Endpoint Protection

 View Only
  • 1.  Network Information out of date.

    Posted Aug 24, 2009 07:20 PM
    SEP 11.0.4014.26

    In my Symantec Endpoint Protection Manager Console --> Clients Button --> Clients Tab --> Network Information View, there does not seem to be a function to update the information in this view.

    I noticed that several of my clients had old DNS server settings. We fixed the clients and would like to ensure that we fixed them all. I tried to 'Refresh' but I think that only reloads the page. I have searched for this issue on this forum and www, but have not found any solution. What command do I send the client to reload the Network/System information?



  • 2.  RE: Network Information out of date.

    Posted Aug 24, 2009 08:00 PM
    The network information is something that comes from the client side to the SEPM hence you cannot make any chnages to it.
    But as its giving wrong information about the DNS on few clients you can go to Start > Run & type in  smc -stop & smc -start on the client side. & see if that helps you.

    If this does not help then try to uninstall & reinstall the client on one of the machine.


  • 3.  RE: Network Information out of date.

    Posted Aug 25, 2009 08:28 AM
    Hi,

           The client initiates the communication with the SEPM. Therefore the client when it communicates with the manager it gives its information. You mentioned that the client info is not available. Please check the following : -

    About communication problems
    Check network connectivity before you call Symantec Technical Support. Once that has been verified, check the communication between the client and the server.  For example, the client may not be receiving Policy updates or it may not be receiving Content updates.  It is important to gather as much information as possible about which communications are working and which are not.


    About checking the communication between the client and the management server
    If you have trouble with the client and the server communication, you should first check to make sure that there are no network problems. You can test the communication between the client and the management server in several ways.

    To view the client status in the management console:
    In the management console, on the Clients page, under "View Clients", select the group in which the client belongs.
    Look on the Clients tab.

    The client name should appear in the list next to an icon that shows the client
    status.



    About the client status icon on the client
    You can find the client status icon in the notification area of the taskbar on the client computer.  The icon appears as a yellow shield icon with a green dot when the client can
    communicate with the management server.


    Viewing the policy serial number
    You should check the policy serial number on the client to see if it matches the serial number that appears in the management console. If the client communicates
    with the management server and receives regular policy updates, the serial numbers should match.

    If the policy serial numbers do not match, you can try to manually update the policies on the client computer and check the troubleshooting logs.

    To view the policy serial number in the management console
    1.    In the management console, click Clients.
    2.    Under "View Clients", select the relevant group, and then select the Details tab.

    The policy serial number and the policy date appear at the bottom of the details list.

    To view the policy serial number on the client
    On the client computer, in the client user interface, click on the Help and Support button, select Troubleshooting.
    In the Management section, look at the policy serial number.


    The serial number should match the serial number of the policy that the management server pushes to the client.


    About performing a manual policy update to check the policy serial number
    You can perform a manual policy update to check whether or not the client receives the latest policy update. If the client does not receive the update, there might be
    a problem with the client and server communication.

    You can try a manual policy update by doing any of the following actions:


    In the client click on the Help and Support button, click Troubleshooting.  Under Policy Profile, click Update. You can use this method if you
    want to perform a manual update on a particular client.

    For the clients that are configured for pull mode, the management server downloads policies to the client at regular intervals (heartbeat). You can change
    the heartbeat interval so that policies are downloaded to the client group more quickly. After the heartbeat interval, you can check to see if the policy serial
    numbers match. (For the clients that are configured for push mode, the clients receive any policy updates immediately.)


    After you run a manual policy update, make sure that the policy serial number that appears in the client matches the serial number that appears in the
    management console.



    Using the ping command to test the connectivity to the management server
    You can try to ping the management server from the client computer to test connectivity.

    To use the ping command to test the connectivity to the management server

    1.    On the client, open a command prompt.
    2.    Type the ping command. For example:

    ping name

    Where name is the computer name of the management server. You can use the server IP address in place of the computer name. In either case, the
    command should return the server's correct IP address.


    If the ping command does not return the correct address, verify the DNS service for the client and check its routing path.



    Using a browser to test the connectivity to the management server
    You can use a Web browser to test the connectivity to the management server.

    To use a browser to test the connectivity to the management server:


    On the client computer open a Web browser, such as Internet Explorer.
    In the browser command line, type a command that is similar to either of the following commands:

    http://<management server IP address>/reporting/index.php

    If the reporting log-on Web page appears, the client can communicate with the management server.


    http://<management server name>:9090

    If the Symantec Endpoint Protection Manager Console page appears, the client can communicate with the management server.


    If a Web page does not appear, check for any network problems. Verify the DNS service for the client and check its routing path.


    Using Telnet to test the connectivity to the management server
    You can use Telnet to test the connectivity to the IIS server on the management server. If the client can Telnet to the management server's HTTP or HTTPS port,
    the client and the server can communicate. The default HTTP port is 8014 (80 for the earlier builds of SEP); the default HTTPS port is 443.

    Note: You might need to adjust your firewall rules so that the client computer can Telnet into the management server.

    For more information about the firewall, see the Administration Guide for Symantec Endpoint Protection and Symantec Network Access Control.

    To use Telnet to test the connectivity to the management server
    On the client computer, make sure the Telnet service is enabled and started.
    Open a command prompt and enter the Telnet command. For example:

    telnet ip address 8014

    where ip address is the IP address of the management server.


    If the Telnet connection fails, verify the client's DNS service and check its routing path.



    Checking the IIS logs on the management server
    You can check the IIS logs on the management server. The logs show GET and POST commands when the client and the server communicate.

    To enable logging in IIS:

    In the IIS manager, right click each site where you wish to have the logs (such as Reporting, Secars, etc.) and select Properties
    On the Virtual Directory tab: ensure a check in the box that corresponds to Log visits.
    Click OK.

    To check the IIS logs on the management server:

    On the management server, go to the IIS log files directory. A typical path to the directory is:

    \WINDOWS\system32\LogFiles\W3SVC1

    Open the most recent log file with a text application such as Notepad.
    For example, the log file name might be ex070924.log.

    Review the log messages.


    The file should include both GET and POST messages.



  • 4.  RE: Network Information out of date.

    Posted Apr 22, 2010 02:53 PM
      |   view attached

    I have a similar problem.  All of my PCs are checking in ok, but not all the Network Info is correct.  If I change the IP or DNS and then wait, SEPM gets updated correctly.  If I remove the WINS address, SEPM never changes.  We removed the last WINS server in 2009, but many clients still show as having a WINS setting.

    Thanks..Rick

    Attachment(s)

    docx
    SEPM.docx   13 KB 1 version


  • 5.  RE: Network Information out of date.

    Posted Apr 23, 2010 01:12 PM
    rkstr,  The best I was able to figure out was that some of this information is set static at install time. However there is no documentation of these "features" that I have found.

    However I did notice on the "Client System" view the service packs update correctly, when we are moving a system from XP SP2 to SP3. For some reason this functionality is broken in the "Network Information" view.


  • 6.  RE: Network Information out of date.

    Posted Apr 24, 2010 10:23 PM
    Hi Rick,

    If you could make a new thread we would appreciate it. I think you will find you get many more responses as well since most users will ignore the 35 week old threads. 

    Cheers
    Grant


  • 7.  RE: Network Information out of date.

    Posted Apr 26, 2010 10:51 AM

    Grant,
          Thank you for your amazing contribution to this discussion. Way to look into the underlieing problem and find a solution that will help us all.

    A Disgusted customer.