Endpoint Protection

 View Only

  • 1.  SEP 14 upgrade gone awry

    Posted Dec 08, 2016 05:33 PM

    Hi all,

    I saw the upgrade was available a while back so last Thursday I updated our server infrastructure to SEP 14.

    Our installation is a bit different than others I have been reading - we don't use SEP on our workstations, only on our servers. Some of the symptoms I've been reading about sound very familiar but it sounds like a local client/workstation issue.

    Some background:

    • Windows 2012 AD environment, with only one 2008 server, and one 2003 server for legacy software.
    • We have redundant DCs, on two sites connection by WAN/VPN, two DCs at each site
    • We also use DFS, two servers at each site, using WAN/VPN site links
    • We also have on-site Exchange
    • We exclusively have Windows 7 workstations, with the exception of one Surface Pro
    • We also have HA DHCP servers

    Ever since the upgrade I've noticed some really bizarre problems, and my networking hardware checks out, which leaves SEP14 as the most recent change.

    Here are some issues:

    • Windows 7 logons the next day (or last Friday) were not working. Would get the spinning wheel "Welcome" screen and it could take up to 15 minutes to log on (it was getting stuck at GPO processing) Restarting the DCs mostly fixed this, it is still happening but intermittent
    • The DHCP servers completely stopped responding, workstations started dropping off the network. Restarting the server with the DHCP fixed this issue
    • We use network shared/folder redirection extensively and this is the major problem for us. It is randomly dropping network connections to the DFS servers. This results in timeouts bringing up file dialogs and the like. Restarting the workstations does not appear to fix this issue. Sometimes a reboot will bring the network back online.

    This is happening all over the place and the frustrating thing is that there's no log on the servers (event log or SEP itself) that indicates any sort of communication problem.

    Note: When installing, I exported packages with server settings from SEPM and upgraded our servers.

    As this doesn't seem to be a client issue as we don't use SEP on clients, has anyone else experienced this? It's so intermittent that it's hard to pinpoint any issues. The only thing I know for sure is our workstations point to connectivity issues to the servers via vague GPO processing delays.

    Dan



  • 2.  RE: SEP 14 upgrade gone awry

    Posted Dec 08, 2016 05:36 PM

    Known issue, see thread on it here:

    https://www.symantec.com/connect/forums/sep-14-bug-renders-windows-7-unable-login

    Workaround here:

    https://support.symantec.com/en_US/article.TECH236543.html

     



  • 3.  RE: SEP 14 upgrade gone awry

    Posted Dec 09, 2016 01:06 PM

    I've added the exception and forced a replication. There's not many people in today so I probably won't know if it made a difference until Monday.