Symantec Endpoint Protection Manager Console
Created: 23 Aug 2012 | 11 comments
This thing always freezes on me. Anyone have any ideas?
Discussion Filed Under:
This thing always freezes on me. Anyone have any ideas?
Comments 11 Comments • Jump to latest comment
Do you have login Admin Account ?
Thanks In Advance.
Manish
Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.
Try re-installing with latest version of java
SEP Knowledge Base
Endpoint SWAT
Tuning the Performance of the Symantec Endpoint Protection Manager console
http://www.symantec.com/docs/TECH105179
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Hello,
What version of SEPM 11.x are you running? What OS are you running the SEPM on?
Do you receive any error when the SEPM application freezes?
What version of IE are you running on the machine?
Could you upload us the "scm-server-0.log" and "scm-server-1.log" logfiles?
Try working on the steps provided in the Article below for-
Tuning the Performance of the Symantec Endpoint Protection Manager console
http://www.symantec.com/docs/TECH105179
Monitoring Server Health on Symantec Endpoint Protection Manager
http://www.symantec.com/docs/TECH122731
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
What is the OS version ?
Regards
installl latest version of java, reboot the machine
Run a repair on the SEPM and see if your able to login..
Check same thread
https://www-secure.symantec.com/connect/forums/management-console-freezes-after-logging
https://www-secure.symantec.com/connect/forums/symantec-endpoint-protection-manager-hangs-login
What errors are you seeing in the Windows Event viewer?
I recommend upgrading to the latest build (RU6 MP2). There were a few "System Hang" issues resolved in newer builds.
RU6 MP2 - Network Threat Protection no longer causes applications to hang
Fix ID: 1859398
Symptom: System hangs after new virus definitions arrive and the AutoProtect Option "Rescan the Cache when new definitions load" is enabled
Solution: AutoProtect Rescan synchronization has been fixed
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
I think it just needed a reboot
thanks for the posts
If your problem is not resolved then Go for disaster recovery
How to prepare for disaster recovery
To perform disaster recovery, you must prepare for disaster recovery. You prepare for disaster recovery by backing up the database, disaster recovery file, and (optionally) the IP address and host name of the management server. As a best practice, you should store this data off-site at a secure location.
Differences between SEP 11.x and 12.1.x
Many of the individual files and data that had to be separately gathered in SEP 11.x are now generated and saved automatically by the SEPM into one file, the disaster recovery file. The recovery file includes the encryption password, keystore files, default domain ID, certificate files, license files, and port numbers. This file can be imported automatically during the disaster recovery process.
Similar data from Endpoint Protection Manager 11.x that has been manually compiled is also referred to as a "recovery file" but cannot be automatically imported. If you are installing version 12.1 to recover a previous 11.x installation, you must refer to this file manually. See Using 11.x disaster recovery files with Symantec Endpoint Protection Manager 12.1
Steps to prepare for disaster recovery
Task
Additional Information
Step 1: Back up the database.
Back up the database regularly, preferably weekly. The database backup folder is saved to the following directory:
Drive: \\Program Files\Symantec\Symantec Endpoint Protection Manager\data\backup.
The backup file is called date_timestamp.zip.
Step 2: Back up the disaster recovery file.
The recovery file includes the encryption password, keystore files, default domain ID, certificate files, license files, and port numbers. After you install the management server, copy the compressed recovery file to another computer. By default, the file is located in the following directory:
Drive:\\Program Files\Symantec\ Symantec Endpoint Protection Manager\Server Private Key Backup\recovery_timestamp.zip
■ The recovery file only stores the default domain ID; IDs for all domains (including the default domain) are stored in the database. If you have multiple domains and will be performing a disaster recovery without a database backup, you must re-add additional domains and their IDs after the SEPM is re-installed. See step 3 for instructions on backing up additional domain IDs.
■ If you update the self-signed certificate to a different certificate type, the management server creates a new recovery file. Because the recovery file has a timestamp, you can tell which file is the latest file.
Step 3: Create text file Backup.txt. Save to this file the IP address and host name of the management server, and all domain IDs beyond the default domain.
If you have a catastrophic hardware failure, you must reinstall the management server using the IP address and host name of the original management server, this is case sensitive. Add the IP address and host name to a text file that is called Backup.txt. If you have multiple domains and will be performing a disaster recovery without a database backup, you must recreate additional domains and their IDs after the SEPM is re-installed. Domain IDs may be found in the SEPM Admin view or in sylink.xml files.
Step 4: Copy the files you backed up in the previous steps to another computer.
Copy the backed up files to a computer in a secure location.
Performing the disaster recovery
A disaster recovery requires you to sequentially complete the following procedures:
Note that the recovery file should be used during the configuration of a new installation; if you use the recovery file to re-configure an existing installation, the Manager certificate can be restored but the existing default domain ID will not be changed unless you restore a database backup. Also, if you choose to configure the Manager as a replication partner, the default domain ID in the recovery file will be ignored and the Manager will use the domain ID(s) in the database of its replication partner.
If you do not have a database backup to restore
You can perform a disaster recovery without a database backup, but the following points apply in this case:
Re-enabling Federal Information Processing Standards (FIPS) 140-2 compliance:
After recovering the SEPM, it is necessary to re-enable FIPS compliance as this setting is not stored in the disaster recovery file.
Problem
How do I perform a disaster recovery when the database backup/restore process fails using the "Database Backup/Restore Wizard" for an Embedded Database?
Symptoms
Database backup/restore fails through the database backup and restore wizard
Cause
Inability of the "Database Backup/Restore Wizard" to access the database to launch a backup OR a restore operation
Solution
Follow the steps below to resolve this issue:
· ON THE OLD INSTALLATION
2. Copy the "Server Private Key Backup" folder from:
\\ProgramFiles\Symantec\ Symantec Endpoint Protection Manager\Server Private Key Backup
3. Paste it to another storage area (as it will be deleted during Symantec Endpoint protection Manager uninstall)
4. Stop the services "Symantec Embedded database" and the "Symantec Endpoint Protection Manager"
5. Copy the "db folder" from:
\\ProgramFiles\Symantec\ Symantec Endpoint Protection Manager\
6. Paste it to another storage area.
· ON THE NEW INSTALLATION AFTER THE DISASTER RECOVERY OF OPERATING SYSTEM (OS)
Warning: Re-installation of Symantec Endpoint Protection Manager needs to be done on the same IIS Port and Website for it restore client-server communication after the Disaster Recovery Process is complete.
1. Ensure that the server has the same IP Address and Host Name the Operating System has been Installed.
2. Install the "Symantec Endpoint Protection Manager" with the "Embedded Database" with the default settings.
3. Log in to the Console
4. Click Admin.
5. Select Tasks> Servers.
6. Under "View Servers", expand Local Site.
7. Click the that identifies the local site.
8. Select Tasks.
9. Click Manage Server Certificate.
10. In the "Welcome panel", click Next.
11. In the "Manage Server Certificate panel", select Update the Server Certificate
12. Click Next.
13. Under "Select the type of certificate to import", select JKS keystore.
14. Click Next.
Note: If one of the other certificate types has been implemented, select that type.
15. In the "JKS Keystore panel", click Browse.
16. Locate and select the backed up "keystore_.jks" keystore file.
17. Click OK
18. Open the "server_.xml" file
19. Select and copy the "keystore password."
20. Activate the "JKS Keystore" dialog box.
21. Paste the "keystore password" into the "Keystore" and "Key boxes."
Note: The only supported paste mechanism is Ctrl + V.
22. Click Next
Note: If you get an error message that says you have an invalid keystore file, you probably entered invalid passwords. Retry the password copy and paste. (This error message is misleading.)
23. In the "Complete panel", click Finish.
24. Stop the services Symantec Embedded database and the Symantec Endpoint Protection Manager
25. Go to:
\Program Files\Symantec Endpoint Protection Manager\
on the new "Symantec Endpoint Protection Manager" and rename the "Db" folder to "Db_new"
26. Move the "old db" folder under:
\Program Files\Symantec Endpoint Protection Manager\
27. Go to Administrative Tools> Data Sources ODBC
28. Ensure the database connectivity after the changing the database file location to:
\Program Files\Symantec Endpoint Protection Manager\db1\sem5.db
29. Start the service Symantec Embedded database
30. Run the Management Server Configuration Wizard
31. Click Yes to replace the database after entering the password
32. Login to the "Symantec Endpoint Protection Manager" using the OLD password.
33. Ensure that the Domain ID is same as it was on the old clients.
· If it not, follow the direction in the below document to restore the Domain ID. This will enable client communicationhttp://service1.symantec.com/support/ent-security.nsf/docid/2007082112135948
All of the clients should begin reporting back within approximately 30 minutes
Regards
Sayan
http://www.symantec.com/business/support/index?page=products&locale=en_us
you just needed to clean cache which console gathers on the local disk)
How do i clean the cache?
Would you like to reply?
Login or Register to post your comment.