Endpoint Protection

Hi

Due to major problems with servers not updating under SEP v11, I have rolled out 12.1 on our SEPM servers, and also our GUPs.

In about 50% of cases, this has worked fine, and this has fixed the updating issues for clients as well.

But some of the GUPS (running on Server 2003 r2) are now not updating, listing the following errors over and over in the system logs:

- Downloaded new content update from Group Update Provider failed.

- Cannot assign a client authentication token. There was a general communication failure.

- [Client authentication token request] Submitting information to Symantec failed.

I read up on a couple of articles regarding this, seems to point to the server requiring access to the internet? I hope this is not the case as I would have though being a managed product, it would get all it needs from the SEPM servers and not require internet access?

Is there a way around this problem, as these GUPS do not seem to be updating.

Brett

Hello,

Are you using proxy on your machines??

if you are using proxy, you need to allow these URL's

Required exclusions for proxy servers to allow Symantec Endpoint Protection to connect to Symantec reputation and licensing servers

1) How to configure a Symantec Endpoint Protection Manager (SEPM) 12.1 client to use a proxy for LiveUpdate

http://www.symantec.com/docs/TECH167247

2) How to setup the Symantec Endpoint Protection Manager to use specific proxy settings for LiveUpdate

http://www.symantec.com/docs/TECH102335

3) Configuring Symantec Endpoint Protection Manager to connect to a proxy server to access the Internet

http://www.symantec.com/docs/HOWTO55201

4) Specifying a proxy server for client submissions and other external communications

http://www.symantec.com/docs/HOWTO55363

5) What is the ISAPI proxy setting?

http://www.symantec.com/docs/TECH163729

6) How to bypass the IIS proxy after upgrading to Symantec Endpoint Protection Manager 12.1

http://www.symantec.com/docs/TECH162324

7) Required exclusions for proxy servers to allow Symantec Endpoint Protection to connect to Symantec reputation and licensing servers

http://www.symantec.com/docs/TECH162286

Hope that helps!! 

One of the major benefits of SEP12.1 over 11, is that it is able to leverage Symantec's Insight database for purposes of analysing reputation of executable files.

In order to do this, a SEP Client directly contacts Symantec's servers for the reputation data, and the Client Authentication token is what allows a SEP Client to authenticate itself to Symantec (as per Avkash's last link).

The Client authentication token failures should not really be affecting updates via GUPs, but you can take this out of the equation by disabling Insight Lookups as below:

In the SEPM Console goto Clients and select the group for which you want to disable Insight lookups, click on the Policies tab in the right pane and click the 'External Communications Settings' link. In the new window that appears, uncheck the Insight Lookup options.

Other ares for disabling Insight can be found in the below article:

http://www.symantec.com/docs/HOWTO55447

Also, for further reading, you can see what Insight adds and how SEP uses it, in the articles below:

http://www.symantec.com/docs/TECH169282

http://www.symantec.com/docs/HOWTO55268

http://www.symantec.com/docs/HOWTO55275

Thanks for the info, I'll try disabling it and see if it makes any improvements.

Brett

We have the same issue but I want to use Insight technology..what now

+1

Same problem.

in GUPS logs - Cannot assign a client authentication token. There was a general communication failure.

- Downloaded new content update from Group Update Provider failed.

GUPS (Server 2003 r2) are now not updating.

I've got the same issue and I'll be disabling the proxy settings for the local SYSTEM account.

The reg key I'l be modify is

HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings  

  "ProxyEnable" = 0