Endpoint Protection

 View Only

  • 1.  SEP for Linux managed clients on disconnected network

    Posted Apr 22, 2015 03:15 PM

    I am using SEP for Linux 12.1.5 in an environment that is not connected to the internet.  I have the clients installed but auto-protect is showing as "Malfunctioning" in the client and on the SEPM the "Antivirus Status" states "Component is malfunctioning".  I have read that this will go away once LiveUpdate is ran.  I guess my question is twofold; first, how do I get the auto-protect to begin functioning properly if I am not able to run LiveUpdate?  This leads me into my next question about updating virus definitions.  I have successfully updates the definitions using the Intelligent Updater definitions.  I can continue updating the definitions by hand, but was looking into some sort of automated definition distribution such as LUA.  Is installation and configuration of LUA worth the trouble for, say, under 30 machines or should I just run a batch script to update them?  I looked into the Apache reverse proxy, but from what I gathered, looks like this requires an internet connection.  Thanks in advance.

     



  • 2.  RE: SEP for Linux managed clients on disconnected network

    Posted Apr 22, 2015 04:03 PM

    A LUA would work:

    When to use LiveUpdate Administrator

    ...and so would setting up the SEPM as a reverse proxy. Didn't see anything in the document about the client needing an Inet connection though.



  • 3.  RE: SEP for Linux managed clients on disconnected network

    Posted Apr 22, 2015 04:05 PM

    Thanks Brian!  Any ideas on how to get my clients working?



  • 4.  RE: SEP for Linux managed clients on disconnected network

    Posted Apr 27, 2015 11:17 AM

    Configuring the SEPM as a reverse proxy has resulted in an error that "The proxy server received an invalid response from an upstream server.  The proxy server could not handle the request get/luproxy/masttri.zip Reason: DNS lookup failed for: liveupdate.symantecliveupdate.com"  I tried ignoring this as I know this will fail as I mentioned previously, I have no connection to the internet.  After configuring the Liveupdate policy to point to the internal Liveupdate server (the SEPM), I ran Liveupdate on a client and it is failing.  Any suggestions?



  • 5.  RE: SEP for Linux managed clients on disconnected network

    Posted Apr 28, 2015 09:00 AM

    Ok, back to my original issue of my Linux clients auto-protect being in the "malfunctioning" state, I have opened a support ticket with Symantec.  I will update this post for others that are in the same boat looking for an answer.  As I know there are many others out there that use SEPM in an air gapped system (no internet) this should be interesting...;o) 



  • 6.  RE: SEP for Linux managed clients on disconnected network

    Posted Sep 01, 2015 03:03 PM

    I am running into the same problem with the exact error messages. Have you found an explanation or fix for this problem? It's absolutely amazing that support can only tell you to "Connect to the Internet".

     



  • 7.  RE: SEP for Linux managed clients on disconnected network

    Posted Sep 01, 2015 04:49 PM
    I did find a solution, but I would have to double check my email as I opened a support ticket. If I remember correctly though, I believe the fix was to recompile with a different driver. Once you do the install there is another folder that you can run a make on or something that will install a different driver. Essentially, they told me that I was running an unsupported version (I was running centos 6.4) and that was the fix. If you look for instructions on how to recompile for an unsupported version, I think you might find what you are looking for. I am out of office or I would find you the instructions.