Endpoint Protection Small Business
metalplane
|
November 21st, 2009
I recently received a virus warning that I am infected with the Pidief.F Trojan. I followed the removal instructions that asked me to remove a number of Registry entries. I could not find any of them, even with the "Find", searching the entire registry file.
I am using XP and System Works 2006. Everything has been updated.
How can I tell what's triggering the warning, and are there variants I should be looking for in the registry?
Security, Malicious Code, Security Risks, Configuring, Tip/How to, Endpoint Protection Small Business
1 comments
ManInBlack
|
November 20th, 2009
I have a site that has 3 branch offices. HQ communicates with the branches via SDSL and the connection speeds are reasonable. I don't really want the link between sites compromised by chatter between the SEP clients and the SYmantec Protection Centre at HQ. Is there some way to have a download/policy proxy server running at the branches?
2 comments
pperry803
|
November 19th, 2009
I upgraded a Small Business Server 2008 server to Endpoint Protection Small Business Edition 12 MR1. Everything upgraded fine from 12.0 on the server and clients. However Endpoint Protection Center is reporting all clients disabled th even though they're not. I don't have Network Threat Protection installed on the clients though and I haven't prior to MR1 without issue. When I click on the reported number of clients (7) the report shows "Disabled(Network Threat Protection is off)" for all the clients.
Pete
Endpoint Protection
Up-to-date
0
Out-of-date
0
Offline
0
Disabled
7
Total Endpoints
7
4 comments
dis737
|
November 19th, 2009
I know this may be a stupid question, but I am confused
How can I tell which version I am running?
My SAV corporate edition console says 8.1.0.825
My SMSME says 5.0.7.373
But my license says Multi-tier protection 11.0.2 ???
I am adding Win7 clients to the network so I need compatible client software.
Thx.
2 comments
soloslinger
|
November 19th, 2009
I can't seem to figure out how to do this. I have searched for information, but most of it is for SEP 11. When I create an SEP install package from SEPM, neither SEPM nor SEP on the target machine prompt me for a drive choice. I looked at the config files to see if there was something I could tweak, but didn't see anything useful.
Can someone point me in the right direction?
soloslinger
3 comments
Paul Kuefler
|
November 19th, 2009
Does anyone have any performance tuning suggestions. There are a bunch for version 11 but there doesn't seem to be any articles on 12. I currently have it installed on a Windows 2003 SBS and on Windows XP SP3 clients. Network performance has been decrease. I have turned of Autoprotect on the server. Any help is much appreciated.
2 comments
atifnoor
|
November 19th, 2009
I have installed Symentic Endpoint Protection Management Consol on Windows Server 2003 R2 32 Bit. but after the installation of SEP Management Consol i am unable to Connect to Symentic Site. All other Sites can be opened except www.symentic.com
unbale to ping the www.symentic.com
unable to tracrt www.symentic.com
sol the system is able to open the Symentic Site
Kindly provide me the solution regarding this.
Thanks,
2 comments
cas_cody
|
November 18th, 2009
I'm trying to uninstall the SEP client from a machine but it keeps telling me another installation is in progress, but there isn't?
Any ideas?
Thank you
2 comments
Veetje
|
November 18th, 2009
If I have 56 SEPM with each >100 workstations.
The SEPM do not communicate yet.
What is the best practice to reconfigure the SEPM's.
6 comments
kovas
|
November 18th, 2009
Hi,
now we are using Symantec System Center Antivirus 10.1 in our infrastructure.
We would like to migrate to Endpoint Protection for better management and security reasons as we need to protect server and client computers. How this product is licensing? can we cover any licenses from Symantec System Center Antivirus in order to use Endpoint Protection.
Could we install Endpoint Protection on windows 2008 server as Symantec System Center Antivirus does not support windows 2008 yet?
thanks
aurimas
6 comments
ManInBlack
|
November 16th, 2009
Please see here:
https://www-secure.symantec.com/connect/forums/windows-security-centre-warnings
Posted to wrong forum.
Can anybody assist?
4 comments
HaroldLSJ
|
November 12th, 2009
Is there a work around for attacks turning off Phishing Protection using the bug in Microsoft Internet Explorer? I have Norton Internet Security (up to date) on a Windows XP work station tied to a very high speed internet connection. The default browser is FireFox, but the system also has MS-IE installed - both current versions. Regular weekly virus scans and daily quick scans do not reveal any threats. However, attackers have twice (2) breached the firewall using a technique of bringing up an MS-IE window to turn off Phishing Protection. If I manually turn Phishing Protection back on during the attack, the MS-IE window will go away and disk access halts. During the attack, all disks become active including an external bank of USB drives. Does anyone have any work arounds for this problem?
1 comments
fkoali
|
November 11th, 2009
Dear All
i'm working in institute , which has for its main server windows 2000 & and isa 2000 , i made another new server with operatnig system 2003 server , isa 2006 & i installed symantec endpoint 11 SEM on the new server , this is becuse that i had employee clients wich benefit from the first server and student client which benefit from the second one , the problem or the question is that when i made the second server is the main server for symantec for both student and employee they works good and the symantec clients updated properly with no trouble, but when i install isa 2006 on it it still working good , but when i configure the web chainig rule in isa 2006 to obtain internet for local clients ( student) and put the first server in upstream proxy server this rule block the green dot which appeare in the tool bar and it disapeare to be green for all clients (employee and students ) , i suppose that this rule...
2 comments
Brian_
|
November 11th, 2009
I am currently running a trial of SEP 12 Small Business Edition. In the past with SAV 10 from the Console I was able to run a scan of my network to detect computers that were either running another Antivirus or no Antivirus at all. Is there a way to do that in SEP 12? I am strongly considering moving over to it from our current AV solution, but would like a way to make sure that all of my computers get it.
2 comments
rwrogerssdc
|
November 11th, 2009
I have installed SEP 12.0 MC on a Windows 2008 x64 Dell server. After reboot, any attempt to use IE or view network properties causes the server to freeze. Any ideas how to resolve this?
5 comments
Naor Penso
|
November 11th, 2009
Today,
you can define how much the anti-virus gets inside a zip file (up to X times). but if the zip is inside a larger amount of zip's then the anti-virus transfers it like is OK,
and it could be malicious (refer to en.wikipedia.org/wiki/Zip_bomb for example).
I want to be alerted when a file is zipped for more then X times (could be 10 could be 100) and I want to be able to block zip files that are zipped for more then X times.
Its a serious threat that isn't dealt by any Security company.
It could also refer to Vontu DLP with its file scanning engine (it could be a way to extract confidential data outside the organization)
It could also refer to Bright Mail when it receives malicious mails.
Hope to see it soon.
Thanks.
11.x, Emerging Threats, Security, Features, Brightmail Gateway, Data Loss Prevention (Vontu), Endpoint Protection (AntiVirus), Endpoint Protection Small Business
1 comments
GetWireless
|
November 10th, 2009
We had a reseller install Endpoint Protection and then migrate our servers and work stations from Antiviris. Is was recommended that we only use Antivirus and not the other protection technologies available. Is this standard practice? Will enabling the other technologies slow down work station performance or the network?
Thanks very much in advance,
Bryan
5 comments
Andrew_H
|
November 10th, 2009
I'm trying to do a remote install of SEP 11.05 to a Windows 7 32-bit PC using the Migration and Deployment Wizard.
It fails with the error "Unable to copy file C:\DOCUME~1\....\vprxx.tmp - Access is denied".
Searching the KB, this matches a similar error condition with "The network path was not found" instead of "Access is denied" . Both the C$ and the Admin$ shares were previously present and didn't need to be created.
As an experiment, I've tried giving the SYSTEM user full control over the C:\Temp directory on the target machine. This allows the remote installation to succeed (although Windows 7 gives notification that a program wants to display a message, the program being the MSI installation file, which may be its normal behaviour) - but this required changing security on the target machine, which sounds impractical if there are hundreds of target machines. I'm also not sure what the...
3 comments
Daniel Cabral
|
November 9th, 2009
Together with the settings to choose the number of kept revisions there would e an option where you select the drive\path to store this content.
Currently there is no way to store this data in anyplace other than the folder where SEPM were istalled.
0 comments
PHXX
|
November 9th, 2009
I have one machine on the network that keeps getting detections fro Trojan Horse Viral. (risk type) it keeps finding them in the users lcoalsettings/temp directory, or it creates them their? There seems to be no other information regarding htis virus. As to what Trojan it is or any other info. I do full scans and then delete everythign in the temp directory but it seems to come back next time i do another full scan. (I have turned of system restore and done scans). Is there anyway to find out specifically what Trojan this is or suggestion for removing it?
Symantec Endpoint Protection Small Business Edition, Risk Type - Trojan Horse Viral. c:\Documents and Settings\myuser\Local Settings\Temp\DWHA85A.tmp
1 comments
Emerson Torrey
|
November 6th, 2009
After installing the Endpoint Small Business Client on a Windows 2008 SQL server the program that we run (Vision 6.1) will not run on any other computers. The program is accessed through the web browser. We get an error loading the page.
Has anyone run into this issue.
2 comments
drew at NF
|
November 6th, 2009
AVG has a nifty thing called LinkScanner (see: http://www.linkscanner.avg.com/). Most of the infected machines that I have to work with recently have gotten infected via the web. Does SEPSBE 12 have this type of funtionality built in or available as a addon?
1 comments
wherman
|
November 4th, 2009
As many of you know, windows 7 includes "XP Mode" for Enterprise and Professional versions. If you aren't aware of the feature, it is pretty much a preconfigured Virtual PC image of Windows XP that is able to have programs called from the windows 7 start menu.
My question is about licensing of the SEP and SEP SBE. Since the host is licensed can you install SEP on the VM have the without taking up a license? Does it matter if it's managed or unmanaged?
2 comments
bigbeeus
|
November 4th, 2009
I have a client that purched the retail box of SEPM for Microsoft Small Business Server 2003. It is currently running version 11.0.1000.1375. How do I download the latest service packs for the server manager to get them upgraded?
Thanks.
2 comments
Aniket Amdekar
|
November 4th, 2009
About Winsock:
The Winsock is a technical specification that defines how Windows network software should access network services, especially TCP/IP. It defines a standard interface between a Windows TCP/IP client application (such as an FTP client or a Gopher client) and the underlying TCP/IP protocol stack.
A Windows XP machine can sometimes have its WINSOCK catalog become corrupted and it appears like a network connection is disabled. In that case one of the symptoms is, if you use the ping command, it gives you arbitary characters in the output.
example: In command prompt, type
PING 127.0.0.1
you will see the reply
pinging °ÿ with 32 bytes of data
That °ÿ is the telltale sign that the WINSOCK catalog is corrupted.
You can use the netsh command utility to repair the winsock. Please enter the following command in the command prompt:
netsh winsock reset catalog
Reboot the machine. The issue will be resolved.
The command above, will reset winsock catalog...
11.x, Security, 10.x, Drivers, Windows, Endpoint Protection (AntiVirus), Tip/How to, Endpoint Protection Small Business, General Symantec
0 comments