Endpoint Protection

 View Only

  • 1.  SEP Agent Issue

    Posted Dec 17, 2017 06:37 AM

    Dear all, I am having the below issues on SEP agents. Your kind support is appreciated in resolving this. Please feel free to ask me any additional queries.

     

    1) I have many servers that are running SEP agent version 12.1.2 and 12.1.5. They are appearing as out of date. When I view the details I see that mostly only the " Download Protection Content Update" is out of date. These Server machines does not have internet access and they download the definations only from the SEPM. SEPM is running 14 MP1.

    These problematic Server OS machiens doesn't have Sonar and Firewall installed on it. Only the AV and IPS component is installed on these servers.

     

    2) I have many servers 70+ which are appearing as disabled on the SEPM dashboard. When I checked the details I find out that the Temper Protection is malfunctioning. I went into the group settings where these servers reside and under the temper protection locked the paddle lock which was previously not locked. Doing this would resolve the component malfucioning issue? if yes then how much time does it take in the report to show that temper protection is no longer malfuctioning after doing the above change?

     

    Your comments and feedback is appreciated. Thanks

     

     



  • 2.  RE: SEP Agent Issue

    Posted Dec 17, 2017 09:03 AM

    Any 1???



  • 3.  RE: SEP Agent Issue

    Posted Dec 17, 2017 01:54 PM

    I have never seen the issue with "Download Protection Content Update".  Generally when I have had issues with clients updating I have generally found the most effective method was to simply unistall the client using Symantec's CleanWipe, restart the machine and reinstall the client.  I have become pretty cynical with their diagnostic tool, SymDiag, since the majority of cases where I have tried it wasn't able to resolve the issue.  Maybe someone else here has a better suggestion but it is the only method I have found that works reliably.

    https://support.symantec.com/en_US/article.HOWTO74877.html

    I have generally found that when I resolve issues where the client is updating or a component is disabled that the management console will be updated within 20-25 minutes.  I have rougly 750 clients that my management server is monitoring.



  • 4.  RE: SEP Agent Issue

    Posted Dec 18, 2017 05:02 PM

    On SEPM, goto Admin > Servers > Local Site > edit Site Properties > LiveUpdate tab > "Content to Download for Client Types" 

    and make sure SEP 12.1.X Legacy embedded clients and Legacy standard clients are checked or else 12.1.X definitions are not downloaded on SEP14 SEPM.