Video Screencast Help
Security Community Blog
Showing posts tagged with Basics
Showing posts in English
IanZ | 20 Jul 2009 | 1 comment

Last year, we started looking at SEP11. As we're still running on SAV8 for majority of the servers and clients, with a few SAV9 and SAV10, I believe it's about time to start upgrading to the latest version. I checked the features, documentations, forums, blogs, articles and everything about SEP and I'm getting a negative feedback, a lot of people are complaining. Some even call it a nightmare! Very discouraging. I kept on thinking, as the Server Technology Analyst and only 1 year with the company, I don't want to risk my new job as well as mess around with the servers. Is SEP11 ready for primetime, or is it a disaster? SEP11 is September 11, hmmm, a 9/11 disaster! So we didn't rushed to deploy this. Instead, I started working on test servers and clients. At the same time, as I'm the only one who's going to deploy and implement this, I need to have a plan, a very safe one.

I created a project plan, first looking at the existing SSC setup and...

Abhishek Pradhan | 14 Jul 2009 | 0 comments

1 To prevent an automatic sweep of the database until after a backup occurs, increase the Site Properties Log Settings to their maximum permissible value.

2 Perform the backup, as you may feel appropriate.

3 On the computer where the manager is installed, open a Web browser and type the following URL:

https://localhost:8443/servlet/ConsoleServlet?Acti...

After you have performed this task, the log entries for all types of logs are saved in the alternate database table. The original table is kept until the next sweep is initiated.

4 To empty all but the most current entries, perform a second sweep. The original table is cleared and entries then start to be stored there again.

5 Reconfigure the Site Properties Log Settings to the initial preferred values.

Kedar Mohile | 20 Jun 2009 | 3 comments

Disk full message erroneously appears when downloading LiveUpdate updates

If your network environment already supports the proxy servers that are compliant with the HTTP 1.1 protocol or later, you can disregard this entry.

After you have tried to download LiveUpdate for the first time, the following message might appear:

"LU1863: Insufficient free disk space
There is not enough free disk space for LiveUpdate to operate properly. Please free up disk space on your computer and run LiveUpdate again."

You might have insufficient disk space. However, it is much more probable that this message appears in error because the proxy server is unable to send the correct Contents-Length header field.

This error message might appear on Symantec Endpoint Protection Manager, a Symantec Endpoint Protection client, or a Symantec Network Access Control client.

You should verify that the disk...

Kedar Mohile | 16 Jun 2009 | 1 comment

Takes a long time for Firewall Policy Overview page to appear when running with more than 500 groups in SEP Manager...

For more than 500 groups, it takes 1.5 minutes to display the Firewall Policy Overview page

If you click the Add a Firewall Policy command, it can take up to 1.5 minutes for the Firewall Policy Overview page to appear. This occurs if the management server contains 500 or more groups. The problem occurs because it takes time for the Overview page displays all the groups and locations that the existing firewall policies are assigned to.

This happens due to the "locationCounting" settings enabled which is used to count and display the same for the user every time the page is attempted to open. When you have a higher number lets say more then 500 it takes ~1.5 mins to count and display the same.

To work around this issue, perform the following steps:

Close all instances of the Symantec Endpoint Protection Manager Console....

LeslieMiller | 12 Jun 2009 | 8 comments

We're excited to announce the runners up for the Tell Your Story Contests. The following users will receive 3,000 Connect Rewards Points each.

Backup and Archiving

Andrew Gordon

CraigV

Clewis

Sheena K.

Srini_Ris

Security

Erikw

Brav

...

Michel Ramirez | 11 Jun 2009 | 0 comments

Hello Everyone!
The user group board of directors would like to thank everyone who attended the meeting. I have gone ahead and attached the slides from the two presentations that took place. If anyone would like to present or host a future meeting please let us know. Also please spread the word about our group! The experience and knowledge of our group grows with each new member.

MattBarber | 08 Jun 2009 | 0 comments

If you ever have a question of whether or not your data is actually getting into the SEPM, a good first place to check would be in the following location:  Depending on your install directory (mine is D:\) navigate to \Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\agentinfo.  This is where information enters the SEPM from the clients.  You should be able to watch data come in and out of this folder.  There should only be a handful of files (at most) in this location.  This is a very helpful troubleshooting step when there is concern about getting data from the clients into the SEPM.  Believe it or not, a repair on the SEPM can get data flowing again if you are having this issue.  Remember never install a Maintenance pack without installing the cooresponding Maintenance Release first, even if Symantec Support tells you to.  ie, install MR .4000 before installing MP .4014.  Seems very basic,...

Kedar Mohile | 05 Jun 2009 | 5 comments

After you configure database maintenance options, the new options are applied at midnight, and not immediately.

To configure the database options:

  1. In the console, click Admin > Servers, and then select a site.
  2. Under Tasks, click Edit Site Properties, and then click the Database tab.

To configure the management server to apply the database maintenance options immediately, you can configure the conf.properties file.

To configure the config.properties file:

  1. Open the conf.properties file, located in the C:\Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\etc directory by default.
  2. Change the following parameters:
  • Change scm.object.idletime=3600000 (in milliseconds) to a smaller number. The default setting is 1 month.
  • Change scm.timer.objectsweep=900 (in seconds) to a smaller number.The default setting...
MattBarber | 04 Jun 2009 | 0 comments

This is a basic but helpful approach to environments with one SEPM and many locations with small numbers of clients.

We have deployed SEP to our retail locations (approx. 160) where each store is it's own group of clients and each store falls into one of eight retail regions.  The way to get SEP clients to report to a specific group after install is to export the install package from the SEPM and associate it with a particular group.  We have had much success with creating a "Deployment" group within the console and exporting an install package from this group.  This way we install all of our retail locations to this group, and we can manually assign clients to their appropriate group via the Symantec Console.  Each store uses all the same policies (shared) except for their LiveUpdate policy, which is a non-shared policy used to identify a GUP for each store.  So far this has gone very well, and rollout went from being a "...

thaller | 03 Jun 2009 | 1 comment

Hello all,

This is my first blog post, but I hope to continue these in the future as situations arise, to help others with their SEP Deployments.

At my Organization we currently have 2 SEP Managers (MR4 MP1), that are replicating between each other. Our primary site is running on a Windows 2003 R2 SP2 Machine and has its DB on a separate server running SQL 2005 SP2 on a Windows 2003 R2 SP2 machine. Our Secondary Site is on a Windows 2003 R2 SP2 Machine running SQL 2005 SP2 on the same machine. These Sites are connected over a DS3 WAN Link approx. 200 Mi apart.

This past weekend the blade that is running the primary sites SQL DB failed, and the SEP Manager informed all of our administrators approx. 5-10 min prior to our other monitoring solution. I know that this looks bad for our primary server monitoring system, however SEP alerted us to a Database Down incident first, which got the ball rolling, and it also pointed out that we need to fine tune our primary...