ビデオヘルプ
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Network Application Monitoring - Disabled at SEPM, still running on Clients

作成: 29 Mar 2013 | コメント数: 11

Scenario:

We recently upgraded to SEPM 12.1 and started installing SEP 12.1 clients on various workstations/servers.

We are now being prompted by Network Application Monitoring to allow programs access to the network.

This feature is disabled accross the board in SEPM.

Has anyone seen this issue?

Is there any solution/workaround?

オペレーティングシステム

コメント コメント数: 最新のコメントを表示

K33 の写真

hi,

You need to enable Enabled application

How to set up learned applications in the Symantec Endpoint Protection Manager

Article:TECH102994 | Created: 2007-01-29 | Updated: 2010-08-17 | Article URL http://www.symantec.com/docs/TECH102994

Check this how to enable

https://www-secure.symantec.com/connect/forums/network-application-monitoring-enable

.Brian の写真

What's the exact version of SEP/M?

Are the clients in Client Mode? Could it be possible a few enabled it? How many clients are affected?

You did verify it was OFF on the Policies tab on the Clients page? Are thle clients currently connecting to the SEPM to get the latest policy?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

keith.stf の写真

SEP/M: 12.1.2015.2015

All clients are in client mode, no exceptions.

All 12.1 clients are effected. 11.x clients are not.

All effected clients are connecting to SEPM and have the correct policy.

Thanks

.Brian の写真

Set a client to Server Mode as a test and check it again. In Client Mode, users have full control, maybe some enabled it.

If not the case, I would suggest a support call than. Since you're on latest SEPM perhaps it is a unknown bug. I have not seen this but I'm in Server Mode. Users have no rights to do anything to SEP in my environment.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

keith.stf の写真

Wait a minute!

I meant server mode, they are all in server mode.

My apologies.

.Brian の写真

Ahhh ok. Not sure than, sounds like a possible bug. Since you're on the latest SEPM version, it may be something that is not yet known.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Chetan Savade の写真

Hi,

I have not seen this before could you please provide us screenshot with details?

For testing purpose can you create a new default policy to test the result?

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

keith.stf の写真

Hi Chetan,

Thanks for looking at this.

Here is a shot of the popup we get.

sepnampopup.jpg

Here you can see we have this feature disabled at the top level.

sepnamoff.JPG

I have created a test group under My Company and left policy inheritance checked.

I moved my notebook to this group, confirmed the policy updated.

So far, I am unable to duplicate the issue.

Is there some other policy setting that causes these popups?

.Brian の写真

Do you have any firewall rules where the action is set to "Ask"?

I've seen this box when a rule is configured with this Action.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

.Brian の写真

Unless there is some hidden setting we're all missing, I'm leaning towards a bug.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.