Video Screencast Help

Symantec Endpoint Protection

Created: 27 Oct 2007 • Updated: 21 May 2010 | 13 comments
We have recently purchased and installed Symantec Endpoint Protection on our server running Windows 2003 Std.  On the same server we also have students Exam software running which uses standard http: 80 and https: 443 ports and cannot be changed therefore I had to change the default ports in IIS which prevents me from accessing the Endpoint Protection Manager Console. But as soon as I change the ports back I can get in ok...
Can someone kindly advise me on how can I resolve this issue???
Discussion Filed Under:

Comments 13 CommentsJump to latest comment

Fais's picture
I have probably installed and reinstalled Symantec Endpoint 10 times now.... I followed your instructions but no luck!
As soon as I installed Symantec Endpoint Protection Manager it adds port 80 to IIIS which conflicts with the Exam Server software!
Can you please advise me in clear words on how can I prevent Symantec Endpoint Protection from using default ports 80 and 443.
Aytac's picture

I Think it´s the wrong instruction wich was posted above.
I´ve partly solved this problem by letting SEP to generate its own Website (listening on port 80) and let it listen to the hostheader localhost. But this isn´t a complete solution for this problem, i´m still not able to list and manage the clients in the managment console.

i´m running SEP on a SBS 2003 with owa listening on port 80... it´s not an option for me to install sep on the Standardwebsite.

Any instuctions for this issue ?

BEst regards,


Carsten Hoffmann's picture

Hi Fais,

I assume your exam app does not use IIS but comes with its own web server. If you have NOT rolled out any clients you can simply change the port for the Endpoint Protection Manager in IIS and configure the Manager to use this new port.

Stop the Symantec Endpoint Protection Manager Service

Start: Administrative Tools - Internet Information Services (IIS) Manager

Select: Web Sites - Default Website

Click Properties

ChangeTCPPort number to some free port i.e. 1234

Restart the Website

Open the file in C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc with notepad

Add the line scm.iis.http.port=1234

Start the Symantec Endpoint Protection Manager Service

If you have already clients rolled out you will have to make sure that they connect to the right port  BEFORE changing it! The easiest way is probably to create a new Management Server list. (Policies – Policy Components).

Copy and Paste the Default Management server list.

Add a new priority

Add your server name and ip address with the customized port information.

Assign the new list to ALL clients

Make the changes on your server AFTER all clients have connected to the management server and downloaded the new configuration.

Once you have made the changes on you server assign the Default List - which is updated automatically - to your clients.


Carsten Hoffmann's picture
Hi Aytac,
if you have a another application running that uses IIS you can use the Default Website. Symantec Endpoint Protection will create a Virtual Directoy and will not interfere with other web applications hosted on the IIS default web site.
I don't think your configuration is a good idea. If SEP is only listening to the localhost address the clients will not be able to connect to the server.
Juju's picture
I have the same problem. I would like to change the default port (80) used by Symantec Endpoint Protection Manager to another (8080 per example) because I have an other website in IIS which already use the port 80 (without host header). I do not want Symantec virtual directories in my other website!! It could be a security issue to add this virtual directories to a public website!!
Carsten Hoffmann, I go to the directory C:\Program Files\Symantec\Symantec Endpoint Protection Manager but I do not see a sub-directory named tomcat or etc. I search for the file but I can't find it. Why ? Have I to create this two sub-directories manually and the file
I see a file named SyLink.xml which contains a <Server> tag. Could we add a Port parameter to this tag per example?

Message Edited by Juju on 11-01-2007 04:15 AM

PcSysAdmin's picture
This sounds like another perfect example of how running Symantec Endpoint Protection Manager from a Virtual server would free up any configuration issues that may interfere with other systems running on the host server.  I'm experimenting with this right now, but have been unhappy with the extreme inefficiency of the SEP Manager and other SEP services.
Carsten Hoffmann's picture
SEPM will not work without these directories. Have you installed it to some other path? You do not have to create these directories.
Juju's picture
Thanks Carsten Hoffmann . In fact, I realize that Symantec Endpoint Protection Manager has been installed in D:\ , sorry! I finally find the file and modify it with scm.iis.http.port=8080. I also modify the port of the default IIS website. It seems to be ok.
Just a last thing, when I connect to the SEPM Console, I can't open the tabs "Homepage", "Controls" and "Reports". I obtain an HTTP 403 error in the frame. A right click on the pages shows (in Properties):
* res://ieframe.dll/http_403_webOC.htm#http://localhost:8080/Reporting/dashboard/homepage.php
* res://ieframe.dll/http_403_webOC.htm#http://localhost:8080/Reporting/monitors/monitor_av.php
* res://ieframe.dll/http_403_webOC.htm#http://localhost:8080/Reporting/reports/reports.php
I have no problem to access to the tabs "Policy", "Clients" and "Administrator". Does someone here who have changed the default HTTP port has the same problem?
The Default Management server list ha been automatically updated with the right port (8080). Have I to create absolutely a new list with copy/past and apply it to the clients?
Carsten Hoffmann's picture
Hi JuJu,
can you access reporting with a web browswer by copying this URL in the address bar?
What happens when you try to access reporting from a different computer (substitute localhos with machine name)?
Juju's picture
From the SEPM computer browser, at the address http://localhost:8080/Reporting/login/login.php , I obtain the same HTTP 403 error. From an other computer, same HTTP 403 error.
I think, there is a problem with the SEPM embeded PHP CGI to execute .php pages, no?
For resume, on the server, we have :
* Apache which listen on the 443 port only (for a SSL website)
* PHP 5.0 as an Apache module for the SSL website
* IIS 6.0 with two websites: the default website which listen on the 8080 port for SEPM and a second website which listen on the 80 port
* No IIS website is configured for PHP (except this one added by the Symantec installer on virtual directories)
* On the installation directory of SEPM, the NTFS permissions are "Allow all for the user ALL USERS"
* The base directory for the default IIS website (this used by SEPM) is C:\Inetpub\wwwroot and it has the autorisation "Scripts and executable" activated
We have reinstalled the software 3 times but same problem.
Any idea? Thanks
Carsten Hoffmann's picture
Hi JuJu,
there are serveral resons you coud get the HTTP error. Check out these two knowledge base articles which deal with the problem:
btw No if you did not roll out any clients you are fine with the default manager list.
Juju's picture
Thanks for this KB.
Well, I have finally access to the tabs Home, Controls and Reports !!
For that, I modified the Domain Security Policy. The Network Service was not present for the rules "Adjust memory Quotas for a Process" and "Replace a process-level token". I added it.
After that, it doesn't run yet but I had no more an HTTP 403 error but only a blue progress bar. Then, I create a PHP test file with <?php phpinfo(); ?> in the virtual directory Reporting and I realize that the php.ini file present in the SEPM PHP distribution was not loaded. Then I copied the SEPM php.ini file in C:\Windows and now it is ok, I have access to the entire SEPM console !!
I have just a last problem. The few images in the three tabs are not displayed.

Message Edited by Juju on 11-14-2007 03:53 AM