Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Symantec AntiVirus and Deep Freeze

Migration User

Migration UserNov 13, 2007 10:00 AM

thanks

  • 1.  Symantec AntiVirus and Deep Freeze

    Posted Aug 28, 2007 02:27 PM
    Does anyone have experience installing Deep Freeze on a system running Symantec AntiVirus?
     
    We are considering an installation of Deep Freeze on student PCs as they have repeatedly deleted system files; however, SAV is installed on the C: drive, Deep Freeze will purge the SAV Virus Definition Updates on each reboot.
     
     


  • 2.  RE: Symantec AntiVirus and Deep Freeze

    Posted Oct 10, 2007 09:02 PM
    I can help you with that if you are still stuck?? its a bit of a task though haha
     
     
    we had the same problem where i work.


  • 3.  RE: Symantec AntiVirus and Deep Freeze

    Posted Oct 19, 2007 10:38 PM
    Hey Sam ...,
     
    Post your solution here, so all of us can learn from you case.
     
    Thanks
     
    Glauco


  • 4.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 12, 2007 04:13 PM
    I have Clean Slate and were running into a similar problem. I lose my virus defs and scan engine disappears. help! Running 10.1.5.5000


  • 5.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 12, 2007 06:37 PM
    Symantec Endpoint Protection the next generation of Symantec AntiVirus includes this functionality as well it is called System Lockdown.
    Carsten


  • 6.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 12, 2007 08:20 PM
    Carsten,  I have to disagree based on the description of System Lockdown in the documentation.  Deepfreeze, restores your system to a previous known state.  You can allow users to intact with windows as full Administrators which allows usefull things such as installing applications and testing out viruses.  Lockdown appears to just restrict users abilities, not actually reset the computer to a known state.  For my computers, on SAV 10 (will work on a solution to 11 after MR1 or 2), I simply have a batch file in startup that will copy over the latest definitions (and other stuff) from the server.:

    CLS
    @ECHO OFF
    ECHO "Deleting Symantec Antivirus GUID"
    regedit /s \\server\certs$\GUIDRemove.reg
    ECHO.
    ECHO "Copying Server Certificates"
    Copy \\server\vphome\pki\roots\*.cer "%SYSTEMDRIVE%\Program Files\Symantec AntiVirus\pki\roots" >nul
    ECHO.
    ECHO "Copying GRC.dat file"
    Copy \\server\vphome\grc.dat "%ALLUSERSPROFILE%\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5" >nul
    ECHO.
    ECHO "Copying Latest Virus Definitions"
    Copy \\server\certs$\*.xdb "%ALLUSERSPROFILE%\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5" >nul
    ECHO.
    ECHO "Restarting Symantec Antivirus Service"
    Net Stop "symantec antivirus"
    Net Start "symantec antivirus"
    CLS
    if Exist "C:\Documents and Settings\Administrator\Desktop\Shortcut to SAVSync.bat.lnk" del "C:\Documents and Settings\Administrator\Desktop\Shortcut to SAVSync.bat.lnk"
    ECHO Process Complete.
    ECHO Note: It may take up to a minute for the client to refresh.
    ECHO Please verify the server name in Symantec Antivirus Console and
    ECHO run LiveUpdate to test the connection to the server.


  • 7.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 09:21 AM
    this may be a stupid question, but is this batch file directly from Symantec?  I guess i'm trying to see if I can apply this as written to one of my test clients. I did see 7.5 in the file and was wondering if that needed to be changes to my current version. 10.1.5.5000. sorry for my ignornace. This got dumped in my lap.


  • 8.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 09:21 AM
    this may be a stupid question, but is this batch file directly from Symantec?  I guess i'm trying to see if I can apply this as written to one of my test clients. I did see 7.5 in the file and was wondering if that needed to be changes to my current version. 10.1.5.5000. sorry for my ignornace. This got dumped in my lap.


  • 9.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 09:41 AM
    RB,
    7.5 is an existing directory that is found in Documents and Settings for Alluser profile.  It appears as 7.5 whether you upgrade from 7x, or do a first time install from new versions.


  • 10.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 10:00 AM
    thanks


  • 11.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 01:11 PM
    Hi RB,

    No, this batch file is not from Symantec.  This is based off a couple years of work of trying to fix various issues we've had with SAV since v. 8.  You can comment out or delete the parts that are not relevant to your environment.  The key part about the definitions is pulling the latest .xdb from your server and making it available on a share.


  • 12.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 03:50 PM
    Bill,
    Since DeepFreeze returns the PC to the original configuration (with original definition file) I would expect that the daily downloading of a definition update would take longer as the file would grow considerably as time went by.
     
    How did you address this?


  • 13.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 04:01 PM
    Bill,
     
    you are right - I mistook deepfreeze with something else
     
    Carsten


  • 14.  RE: Symantec AntiVirus and Deep Freeze

    Posted Nov 13, 2007 06:26 PM
    I haven't given it much thought.  My current XDB file is 26.690MB.  My situation is a little different than yours.  I send machines to conferences, seminars, and events, and use ghost to put down a new image.  I only deal with 10-20 machines at a time on a gigabit backbone.  Sometimes I need to exclude directories etc, the management server will update the grc.dat and I use the batch file to copy the latetest grc.dat after imaging along with the updated definitions.