Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEPM Notification Setup

Created: 11 Sep 2013 | 17 comments

Hi All Forumers,

I have 5 SEPM server in our organization. They are all replicated to a parent SEPM. Each SEPM are from different regions/countries with a dedicated local IT/techsupport each. I want to apply a notification using SMTP servers and credentials to all countries that makes me and my fellow local ITs to receive that notifications. Can you help me how to do it? We have Windows Servers 2003 and 2008 with the current SEPM versions of 12.1 RU2. Please can you guide me on creating this? or is it possible to do this? I tried some testing but its not working. I tested 1 SMTP to just 1 SEPM but the reports are different.

Thank you.

joash_theory

Operating Systems:

Comments 17 CommentsJump to latest comment

Vladimir Vucinic's picture

http://www.symantec.com/docs/TECH91622 - Creating notifications in the Symantec Endpoint Protection Manager

http://www.symantec.com/docs/TECH169363 - How to setup SEPM version 12.1 to use SSL for sending email notifications

Best regards,

Vladimir Vucinic
Net++ technology

Rafeeq's picture

what kind of notification you want to create?

joash theory's picture

reports like weekly reports , mothly reports and the like/etc

Chetan Savade's picture

Hi,

Thank you for posting your query in Symantec community.

I would be glad to answer your question.

In SEP 12.1 there are two weekly scheduled reports & seven pre-defined notifications configured by Symantec.

Schedule Reports location: SEPM --> Reports --> Scheduled Reports
 
Predefined Notifications location:
 
SEPM--> Monitors--> Notifications --> View Notifications --> Notifications Conditions
 
About the preconfigured notifications
 
 
 

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

joash theory's picture

yeah I tried this to 1 of our SEPM servers, but unfortunately, the result is even if I configured on only 1 server, it sending information also on other servers isntead to 1 that is configured to be reported.. that's why im looking for the solution if how to setup when SEPM servers are replicated.. or what are the steps to setup notifications when SEPMs are replciated

PoonamS's picture

You should follow the best practice articles.

Quick serach found this one:

Deploying Symantec Endpoint Protection Architecture. 

http://www.symantec.com/business/support/index?page=content&id=TECH92051&locale=en_US

Mithun Sanghavi's picture

Hello,

Check this Thread with similar query -

https://www-secure.symantec.com/connect/forums/notification-issues-smtp-question

Secondly, Check these Articles:

What do the different Notification Conditions for email alerts mean?

http://www.symantec.com/docs/TECH91535

Creating notifications in the Symantec Endpoint Protection Manager

http://www.symantec.com/docs/TECH91622

About the preconfigured notifications

http://www.symantec.com/docs/HOWTO55128

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

joash theory's picture

appreciate all your recommendations, but I still need more accurate solutions on this.. but i will still review the links you have sent me.

joash theory's picture

Hi All,

I have permissions on our mail server. By the way, are all these KBs are applicable to the replicated setup type of architecture?

joash theory's picture

Also, I tested on a single SEPM server (not replicated) and it works. the administrator successfully receives notifications from that server. Then I tried to replicate this to the Parent SEPM, the notification sends not only on that server but others that are replicated to the parent on which I dont want to see and also the administrators. I don't understand why it keeps sending emails from the other servers which i did not configured.

joash theory's picture

Hi All,

Follow up on this? can anyone help me?

Thanks!

Vladimir Vucinic's picture

It looks as this is a know issue and will be address in future releases: http://www.symantec.com/docs/TECH98265

Vladimir Vucinic
Net++ technology

joash theory's picture

oh so i guess all 12.1.x has problem with notification setup? how sad that notifications are important mostly on our environment that has many SEPM servers (to identify which server has outdated, which has virus or some problem with SEP). Is there anything we can do to set it up? Im just disappointed with my current versions features :(

Chetan Savade's picture

Hi,

Vladimir Vucinic is right, It's a known issue & will be address in future releases.
 

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Chetan Savade's picture

Hi,

This issue has been investigated by Symantec and it has been determined that this behavior is currently working as designed.

In some situations, it may be appropriate to work around this issue by removing mail server settings at remote SEPM sites to prevent them from sending duplicate emails.

Following article is also updated.

http://www.symantec.com/docs/TECH98265  

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Chetan Savade's picture

Hi,

I hope you have received the answer. Don't forget to mark your thread as 'SOLVED' with the answer that best helps you

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<