Endpoint Protection

Hi All Forumers,

 

I have 5 SEPM server in our organization. They are all replicated to a parent SEPM. Each SEPM are from different regions/countries with a dedicated local IT/techsupport each. I want to apply a notification using SMTP servers and credentials to all countries that makes me and my fellow local ITs to receive that notifications. Can you help me how to do it? We have Windows Servers 2003 and 2008 with the current SEPM versions of 12.1 RU2. Please can you guide me on creating this? or is it possible to do this? I tried some testing but its not working. I tested 1 SMTP to just 1 SEPM but the reports are different.

 

 

Thank you.

 

 

joash_theory

http://www.symantec.com/docs/TECH91622 - Creating notifications in the Symantec Endpoint Protection Manager

http://www.symantec.com/docs/TECH169363 - How to setup SEPM version 12.1 to use SSL for sending email notifications

Best regards,

what kind of notification you want to create?

Hi,

Thank you for posting your query in Symantec community.

I would be glad to answer your question.

In SEP 12.1 there are two weekly scheduled reports & seven pre-defined notifications configured by Symantec.

You should follow the best practice articles.

Quick serach found this one:

Deploying Symantec Endpoint Protection Architecture. 

http://www.symantec.com/business/support/index?page=content&id=TECH92051&locale=en_US

Hello,

Check this Thread with similar query -

https://www-secure.symantec.com/connect/forums/notification-issues-smtp-question

Secondly, Check these Articles:

What do the different Notification Conditions for email alerts mean?

http://www.symantec.com/docs/TECH91535

Creating notifications in the Symantec Endpoint Protection Manager

http://www.symantec.com/docs/TECH91622

About the preconfigured notifications

http://www.symantec.com/docs/HOWTO55128

Hope that helps!!

reports like weekly reports , mothly reports and the like/etc

appreciate all your recommendations, but I still need more accurate solutions on this.. but i will still review the links you have sent me.

 

 

yeah I tried this to 1 of our SEPM servers, but unfortunately, the result is even if I configured on only 1 server, it sending information also on other servers isntead to 1 that is configured to be reported.. that's why im looking for the solution if how to setup when SEPM servers are replicated.. or what are the steps to setup notifications when SEPMs are replciated

Hi All,

 

I have permissions on our mail server. By the way, are all these KBs are applicable to the replicated setup type of architecture?

Also, I tested on a single SEPM server (not replicated) and it works. the administrator successfully receives notifications from that server. Then I tried to replicate this to the Parent SEPM, the notification sends not only on that server but others that are replicated to the parent on which I dont want to see and also the administrators. I don't understand why it keeps sending emails from the other servers which i did not configured.

Hi All,

 

 

Follow up on this? can anyone help me?

 

 

Thanks!

It looks as this is a know issue and will be address in future releases: http://www.symantec.com/docs/TECH98265

 

oh so i guess all 12.1.x has problem with notification setup? how sad that notifications are important mostly on our environment that has many SEPM servers (to identify which server has outdated, which has virus or some problem with SEP). Is there anything we can do to set it up? Im just disappointed with my current versions features :(

Hi, http://www.symantec.com/business/support/index?page=content&id=TECH175948&profileURL=https%3A%2F%2Fsymaccount-profile.symantec.com%2FSSO%2Findex.jsp%3FssoID%3D13871786390792OJtQPA1K3e3d77Omq393VRyY35c1U1d15C6x http://www.symantec.com/business/support/index?page=content&id=TECH96790&profileURL=https%3A%2F%2Fsymaccount-profile.symantec.com%2FSSO%2Findex.jsp%3FssoID%3D13871786338729Jl1l9UX476RL9t4SJqKE6qFtzOtF9749068Y

Hi,

 

Hi,

This issue has been investigated by Symantec and it has been determined that this behavior is currently working as designed.

In some situations, it may be appropriate to work around this issue by removing mail server settings at remote SEPM sites to prevent them from sending duplicate emails.

Following article is also updated.

http://www.symantec.com/docs/TECH98265  

Hi,

I hope you have received the answer. Don't forget to mark your thread as 'SOLVED' with the answer that best helps you

 

Chetan,

When I try to remove my Email Server Settings on my replicated SEPM's, it won't allow it.  If I clear the Server Address, Port and Sender Email Address and click OK, I get an error dialog box that reads "You must enter a server address and a port number first."  Is there any other way to clear the Email Server Settings?