Video Screencast Help

What does IIS provide to 12.1 clients from SEPM 12.1?

Created: 06 Mar 2013 • Updated: 06 Mar 2013 | 5 comments
This issue has been solved. See solution.

 

That is my main question.  More specifically, when a SEPM 12.1 is installed on Windows 2008r2,

what do the IIS roles mentioned in the KB at http://www.symantec.com/docs/TECH95926  as being necessary to a SEPM installation 

do for the clients,  

other than enabling the secars test to work?

 

Contrary to that KB doc,  all of our 12.1 SEPMs have installed without IIS being enabled.  I have used SEPM pubbeta, 12.1.1000 and 12.1.1101.

 

As we have not seen widespread client issues, I want to better understand what enabling IIS will do for us, 

to better explain to management why I am reconfiguring the host server  

 

Thanks

 

 

 

 

Comments 5 CommentsJump to latest comment

.Brian's picture

My understanding was IIS was not necessary in 12.1 as it had been replaced by Apache

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mohan Babu's picture

I agree with Brian but incase if you migrated from SEP 11.x to SEP 12.1

We need to look into IIS in case of communication issues with SEP clients & SEPM

How to bypass the IIS proxy after migrating to Symantec Endpoint Protection 12.1

http://www.symantec.com/docs/TECH161964

 

Version 12.1 uses Apache instead of IIS for providing Web services to the Symantec Endpoint Protection Manager. To make sure that the migration goes smoothly, an ISAPI  proxy is used to pass SEP Client communications from IIS to Apache when you upgrade to Symantec Endpoint Protection 12.1. After the migration completes, you can bypass the proxy to improve server performance.

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

John Cooperfield's picture

 

All my 12.1 SEPMs start as v12.1.  None are migrated from v11.

The _new_  secars test described here http://www.symantec.com/docs/TECH102682 fails on my clients, which is why this came up.

 

Will Apache serve the secars test ?  The secars error we get says the WWW service is not enabled on the SEPM  (which is Win 2003 language for IIS roles in Win 2008, I think).

 

Thanks

 

.Brian's picture

Per this article:

What is the Endpoint Protection 12.1 IIS ISAPI proxy and when is it installed?

Article:TECH180596  |  Created: 2012-02-02  |  Updated: 2012-07-06  |  Article URL http://www.symantec.com/docs/TECH180596

 

The Symantec Endpoint Protection manager (SEPM) 11.0 utilizes Microsoft's Internet Information Server (IIS) to provide a path for client communications. In Endpoint Protection (SEP) 12.1 this responsibility has been given to an included instance of the Apache Web Server (Apache, http://httpd.apache.org/). During migration of the SEPM from 11.0 to 12.1 the 11.0 IIS website is migrated. If the IIS proxy (or IIS ISAPI exstension) is used to ensure clients to not become orphaned.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
John Cooperfield's picture

 

Thnak you all.   I may have to start a separate for thread for our secars failures.