Endpoint Protection

 View Only

  • 1.  System Lockdown Configuration Issue

    Posted Mar 13, 2013 06:53 AM

    I'm trying to set up System Lockdown on our SEP 12.1.2 server, and am using HOWTO81094 for guidance. I've created file fingerpint list using checksum. However, when I try to import the list in the options for System Lockdown (under Approved Applications), I am unable to add the list. When I click on Add, I get an error saying..."There are no file fingerprint lists available to add". Any ideas why this is happening? Thanks!



  • 2.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 07:05 AM

    did you already import it? as per this document.

     http://www.symantec.com/business/support/index?page=content&id=HOWTO80855.



  • 3.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 07:16 AM

    I'm trying to import it - no luck. At step 3 of HOWTO80855, I get the above listed error (There are no fingerprint lists available to add).



  • 4.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 07:37 AM

    Is this just a simple .txt file or some other format?



  • 5.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 07:39 AM

    Have you tried this?

    http://www.symantec.com/docs/TECH187985
    http://www.symantec.com/docs/HOWTO27327



  • 6.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 07:43 AM

    Following on from your issues using your stated article, are the files placed locally on the SEPM or served over the network?  and which method are you using (UNC/FTP/HTTP/etc)?



  • 7.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 07:49 AM

    The file created is a .txt file and is already in the ANSI format. I'm not even getting the option to choose a file though (to import).



  • 8.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 08:14 AM

    I'm a little lost as to where you're encountering this message.

    Are you trying to manually add this now, as opposed to using the automated process?



  • 9.  RE: System Lockdown Configuration Issue
    Best Answer

    Posted Mar 13, 2013 08:47 AM

     

    Perhaps you could provide a few screenies to help illustrate what is going on?

    I've just tested the steps in HOWTO81094 and they appear to work fine for me.  Maybe you could show us what's in your index.ini too?

    Here's what I did:

    1. Click on POLICIES -> Policy Components -> File Fingerprint Lists
    2. Added new fingerprint list called testfilefingerprint using test.txt (see attached files)
    3. Placed index.ini and testmore.txt (attached, rename index.txt to index.ini first) in the "%Program Files%\Symantec\Symantec Endpoint Protection Manager\data\inbox\WhitelistBlacklist\content" directory
    4. Waited for it to update

    Note: This assumes you're testing using the SEPM's default domain

    Attachment(s)

    txt
    index.txt   165 B 1 version
    txt
    test_0.txt   133 B 1 version
    txt
    testmore.txt   44 KB 1 version


  • 10.  RE: System Lockdown Configuration Issue

    Posted Mar 13, 2013 12:23 PM

    I found the issue. I must have had an issue with method using placement of index.ini and text file (.ini syntax?). When I used method to import fingerprint list via HOWTO80855 (I was missing a step on this initially!), everything worked great. This is very powerful! Thanks all for the help!!