Endpoint Protection

Hello

We are using Endpoint MR4 MP1a.

I have reason to suspect that Endpoint is causing problems with the Windows SBS Console and its ability to report some of the alerting information - particularly "Other Alerts". Basically whilst it does successfully query all of the workstations it takes a LONG time. The Network Essentials summary on the SBS Console times out and says "Not Available". If it helps, this problem appears to have come out of the blue but this is a concurrent theme with others that have experienced the problem - all of whom use Endpoint.

I understand from the MS SBS newsgroup that in SBS 2003 there was an exclusion list provided by Symantec that needed to be added to the Endpoint Manager. I have been unable to find anything like this for SBS 2008. Does it exist ?

Has anyone else had an issue such as this ?

Thank you

 You can use the best practise policy for SBS 2003 asthe firwall policy woill be the same except you might want to allow IPv6 and the other one that is the Centralised exception policy majorly talks about excluding SMSMSE\6.0 and Microsfot SQL so you can for which the locations will be the same.However I havent heard about specific exclusions or best practises for SBS 2008  http://www.symantec.com/business/support/endpointsecurity/migrate/SEP_SBS2003_BestPractice_PolicyFiles_MR2.zip

but my suggestion on your issue would be to use only antivirus andantispyware on the SBS2008 server and check if it improves the performance of the applications.You can also try disabling Tamper Protection is only AV/AS does not solve your issue.

I'm having the same problem with ALL SBS2008 servers I administrator.  All are running SEP 11 as well.  Checking the SBS2003 exception polies from Symantec, the SQL paths are diffrent so I suspect it won't work.  I can create them manually I quess. 

Pete

Thanks for your reply Vikram.

We are already only running the AV on the server and no other parts of Endpoint.

With regards to the SBS 2003 policies, is there a way of seeing a list of them without needing to import them ?

 Well you've got two options over here.
1. Call Symantec and ask for the Dat Viewer tool. With which you can read these policy files which are in Dat format.
2. Import the policy to the SEPM ( Just importing the policy does not affect anything Unless and UNtill you assign this policy to any group.) Just importing and not assigning the policy is as good as having no policy.
Once imported you can Read / Edit  these polcies.
Once done with that you can either assign to a test group and check or assign it to the group you want.

Thanks for your reply Vikram. Will see how it goes