Video Screencast Help

Securing SEPM report page http://SEPM-Server01:8014/Reporting/login/login.php

Created: 12 Aug 2012 • Updated: 22 Aug 2012 | 11 comments
This issue has been solved. See solution.

Hi,

I've been asked by my security team, as to why Symantec is not communicationg on protected / secure channel in my company ?

because it seems that the reporting page is using only HTTP protocol "http://SEPM-Server01:8014/Reporting/login/login.php" 

 

but when you see the above it says 443 SSL encrypted ?

Comments 11 CommentsJump to latest comment

pete_4u2002's picture

the porrt 443 mentioned is ablut the SEP and SEPM client communication not the reporting

port 443: Optional secured HTTPS communication between a SEP Manager and SEP clients and Enforcers

if you want reporting to be on secured used 8443

port 8443: HTTPS communication between a remote management console and the SEP Manager. All login information and administrative communication takes place using this secure port

check the port used by SEP

http://www.symantec.com/business/support/index?page=content&id=TECH163787

 

Dushan Gomez's picture

Thanks for the response guys,

Pete, I've tried to go to: https://SEPM-Server01:8443/Reporting/login/login.php yes it opens up SEPM Web Access and I can see the certificate error (red address bar).

does this means that the console is still encrypted ?

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP

 

Ashish-Sharma's picture

Hi,

Check this artical it may be help

Symantec Endpoint Protection 12.1: Enabling SSL Between the Manager and Clients

http://www.symantec.com/business/support/index?page=content&id=TECH162326

Thanks In Advance

Ashish Sharma

 

 

Dushan Gomez's picture

thanks guys, because changing the http into https the URL doesn't work at all.

FYI: this is using SEPM v 12.1 RU 1

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP

 

John Q.'s picture

If you use SEPM 12.1, you should have access to Reporting in HTTPS only (improvement compared to SEPM 11.0):

https://YOURSERVERNAME:8445/reporting

 

Regarding Client-Server communication, you can configure SSL as previously mentioned.

 

Please remember to mark the proper comment as SOLUTION:
 - to identify threads that do not require further assistance
 - to let other visitors know how to fix such issue

Dushan Gomez's picture

John,

I've successfully connected to the reporting page by using this URL: https://SEPMServer-vm:8445/Reporting/login/login.php does that means the channel is secured even though the address bar is red ?

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP

 

John Q.'s picture

Yes, the address bar is red because the certificate used is self-signed. You may make it known by Internet Explorer following this article:
http://www.symantec.com/docs/TECH123686

 

Please remember to mark the proper comment as SOLUTION:
 - to identify threads that do not require further assistance
 - to let other visitors know how to fix such issue

SOLUTION
Dushan Gomez's picture

Ah, I see now, so it is already encrypted by SSL certificate (self signed by the SEPM) the article that you provided was just to "Installing" it into the browser CA list to make the bar goes green.

 

cmiiw ?

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP

 

John Q.'s picture

Correct.

Please remember to mark the proper comment as SOLUTION:
 - to identify threads that do not require further assistance
 - to let other visitors know how to fix such issue

Dushan Gomez's picture

Thanks John !

Dushan Gomez
IT Manager
VCP 4 and 5 | MCITP Exchange Server | MCTS SharePoint Server | MCP Windows XP