Unmanage Detector is not woking
Updated: 21 May 2010 | 5 comments
This issue has been solved. See solution.
hello, I am configuring the unmanage detector. I have several groups and set up the detectors in the server group, but no workstation is displayed. I was experimenting and let a machine without SEP installed, the network for 4 days, and it was not displayed. Neither the home page or the notification that was set. My SEP Manager is in a VMWare ESX Server. Can someone help me?
discussion Filed Under:
Comments
Title: 'Best Practices: When
Title: 'Best Practices: When to use the "Find Unmanaged Computers" or "Unmanaged Detector" features in Symantec Endpoint Protection 11.0'
Document ID: 2008030514404548
> Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008030514404548?Open&seg=ent
Title: 'Setting notifications when using the "Unmanaged Detector" feature in the SEPM'
Document ID: 2008050813205048
> Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008050813205048?Open&seg=ent
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
http://seer.entsupport.symant
http://seer.entsupport.symantec.com/docs/330968.htm
To configure the client as an unmanaged detector, you must do the following actions:
Enable Network Threat Protection.
Switch the client to computer mode.
See Switching a client between user mode and computer mode.
Install the client on a computer that runs all the time.
Enable only Symantec Endpoint Protection clients as unmanaged detectors.
Also The computers should be in same subnet as the Unmanaged detector so is the client tht you have left without SEP is in the same subnet as Unmanaged detector ?
Best Practices: When to use the "Find Unmanaged Computers" or "Unmanaged Detector" features in Symantec Endpoint Protection 11.0
http://service1.symantec.com/support/ent-security....
Find Unmanaged Clients on a remote network location using the Unmanaged Detector
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/6970e5f4ae20b52149257635005543c4?OpenDocument
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Apparently the means SEP uses
Apparently the means SEP uses to detect unmanaged computers is not a routable protocol - as like you say, it MUST reside on the SAME subnet.
I've got one of the SEM/P servers acting as a detector on one subnet -the server subnet here.
Then we've got over 30 other subnets and I enable one here and there randomly on occasion as there are also a great number of false alerts - it finds access points, and other items as being computers running XP with no SEP, and occasionally reports a valid SEP computer as unmanaged. So it's a tool only, use it in conjunction with other things, not as the only means to find such holes.
In the land of VMWare and ESX and virtual switches and virtual NICs, it's going to cause you frustration.......... and it keeps showing me unmanaged machines, all with the VM MAC addresses, and there are no such machines running any Windows OS.
My sites - http://theamcpages.com & http://antique-engines.com
Toy:
Shadow:
if I have a network that will
if I have a network that will x.x.0.x ate x.x.19.x and the servers that I activated the detector is in this range. So, it should be working, right?
For some reason, still not
The detector was additive on 2 servers that were VMs .. is likely that the ARP is not working properly ... I turned the switch on a client station and started to generate the report. Thank you all ..
Would you like to reply?
Login or Register to post your comment.