Endpoint Protection

Hi,

Are we obliged to download the full version (CD1 291Mo, CD2 511Mo)? Or is it another location?



Al lister, very angry...

Yes, both CDs.
It's the best so far.......  it's what 11.00.00.0000 should have been.............

Ok, thanks alot for replying so quickly :)

And I totally agree with you, when you see the price you buy it, you don't have to lose time searching solutions... Anyway...

Ok, Ru5 downloaded, and still problems to deploy clients (14 clients good, but no more want to install), and my definitions are still outdated (6 oct. 2009) when my server is good (19 nov. 2009 rev40). And what does Symantec say? "Uninstall and reinstall, it'll be fine"...  Be sure next year I won't buy it anymore.

An admin can delete my profile, and this post, I'll never come back here, good community, but I hate scammers. When I see people have bought it for 2000 PCs... I'm lucky I just have120...

Go Avast ! (kidding of course)

 If your clients are communicating with SEPM will upgrade shortly.Once you are on a higher version the software will work perfectly as expected. But ya you need some pateince till initial setup is complete.

Did you try support?
Read any KB articles?
Post your logs on here for the community to assist you?

I have it running at multiple clients with over 50,000 installs and whilst it is not without its problems it works if you know what you are doing.
Current client has 300,000+ and I am sure there will be loads of little issues but you just need to work through them and make it functional.

SEP has a brilliant feature set and very strong detection rates, most of the issues come to down configuration.

[Edited by admin]

Z

Hi

"And what does Symantec say?" .. are you referring to a conversation you had with a technical support enigneer? PLease make sure that you have utilized all the options available (Knowledgebase, Symantec Forums, Technical Support ) before jumping to any conclusions.

Aniket

Here-here!
Yes.
I agree there are issues - no product, even SEP, is without issues, and in our case, there's a couple of doozies that even Cisco now says is SEP gone wild, but until I hear the "final answer" from some high-level person, I don't give up.
(anyone who has followed my going on 2 decades with Symantec forums in some form or another knows I don't give up easily - I'm relentless and don't quit until I hit a wall so high Spiderman couldn't scale it)

I've got 2, possibly 3 major issues till pending, unresolved and one of them goes on for nearly a year, but I'm not quitting.
For one thing, it COSTS big-time in time and money to change, you have to be REALLY REALLY sure it's what is needed before you jump and switch. And - the grass isn't always greener. For me, it would cost so bloody much, it's believe it or not, worthwhile to stick with these issues until resolved because the uninstall, reinstall, learning time, training of other staff, justification process I'd have to go through - geesh, the product would have to have a REAL show stopper before we'd even think of getting approval to spend the cash for a switch right now.
Pick up that phone and get 'er done.
I'm afraid if you give up so easily, then perhaps you might trade cars every month, too?

Here's the thing - so many folks have NO issues at all with installs - if you do, then you need to look at "what's different"........... nothing is truly arbitrary in software - there is always a reason, sometimes environmental. Sometimes it's an issue with something else that SEP comes in and brings to the surface - some interaction.

 (edited for darned typos!)

Hi, again, and yes, I was lying when I said I won't come back :) Was so angry last friday, I wrote this message.

To answer your questions, yes I called the technical support, and they said me to uninstall the product. I also tried the KB and remember this page :
http://service1.symantec.com/support/ent-security.nsf/docid/2007101515304948?Open&seg=ent (just an example, but it shows that the KB is not always a good thing). I've read alot of forums, asked Google to find me solutions (^^), and finally I just have lost alot of time.

Now, people above me don't want me to lose time anymore, so what can I do at the moment? I can just give up, and use clients without server, or I can try to solve this problem again when and if I got free time.

My problems are still :
- can't show more than 14 computers in SEP Manager
- new clients can't update my definitions, when the server is up to date.
- old clients don't update too (last definitions are 10-04-2009) but clients are installed for 6 months minimum

And no ShadowsPapa, I still have an 30 year old car (Renault 20) which works perfectly :)

PS : I'm French, so please excuse my poor language.

A. Your command of English, is better than many native born "Americans" - no apoligy needed, IMO.
B. I won't comment on the car as, well, I have a 1970, a 1980, and 1982 car and drive a well-used 1995 pickup........
C. we are all under GREAT STRESS lately, in the world, our own regions, and our jobs. I"m sure even the French are realizing this in their economy and jobs.  For us here, we are SO stressed, it's showing up in the form of illnesses, poor vision, depression, anger/short tempers, and loss of productivity. Management doesn't realize that more pressure actually results in less output, so it's counter-productive to demand more than one can possible put out - and do a GOOD job, because it causes LESS, not MORE, to be put out. Here, we are also faced with huge budget cutbacks, loss of jobs (and the union vote looks BAD here) stress and anger we understand............ you are not alone - and believe it or not, are among friends.

That being said................ hang in there.  If it can't be solved in the forums, then open a ticket - and be relentless! Don't let the ticket be "closed" until you have a solution, or find a solution isn't possible in your case.  Hard to imagine, but I've seen it in the past - you have to work "band-aids".......... and other products aren't always the answer. Each has their own set of issues.
Not that a technician is necessarily "bad", but each has different experiences and methods - so if you get to a stopping point, get hung up with one, ask for another, or ask for an escalation (sorry about MY spelling and English!!!!) some are simply better at certain things than others. Who you get may or may not be the best person for your particular issue or situation.  LOL - when we call Cisco, we routinely go through 2, 3 or even 4 techs before we get solutions!
Gather all the data you can, list it - in sort of an outline or bullet point list. There are troubleshooting things you can do - network "sniff" traces, etc.
The more information you can supply - exact OS version and patch level, service packs, servers - virtual or physical? Machines in each location, number of locations, number of subnets - are they all on one network, or multiple nets/subnets, any clue can help, no matter how small it may seem.
Yeah, I know some of it takes time - I've been months on one of our problems here, and weeks on another, and this week, more testing has actually brought up more QUESTIONS, and not a single answer!

Give me the lowdown on where you are with your issue and I can get to work on helping as well.

Eric

First of all, thanks for the compliment ShadowsPapa.

So, what can I say about my configuration is :
- Server working on WinXP Pro, not a server version
- SP3 installed, with all updates availables
- Clients are on WinXP Pro, SP3 and updated
- Two subnets in the entire network (I work in a "forming center", so I have a subnet "admin" and a subnet "formation")
- I'm using the assistant to deploy the clients

I can say with the assistant I need to log first in the client, using \\192.168.0.X, and logging with username, or the assistant doesn't want to log (saying it "can't find the lan directory" if Windows firewall is on, or saying it "can't open the session, username or password invalide" when I disable the firewall). But if I reboot the client, I can continue the installation without logging with explorer or with the assistant (don't know if my explanations are clear...)
On every client, I uncheck "simple share", and with secpol.msc, I deactivate password restrictions
Also, my Windows firewall is disabled.

So the client installs SEP, every thing is fine, it asks to reboot now or in 60 minutes, but it doesn't appear in SEP Manager on the server, and doesn't want to update the definitions

Well...Have you upgraded to MR5 - 11.0.5002.333.
Once you upgrade to this version troubleshooting will become easier as we will know that the problem is not due to any SEP programming bug but something related to network and permission and then we can figure it out and resolve it..
However in older version the chances are high that it can be some programming bug and we are troubleshooting in the wrong direction.
I would suggest you to Upgrade your SEPM to MR5 then export a package with Client installa setting of "remove previous logs and settings and reset client-server communication" ( using this article http://service1.symantec.com/support/ent-security.nsf/docid/2009042408004148 )
Then push it to the clients.

Also follow this article for MR5 migration.

Migrating to Symantec Endpoint Protection 11.0 RU5

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009090313483348

 

I already did the upgrade, the SEPM is 11.0.5002.333 like you said. I'll read the KB article, and will try as soon as possible, but I don't know if I'll be able to do that today. Anyway, I keep contact :)

Thanks Vikram.

XP has a 10 concurrent connection limit, and SEPM uses 3 of those itself.  Assuming *nothing* else is using connections, only 7 clients at a time would be able to connect in... so that would make sense why so few clients are checking in or updating.

 

<o p=""></o> 

I'm not clear on what you mean about  with the username/password issue...are you saying "if I reboot the machine, I'm able to deploy out"?  Perhaps there's some GPO or other restriction in place that aren't being processed (since the clients aren't being logged in)? Can you please clarify?

<o p=""></o> 

Ultimately,  you need to have a server OS for SEPM.  I'd assume your clients would then start shwoing up and updating correctly.

Best,

Eric

Hey,

@Hear4U,

I know about the limitation of XP/2k, but I also know it works, because clients try to connect, and if they can't, they will retry later, so I can "in theory" have thousands clients with a XP Pro or Home. It was working very well with my old Corporate Edition (My manager was showing 5x clients updated).

I'll try to clarify the connection with client when I try to install it :
From the "server", I launch the deployement assistant. I select the package I want to use, then the client on my lan. At this step, the assistant refuses to log in the client (two differents messages depending on if the client Windows firewall is enable or not). I have to log in the client first, by taping \\192.168.0.X in an explorer, then I can log in with the assistant.

I worked on the GPO on the client, disabled the password restriction, and the "simple sharing options" like said in the manual.

@Vikram Kumar,
I destroyed my old package, and rebuilt another one, with the parameter "remove previous logs and settings and reset client-server communication". I have reinstalled my 14 clients working (no problem at all), and was able to install new clients (that was impossible before this manipulation). It seems it works, new clients appear in the manager, and they are correctly updated.

No more problem for me, even if the client installation is still annoying me :)

Thank you all for your patience, and all the help delivered !

 hi Al,

As far as Windows XP concurrent connection goes you can have a workaround by changing the communication settings to PULL mode and hearbeat to 15-30 minutes your clients will be perfect.
If you have any other issue regarding installation or anything do open new discussion for that.. every issue has a solution or a workaround..

YES - if you use the standard default push mode, it maintains CONSTANT connection or tries to. So you must change modes.
TRUE , if you HAVE changed modes then the client will re-try. But with the push mode, it isn't the client making contact, it's the server maintaining a connection...... Vikram is right.
SAV was different, too - and with SAV, you could have a lot of clients under an XP parent server.

Vikram Kumar said : "[...] PULL mode and hearbeat to 15-30 minutes[...]"
Wow, I really don't know what you're saying about (remember, I use a French SEPM). I'm afraid you have to say exactly where I can find this option. Now SEPM seems well configured for me, I don't want to destroy all :)

@ShadowsPapa : I may have already activate it? My clients seem to update well.

As far as I understand, it is PUSH mode or PULL mode (even if it doesn't talk to me)?

 GO to clients -highlight group go to Clients- Communication settings

Ok, many thanks, I had already set this parameter to PULL mode with an interval of 10 minutes.