Endpoint Protection

I recently installed SEP11 Manager on a Windows 2003 32 bit server. The server also acts as a What's Up Gold Server (Uses IIS and a Web page). When I first installed the Manager, I tried to update clients that were unmanaged to no avail, because none of these systems are on a domain and were installed unmanaged. They all DO belong to a workgroup though. So I searched high and low on how to do that and ended up going to the SEPM Console and on the left bar going to "Clients" I went to the group I made for my servers and went to "Find Unmanaged Computers" Just to test out pushing out an install package. I didn't put a range in their just a single IP of one of the servers I needed to push AV updates to. It found it and it successfully pushed the package, or so I thought. It seems as if it is installed, but when I try to issue commands to it through the SEPM console, it states "Some of the selected clients have not yet connected to the server. You cannot do this action on those clients until they have connected to the server." I ran across a bunch of forum entries about trying to connect to the Web page. When I first tried this, I got the WhatsUpGold page. So then I tried to get to other pages using the port and secars. That didn't come back properly either. When I go under the Client (Windows Server 2008 x64) and go to "Help and Support" then "Troubleshooting" It says the server is "Offline". SO I pinged the server successfully and started my search for knowledge again. After a lot of reading I looked at firewalls (both server and client are disabled), The Sylink file (copied from server to client), IIS settings (Everything looked right), and General Policies (I checked if under security settings whether or not Enable secure communications between server and clients by using digital certificates for authentication and it was). So I am really at my wits end. The unique scenario here is my servers (both as the management server and the clients) are all off of the domain and in a workgroup and have no connection or possibility of a connection to the internet. The person I took the job over from about a month ago, spent almost 4 months getting nowhere, and I understand why now. I want to change that. I can't contact Symantec, because I was told not to, even thought the software was bought, legal, and we have a license. I am really trying to figure this out. The real issue at the heart of all this is communication between the Server and the client (also another server) it just seems to not be happening. I want to be able to drop that JDB file where it needs to go and have all the servers updated, but to even get to that I need for the systems to talk to each other, and I hate that IIS is what it uses to communicate because it just adds another layer of troubleshooting. If anyone can help to see if there is something I missed please let me know. I would appreciate the ability to try and solve this. In the meantime, I am building a new server to install ONLY SEPM Console on so that I have complete control over and no other IIS function interferes and I can also start from scratch. We will see how that goes. Thanks in advance for any assistance in the matter.

check if this link helps to some extent

http://www.symantec.com/docs/TECH95789

Hello,

"Thumbs up" to Pete's Advice.

There are few things, I see where the issue could be happening..

1) You are using SEP 11.x on the same server which acts as What's Up Gold Server as well. And both are using IIS.

Could you check if they both are install on Default Port 80??

If yes, make sure you install SEPM on a Custom Port 8014

2) Clients are on Workgroup. I don't know if you have check the below documents:

How to install Symantec Endpoint Protection in a workgroup environment

http://www.symantec.com/docs/TECH105662

Best Practices for Central Deployment and Management of Symantec Endpoint Protection (SEP) in a Workgroup environment

Thanks for the responses, I will check on the suggestions given, and as a matter of fact, I am rebuilding a server to dedicate to SEP 11 so I have no conflicts. Just so everyone knows, I am working with SEP 11.0.6200.754

Thanks again

Hi ESKO,

What's up gold is just network monitoring tool & by default it uses port 8080.

Symantec by default uses 80 or 8014 so I don't think there will be any conflict with what's up gold. You can check configuration details for same.

Even if you installed SEPM on new server IIS is mandatory to complete SEP 11.x installation.

I would suggest use new SEP version i.e SEP 12.1, IIS is not mandatory or even you can upgrade your existing version i.e 11.0.6200.754 to SEP 12.1 RU1.

Your base issue is clients are not communicating with SEPM. Replace Sylink.xml file & run  sylink monitor tool on 2-3 clients to find out the root cause of the issue.

After running sylink monitor tool, attached logs to this thread for further analysis.

You can check how to install SEP in workgroup environment.

http://www.symantec.com/docs/TECH105662

I hope it will help you !!!

Please telnet the SEPM

I got my servers installed and that took a little longer than I would have liked. Now that they are operational I will be installing SEP11M, let see how it works now.

Luis

I still am unable to push out the install packages the way I'd like. That doesn't matter though, the temporary work around is to install them unmanaged and replace the Sylink.xml file on the clients to match the managment server. This has worked so far on 2 clients and I have had them updated accordingly. So I know they can comunicate, but the packages just wouldn't push. I don't mind that at all. My only other concern now is after replacing the JDB file it didn't automatically update the clients. I had to go to "Fix This" under the SEP11 client and it downloaded it from the server. Any ideas on this?