update policy from SEPM
Created: 12 Aug 2012 | 15 comments
Dear All
I created a policy that block a secify website ( ex abc.com ) then assigned this policy to OU Computer
All computer in OU connected to Symantec Endpoint Protection Manager ( icon SEP show connected ) but only one computer in this OU can update policy, others can't
I don't know why, please help me
Discussion Filed Under:
Comments 15 Comments • Jump to latest comment
Hi,
Check Client policy no and gorip policy no ?
NTP services install or not in other sep client ?
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
NTP Service is sync with Domain controller.
What should i do now ?
Well, this list of policy serial number seems up-to-date (most of them from 13th August 2012, which is today).
What is your problem exactly? is there any more recent policy available (if yes, show us screenshot of Details tab to see current group's policy serial number)? or is it that expected network traffic is not blocked?
Please remember to mark the proper comment as SOLUTION:
- to identify threads that do not require further assistance
- to let other visitors know how to fix such issue
NTP Network Threat Protection.
If this service not available in SEP client not received any policy.
check the policy serial number at both ends the SEPM and the Client ends.
Edit..
Please Check both SEP client where is policy are applied or not applied NTP service on or off and check restart SEP client where is policy not applied
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
I have checked policy serial number at both ends the SEPM and the client ends, the results is the same
but Client not compliance with this policy ? what shoul i do next at the moment ?
Hi,
Replace syslink.xml file and check policy are applied or not ???
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Hi,
Also for testing purpose restart the sep client service on 2-3 computers or reboot the computers & check.
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Please repair the SEP client
Regards
Does the client not update it when you click "Update"?
SEP Knowledge Base
Endpoint SWAT
NTP policy changes at times requires a reboot. If the policy serial number is the same at both the ends, try a reboot.
hi,
Try to force update policy and restart system.
Thanks....
Don't forget to mark your thread as 'SOLVED' with the answer that best helped you
SEP client can update everthing, the policy number at the both ends is the same
i have tried reboot client but not done
below picture captured show that only one computer (No 3) can compy with poliy and update policy normally, other can update policy normally, and status same to the No 3 Computer but can't comply that policy
i haven't still resoveld that problem !, help me now ?!!!
Ok so, as far as I understood, all clients are able to download policies and communicate with SEPM, but only of them (no.3) actually apply your rule to block traffic. Is that correct?
If yes, you need to confirm Network Threat Protection module has been installed on other machines (check in Add/Remove Programs > SEP > Change), and that they have been rebooted (required to have Firewall/IPS driver running).
What is the OS installed on these machines? If it is Windows 7 SP1, you will need to install RU7 or newer, as older version are not supported on this system (http://www.symantec.com/docs/TECH167664).
Please remember to mark the proper comment as SOLUTION:
- to identify threads that do not require further assistance
- to let other visitors know how to fix such issue
Also for testing purpose export new package on same group on install on 1-2 system and check policy are applied or not ?
Thanks....
Don't forget to mark your thread as 'SOLVED' with the answer that best helped you
There are two things that you will need to check
1> Is NTP feature installed on all the computers??
2> Are you using any Custom IPS policy in the network, you can try to use the serdef.dat file from and working machine and try to put it on a serdef.dat from a non working machine, the default location for the file is c:\program files\symantec\symantec endpoint protection\
And also the version that I am seeing is 11.0.5000 i.e MR5 version this a very old version and had few major issues, I would recommend you to upgrade to the latest build, but make sure you follow the best practice document before you upgrade.
Would you like to reply?
Login or Register to post your comment.