Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Symantec Endpoint Protection

  • 1.  Symantec Endpoint Protection

    Posted Oct 27, 2007 09:18 AM
    Hello,
     
    We have recently purchased and installed Symantec Endpoint Protection on our server running Windows 2003 Std.  On the same server we also have students Exam software running which uses standard http: 80 and https: 443 ports and cannot be changed therefore I had to change the default ports in IIS which prevents me from accessing the Endpoint Protection Manager Console. But as soon as I change the ports back I can get in ok...
     
    Can someone kindly advise me on how can I resolve this issue???
     
     
    Regards.


  • 2.  RE: Symantec Endpoint Protection

    Posted Oct 27, 2007 08:18 PM
    Check this article:
     


    Message Edited by Russ H on 10-27-2007 05:18 PM


  • 3.  RE: Symantec Endpoint Protection

    Posted Oct 29, 2007 02:50 PM
    I have probably installed and reinstalled Symantec Endpoint 10 times now.... I followed your instructions but no luck!
     
    As soon as I installed Symantec Endpoint Protection Manager it adds port 80 to IIIS which conflicts with the Exam Server software!
     
    Can you please advise me in clear words on how can I prevent Symantec Endpoint Protection from using default ports 80 and 443.
     
     
    Thanks!


  • 4.  RE: Symantec Endpoint Protection

    Posted Oct 29, 2007 04:35 PM
    I Think it´s the wrong instruction wich was posted above.
    I´ve partly solved this problem by letting SEP to generate its own Website (listening on port 80) and let it listen to the hostheader localhost. But this isn´t a complete solution for this problem, i´m still not able to list and manage the clients in the managment console.

    i´m running SEP on a SBS 2003 with owa listening on port 80... it´s not an option for me to install sep on the Standardwebsite.

    Any instuctions for this issue ?

    BEst regards,

    Aytac


  • 5.  RE: Symantec Endpoint Protection

    Posted Oct 29, 2007 07:13 PM

    Hi Fais,

    I assume your exam app does not use IIS but comes with its own web server. If you have NOT rolled out any clients you can simply change the port for the Endpoint Protection Manager in IIS and configure the Manager to use this new port.

    Stop the Symantec Endpoint Protection Manager Service

    Start: Administrative Tools - Internet Information Services (IIS) Manager

    Select: Web Sites - Default Website

    Click Properties

    ChangeTCPPort number to some free port i.e. 1234

    Restart the Website

    Open the file conf.properties in C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc with notepad

    Add the line scm.iis.http.port=1234

    Start the Symantec Endpoint Protection Manager Service

    If you have already clients rolled out you will have to make sure that they connect to the right port  BEFORE changing it! The easiest way is probably to create a new Management Server list. (Policies – Policy Components).

    Copy and Paste the Default Management server list.

    Add a new priority

    Add your server name and ip address with the customized port information.

    Assign the new list to ALL clients

    Make the changes on your server AFTER all clients have connected to the management server and downloaded the new configuration.

    Once you have made the changes on you server assign the Default List - which is updated automatically - to your clients.

    Carsten



  • 6.  RE: Symantec Endpoint Protection

    Posted Oct 29, 2007 07:18 PM
    Hi Aytac,
     
    if you have a another application running that uses IIS you can use the Default Website. Symantec Endpoint Protection will create a Virtual Directoy and will not interfere with other web applications hosted on the IIS default web site.
     
    I don't think your configuration is a good idea. If SEP is only listening to the localhost address the clients will not be able to connect to the server.
     
    Carsten


  • 7.  RE: Symantec Endpoint Protection

    Posted Nov 01, 2007 07:14 AM
    Hello
     
    I have the same problem. I would like to change the default port (80) used by Symantec Endpoint Protection Manager to another (8080 per example) because I have an other website in IIS which already use the port 80 (without host header). I do not want Symantec virtual directories in my other website!! It could be a security issue to add this virtual directories to a public website!!
     
    Carsten Hoffmann, I go to the directory C:\Program Files\Symantec\Symantec Endpoint Protection Manager but I do not see a sub-directory named tomcat or etc. I search for the file conf.properties but I can't find it. Why ? Have I to create this two sub-directories manually and the file conf.properties?
     
    I see a file named SyLink.xml which contains a <Server> tag. Could we add a Port parameter to this tag per example?
     
    Thanks


    Message Edited by Juju on 11-01-2007 04:15 AM


  • 8.  RE: Symantec Endpoint Protection

    Posted Nov 01, 2007 09:28 AM
    This sounds like another perfect example of how running Symantec Endpoint Protection Manager from a Virtual server would free up any configuration issues that may interfere with other systems running on the host server.  I'm experimenting with this right now, but have been unhappy with the extreme inefficiency of the SEP Manager and other SEP services.


  • 9.  RE: Symantec Endpoint Protection

    Posted Nov 01, 2007 04:04 PM
    Juju,
     
    SEPM will not work without these directories. Have you installed it to some other path? You do not have to create these directories.
     
    Carsten


  • 10.  RE: Symantec Endpoint Protection

    Posted Nov 05, 2007 05:46 AM
    Thanks Carsten Hoffmann . In fact, I realize that Symantec Endpoint Protection Manager has been installed in D:\ , sorry! I finally find the file conf.properties and modify it with scm.iis.http.port=8080. I also modify the port of the default IIS website. It seems to be ok.
     
    Just a last thing, when I connect to the SEPM Console, I can't open the tabs "Homepage", "Controls" and "Reports". I obtain an HTTP 403 error in the frame. A right click on the pages shows (in Properties):
     
    * res://ieframe.dll/http_403_webOC.htm#http://localhost:8080/Reporting/dashboard/homepage.php
    * res://ieframe.dll/http_403_webOC.htm#http://localhost:8080/Reporting/monitors/monitor_av.php
    * res://ieframe.dll/http_403_webOC.htm#http://localhost:8080/Reporting/reports/reports.php
     
    I have no problem to access to the tabs "Policy", "Clients" and "Administrator". Does someone here who have changed the default HTTP port has the same problem?
     
    The Default Management server list ha been automatically updated with the right port (8080). Have I to create absolutely a new list with copy/past and apply it to the clients?
     
    Thanks.


  • 11.  RE: Symantec Endpoint Protection

    Posted Nov 05, 2007 01:36 PM
    Hi JuJu,
     
    can you access reporting with a web browswer by copying this URL in the address bar?
     
     
    What happens when you try to access reporting from a different computer (substitute localhos with machine name)?
     
    Carsten


  • 12.  RE: Symantec Endpoint Protection

    Posted Nov 05, 2007 03:54 PM
    From the SEPM computer browser, at the address http://localhost:8080/Reporting/login/login.php , I obtain the same HTTP 403 error. From an other computer, same HTTP 403 error.
     
    I think, there is a problem with the SEPM embeded PHP CGI to execute .php pages, no?
     
    For resume, on the server, we have :
     
    * Apache which listen on the 443 port only (for a SSL website)
    * PHP 5.0 as an Apache module for the SSL website
    * IIS 6.0 with two websites: the default website which listen on the 8080 port for SEPM and a second website which listen on the 80 port
    * No IIS website is configured for PHP (except this one added by the Symantec installer on virtual directories)
    * On the installation directory of SEPM, the NTFS permissions are "Allow all for the user ALL USERS"
    * The base directory for the default IIS website (this used by SEPM) is C:\Inetpub\wwwroot and it has the autorisation "Scripts and executable" activated
     
    We have reinstalled the software 3 times but same problem.
     
    Any idea? Thanks


  • 13.  RE: Symantec Endpoint Protection

    Posted Nov 07, 2007 03:39 PM
    Hi JuJu,
     
    there are serveral resons you coud get the HTTP error. Check out these two knowledge base articles which deal with the problem:
     
     
     
    btw No if you did not roll out any clients you are fine with the default manager list.
     
    Carsten


  • 14.  RE: Symantec Endpoint Protection

    Posted Nov 14, 2007 06:52 AM
    Hello,
     
    Thanks for this KB.
     
    Well, I have finally access to the tabs Home, Controls and Reports !!
     
    For that, I modified the Domain Security Policy. The Network Service was not present for the rules "Adjust memory Quotas for a Process" and "Replace a process-level token". I added it.
     
    After that, it doesn't run yet but I had no more an HTTP 403 error but only a blue progress bar. Then, I create a PHP test file with <?php phpinfo(); ?> in the virtual directory Reporting and I realize that the php.ini file present in the SEPM PHP distribution was not loaded. Then I copied the SEPM php.ini file in C:\Windows and now it is ok, I have access to the entire SEPM console !!
     
    I have just a last problem. The few images in the three tabs are not displayed.
     
    Bye.


    Message Edited by Juju on 11-14-2007 03:53 AM