Network Access Control

View Only

Back to discussions

Expand all | Collapse all

SEP 12.1 Host Integrity policy

1. SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 06:32 AM

Reply Reply Privately
Hello,

I've created Host Integrity policy with Antivirus, Antispyware and Firewall requirements. I would like to SEP and the Firewall service to start automatically if it is turned off.
I tried commands: "C: \ Program Files \ Symantec \ Symantec Endpoint Protection \ Smc.exe-start"
"C: \ Program Files \ Symantec \ Symantec Endpoint Protection \ Smc.exe-enable-ntp" for firewall start but it does not work.
What commands should I use?

Regards

Tom
2. RE: SEP 12.1 Host Integrity policy

0 Recommend
Broadcom Employee

pete
Posted Oct 31, 2012 07:26 AM

Reply Reply Privately
it should be

C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.XXXX.XXXX.XXX\Bin\smc -start

C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.XXXX.XXXX.XXX\Bin\smc -enable -ntp
3. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 08:35 AM

Reply Reply Privately
HI,

Kindly provide SEPM version ?
4. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 08:39 AM

Reply Reply Privately
Thanks but it doesn't work. In security log on client found error:

Condition The file was made.
Condition check "C: \ Program Files \ Symantec \ Symantec Endpoint Protection \ 12.1.1101.401.105 \ Bin \ smc-enable-ntp".
An error has occurred.
Error: file not found.

Regards

Tom
5. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 08:41 AM

Reply Reply Privately
SEPM version: 12.1.1101.401.105 (RU1 MP1)
6. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 08:44 AM

Reply Reply Privately
Hi,

Try this

C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\smc -start
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\smc -Enable -NTP

Provide Space

Smc -Enable -Ntp
7. RE: SEP 12.1 Host Integrity policy

0 Recommend
Broadcom Employee

pete
Posted Oct 31, 2012 08:55 AM

Reply Reply Privately
well is there space after smc? (smc -start & smc -enable -ntp)

what is the SEP client version?

is it 32 bit ?
8. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 09:01 AM

Reply Reply Privately
Of course, I used the space. Spaces are removed when paste the log on the forum. :)
Unfortunately, the same error ...
9. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 09:06 AM

Reply Reply Privately
HI,

Do you have try 64 bit os or 32 bit ?

If Os 64 bit try this command

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1101.401.105\Bin\smc -Enable -NTP
10. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 09:49 AM

Reply Reply Privately
32-bit. Also tried double quotes but no change.
11. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Oct 31, 2012 10:21 AM

Reply Reply Privately
HI Tom,

Kindly check

"C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\Smc.exe" -start

"C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\Smc.exe" -Enable -NTP
12. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Nov 02, 2012 03:35 AM

Reply Reply Privately
Thanks. It works if I disable SEP by right-clicking the SEP icon and choose "Turn-off Symantec Endpoint Protection".
Is this rule should start the program if the SEP is disabled by "smc-stop" command?

Regards

Tom
13. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Nov 02, 2012 03:38 AM

Reply Reply Privately
Hi,

Your problem ae solved or not ?
14. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Nov 02, 2012 03:46 AM

Reply Reply Privately
Not quite because SEP does not automatically start if I disable it by "smc -stop" command.
15. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Nov 02, 2012 03:50 AM

Reply Reply Privately
HI,

Try to disable tamper protection after check this command.
16. RE: SEP 12.1 Host Integrity policy

0 Recommend
Migration User
Posted Nov 02, 2012 05:33 AM

Reply Reply Privately
I disabled tamper protection and also turned off UAC. Unfortunately SEP services still not started automatically.

Network Access Control

SEP 12.1 Host Integrity policy

Migration UserOct 31, 2012 06:32 AM

peteOct 31, 2012 07:26 AM

Migration UserOct 31, 2012 08:35 AM

Migration UserOct 31, 2012 08:39 AM

Migration UserOct 31, 2012 08:41 AM

Migration UserOct 31, 2012 08:44 AM

peteOct 31, 2012 08:55 AM

Migration UserOct 31, 2012 09:01 AM

Migration UserOct 31, 2012 09:06 AM

Migration UserOct 31, 2012 09:49 AM

Migration UserOct 31, 2012 10:21 AM

Migration UserNov 02, 2012 03:35 AM

Migration UserNov 02, 2012 03:38 AM

Migration UserNov 02, 2012 03:46 AM

Migration UserNov 02, 2012 03:50 AM

Migration UserNov 02, 2012 05:33 AM

1. SEP 12.1 Host Integrity policy

2. RE: SEP 12.1 Host Integrity policy

3. RE: SEP 12.1 Host Integrity policy

4. RE: SEP 12.1 Host Integrity policy

5. RE: SEP 12.1 Host Integrity policy

6. RE: SEP 12.1 Host Integrity policy

7. RE: SEP 12.1 Host Integrity policy

8. RE: SEP 12.1 Host Integrity policy

9. RE: SEP 12.1 Host Integrity policy

10. RE: SEP 12.1 Host Integrity policy

11. RE: SEP 12.1 Host Integrity policy

12. RE: SEP 12.1 Host Integrity policy

13. RE: SEP 12.1 Host Integrity policy

14. RE: SEP 12.1 Host Integrity policy

15. RE: SEP 12.1 Host Integrity policy

16. RE: SEP 12.1 Host Integrity policy