Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Testing 12.1 - constant alerts about disabled components

Created: 04 Feb 2013 | 9 comments

I'm currently doing a test pilot (about 10 Vista and Win7 32-bit PCs). All upgraded from 11 version to the latest 12.1 via push deploy. I check management console once per day and almost every day i see reports about some components disabled at various machines (usually Download Insight, sometimes SONAR and other stuff). I'm afraid to deploy it to all 220 PCs as it will flood me with such alerts. Should i ignore this and this is "normal"? Usually after some times such alerts disappear, but as i'm responsible for this system i MUST check every problem and make sure everything is working. There is no other security software on the PCs and 11 version didn't had such troubles. Should i disable browser plugin? Can i do it from the management console for all the machines?

Comments 9 CommentsJump to latest comment

Rafeeq's picture

check this document

Error: "Download Insight is disabled" on a managed Symantec Endpoint Protection 12.1 client

http://www.symantec.com/business/support/index?page=content&id=TECH171763
Mithun Sanghavi's picture

Hello,

What version of SEP 12.1 are you testing??

Is the Tamper Protection disabled for the SEP clients?

  1. Enable the Feature in question.
  2. For Tamper Protection: Login to the SEPM > Clients > Select the client group for the clients affected >  Policies tab > Settings > General Settings > Tamper Protection tab > Select "Protect Symantec security software from being tampered with or shut down"
  3. As the SEP clients check in (Per Heartbeat) they will get this changed setting and enable Tamper Protection. Check the SEPM Endpoint Status after 1 heartbeat.
  4. Follow the steps provided in the Articles below:

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

.Brian's picture

Do you have all components enabled in the policies?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

Were the machines rebooted after the upgrade from 11.x to 12.1 - during this installation upgrade is normally required and until this is done - some of the components will be disabled.

wroot's picture

Download Insight is enabled in the policy.

I'm testing with 12.1.2015.2015. SEPM has been also updated from 11 to this 12.1 version and packages were exported for a deployment (Full protection for clients).

Tamper protection is enabled in the policy.

I have everything enabled in the policy except for Lotus Notes Auto-Protect as we don't use Lotus.

Machines were rebooted after the upgrade and many times, since upgrade was done few weeks ago and machines are turned off daily.

wroot's picture

Any ideas? I have noticed, that if i check the console late in the day and not in the morning, then there is less such messages. It seems that it updates over the time, but at first i get messages about components disabled or out-of-date.

wroot's picture

I have tried to disable Download Insight policy for the testing group. Doesn't change anything. Still getting notifications about out-of-date Download protection content (though it should only notify about 10 days old content).

ThaveshinP's picture

Same here as well - running SEP 12 RU2.Showing disabled - but after a heartbeat or reboot of the machine/server it comes right..is it a bug?

wroot's picture

Don't know yet. I have opened a case and now investigating this with a support technician.