Endpoint Protection

 View Only

  • 1.  issues with SEP 14 client on servers

    Posted Feb 02, 2017 09:28 AM

    I am experiencing some issues and it does not appear to be any consistency except for the version 14 client.

    let me explain...

    We have various OS versions in play here any it is not limteded to a specific OS.  these issue are being experienced on server 2008R2, 2012R2 and 2016

    The issues occur on servers that have different work loads on them ( meaning: it happens on a SQL box, Exchange box, files server, etc...)  it does not seem to be application specific is what I mean.

    Now to the importan part, what are my issues you ask:

    Issue 1: we have a small handful of servers that are showing outdated virus definitions. I have a notification set to email me if a client is showing outdated definitions older than 3 days.  so far, one client meets this criteria (that it is 3 days old) the other clients (3 of them) are not quite 3 days old yet, but will be.

    Each server is showing a last communication time with the server as recent.  within hours in the same say

    the servers have free space. 2 servers are 2016 and 2 and 2008R2. In this particular case, all these servers are VMs.  what else can i look at for this?

    Issue 2: a much larger portion of servers are show very very old last scan dates. if i look at the scan logs of these clinets, they are showing that they are still scanning and have not completed.  if it was a file server or a vm server, i would accept this within a day or two. But i have clients showing as old as Jan 22nd.  thats not right.

    The mix of server (OS wise) is larger. 2008R2 - 2016; VMs and Physicals are affected. Also, the server applications are all over the place.  SQL, Exchange, a proxy server, file servers, VM hosts etc...

    I have issues an update content and scan command from the managemer console and it does not work. I have rebooted the boxes manually (as part of windows updates and maintenance cycles.  this helped for some but not all.  if anything it just changed the last scan date to that day or the day after not nothing more.

    I am up for suggestion, i will upload logs, i will provide you with any additional infomation you need.  please let me know what you need.

    Thanks,

     

    Ian



  • 2.  RE: issues with SEP 14 client on servers

    Posted Feb 02, 2017 01:13 PM

    maybe content is corrupted? did you use the symdiag utulity?

    this version of 14 is not good. probably a bug or two.



  • 3.  RE: issues with SEP 14 client on servers

    Posted Feb 02, 2017 01:25 PM

    running sysdiag now. will upload the results.

     



  • 4.  RE: issues with SEP 14 client on servers

    Posted Feb 02, 2017 01:52 PM

    ok, after running sysdiag, it showed that the defintions were corrupt and gave me the option to fix them from the sysdiag tool

    i did fix it for the this one client and it seemes to work.  however, what about the other clients that are having the definitiions issues?  i dont want to have to manually fix them now for this to happen again tomorrow or next week.

    are there any server log (on the client or on the console server) that i could review to see what the checking for updates and a reply that they are corrupt?

     



  • 5.  RE: issues with SEP 14 client on servers

    Posted Feb 02, 2017 01:55 PM

    not really. it's all manual