Endpoint Protection

 View Only

  • 1.  SEP Manager showing new clients haven't been scanned

    Posted Jun 22, 2009 02:43 PM
    I read that when the SEP client is installed, a scan is performed but after it starts communicating with the SEP manager, it lists the client as never been scanned and says action is needed in the security status section. I am doing an upgrade from Corp Edition 10.1 if it makes any difference. Should the install scan change the status in SEP Manager?


  • 2.  RE: SEP Manager showing new clients haven't been scanned
    Best Answer

    Posted Jun 22, 2009 03:17 PM
    Hi,

           There can be an initial scan but it is not just an initial scan. There are two options:

    1st option: If the Default Administrator scan is still set and not disabled and the install is a fresh install or even an upgrade from SAV (should) do an initial scan like the default admin scan at time of install.

    1.1 Go to Clients, Policies.
    1.2 Click on Antivirus and Antispyware policy.
    1.3 In Antivirus and Antispyware policy click on Administrator-defined scans.
    1.4 If the Administrator On-demand scan then you will get a scan running.


    2nd option: Set a scheduled scan in a 'temp' group. Clients install to the temp group and get the scheduled scan, then clients can be moved out of temp group into their normal group which would not have a scheduled scan.

    Also try the following :

    Open the SEPM console
    Go to the Policies page, or select the appropriate group in the Clients page and select the Policies tab there
    Edit the desired Antivirus and Antispyware policy
    Select and modify Administrator-defined scans in the policy editor.
    Click OK to save changes, and ensure the policy is applied to the correct client groups.


  • 3.  RE: SEP Manager showing new clients haven't been scanned

    Posted Jun 22, 2009 05:30 PM
    For the first option, the on-demand scan is something I would have to manually launch on new clients. For the second option, I already have a monthly scan enabled but doesn't run during the install. The client will need to wait till the first day of the month to scan.

    If a scan is built-in during the install, then somehow it should report back to the SEP manager and not give me a warning that the client hasn't been scanned. This KB article says the client will scan during install.

    service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/19ef4843cb6ff51a8825745f006e65c2