SEP upgrade takes "forever" on many computers
Many - not all. but it's a fair share - 1/3 at least. Forever may be described as 15 to 45 minutes.
Currently at SEP 12.1 RU1 - version 12.1.1000.157
Moving to SEP RU1 MP1 version 12.1.1101.401
This is how I almost ALWAYS do this - this is not new, been doing this since we started with SEP 11.xx
I created a group with relaxed policies - SEP security is turned off, tamper protection is disabled, passwords removed, etc. etc. etc.
I created install packages for SEP 32 and 64 bit as well as SNAC.
I made the installs silent, refresh logs and policies - full protection for clients.
I assigned the install packages to my special SEP upgrade/install group.
I set it "Download the client package from the management server"
I configured using "Upgrade schedule" - 17:00 to 7:00 over 3 days.
They get a notification it's happening.
The install settings for the package are:
silent, install to default folder, enable logging, submit reputation information, add to start menu, remove all previous logs and policies and reset communications settings. (did that last one as a couple of clients this summer had certificate mis-matches and I had to manually import communications settings to get them fixed)
The Schedule Reboot tab is:
Custom restart, at a scheduled time/day, hard restart, and restart immediately if user not logged in.
So far, this part seems to be ok..... The PROBLEM is that when this happens, and I was able to witness this finally on a computer here today, the user says, yeah, sure, go ahead, then a couple minutes later is prompted to reboot, or snooze the reboot, she chose to reboot - and it took 20 minutes before she had her desktop back! It sat at the starting Windows screen for a good 20 minutes, NO KIDDING.
At 6:06am, auto-upgrade agent is installed.
At 6:06 am event ID 1040 MSIINSTALLER kicked off SEP MSI.
At 6:07 migration service started,
At 6:09 the auto-upgrade agent stopped.
At 6:14 ccSvcHost.exe initiated a restart of the computer - Legacy API shutdown.
6:10-6:15 I can see where services are stopping, and then later kernel messages and services are starting -
At 6:16 there's warning message about hpdskflt
Teefer2 loads, then the network drivers load at 6:17.
Then notihng until 6:25 when the Filter Manager says SymEFA has loaded then eeCtrl loads, then nothing again until 6:34
At 6:34, among other things, SRTSP fails to load.
At these times - about 6:15 to 6:35, the user can do nothing but watch the starting Windows screen.
At 6:37:52, SRTSP finally loads.
there's a huge gap in the logs - all Windows logs - between about 6:17 and 6:34 save for the two lines at about 6:25 when the SymEFA and other thing loads.
The application log is empty between 6:09 and 6:15 and then again until 6:34 -
For all of us here in IT, and for the user, it appears as if SEP upgrades are taking 15 to 45 minutes to install, however, when looking at the logs, it appears more to be some bad interaction going on where things simply are sitting and not loading.
Is ANYONE ELSE seeing this same bad behavour??
Thoughts? Ideas? Fixes? Please.............. it's leaving a terrible sour taste in the mouths of management and users here.
This started with 12.1.
This did not happen with any 11 updates - they went fast and smooth. This happened last spring when I put 12.1 out to begin with.