't an admin on their PC. I do know of the firewall policy setting, but I wonder if that applies here since the install essentially uninstalls the old version when installing itself. So after the reboot I wonder if the issue is that the SEP client isn't running yet and thus the policy isn't disabling the windows firewall.

     



  • 5.  RE: Mitigating Post client install-reboot firewall choice for non-admins

    Posted May 17, 2013 02:58 PM

    Try to deploy the 12.1 RU2 MP1 client on one of the system and check the output.

    You can download it from fileconnect, below link assist you

    Latest Symantec Endpoint Protection Released - SEP 12.1 RU2 MP1

    https://www-secure.symantec.com/connect/blogs/latest-symantec-endpoint-protection-released-sep-121-ru2-mp1

    Check the below fix is related to the error which you have faced

    Installing any Symantec Endpoint Protection package without the firewall disables Windows Firewall
    Fix ID: 3063585
    Symptom:  After installing Symantec Endpoint Protection with a configuration that installs only Virus and Spyware or Proactive Threat Protection, the application still disables the Windows Firewall.
    Solution: Updated the installer conditions to properly recognize previously stored Windows Firewall states and the install or removal of Symantec Endpoint Protection firewall components.
     

    New fixes and features in Symantec Endpoint Protection 12.1 Release Update 2 Maintenance Pack 1

     

    Article:TECH204685  |  Created: 2013-04-03  |  Updated: 2013-04-24  |  Article URL http://www.symantec.com/docs/TECH204685

     



  • 6.  RE: Mitigating Post client install-reboot firewall choice for non-admins

    Posted May 20, 2013 03:43 AM

    The second article I posted (and which admin_sepm has repeated the fix ID for below) indicates RU2 attempts to make changes with the windows FW even if the FW component of SEP is not installed, and that this issues does affect upgrades.

    I suppose it is possible that it is becasue the SEP Services aren't starting.  TBH, I assumed you had already checked that.  Can you confirm if one of the FWs start after a few minutes?

    I suppose the question should first be if you use the SEP FW?  If not (as suggested by the Windows Action Centre message) then try using RU2MP1.



  • 7.  RE: Mitigating Post client install-reboot firewall choice for non-admins

    Posted Aug 06, 2013 03:16 PM

    Hello,

       1st all, I really apologize that I'm picking up this question after so long a lapse.  I'd been pulled off onto another high priority issue.  Isn't that always the case?  :)

        I see that v12.1 RU2 MP1 does list this issue as one of it's fixes. I have v12.1.2015.2015, so I don't know the correlation between this version number and 12.1 RU2 MP1.

        But it seems that this is the solution to my issue.

        I put in a few tec support calls on this and it was never mentioned that it was a known issue. UGH!

     

     

    Kevin Murphy



  • 8.  RE: Mitigating Post client install-reboot firewall choice for non-admins

    Posted Aug 07, 2013 03:46 AM

    The version you're running is 12.1RU2, to which 12.1RU2MP1 is a direct upgrade.  That said RU3 was released a while back now, might be worth upgrading to that instead:

    Fix list:
    http://www.symantec.com/docs/TECH206828

    and Upgrade info:
    http://www.symantec.com/docs/TECH206823