Data Loss Prevention

 View Only
Expand all | Collapse all

Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

  • 1.  Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 17, 2018 08:56 AM

    Hi,

    I'm trying to deploy Symantec DLP 15.1 Agent on Endpoints via SCCM however this is failing. (Manual installation via cmd is successful)

     

    Is there any way the SEP 14 Client (already installed) on the Endpoint can be interfering with the installation ? (I've also added exclusions to the DLP Agent Directory Program Files/Manufacturer/Endpoint Agent in the SEPM)

     

    Kind regards



  • 2.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 17, 2018 11:12 AM

    Hi Muhammad, 

     

    When deploying this via SCCM are you using the information within the .bat file as part of your installaion i.e GUIDs and unique tools password hash opposed to just packaging the MSI?

    As without this information the installation cannot complete,

     

    I hope this helps, 



  • 3.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Mar 25, 2021 05:18 PM
    Hi Muhammad,

    I am trying to deploy Symantec DLP Endpoint Agent  via SCCM. Can you give a step by step guide on how to achieve that

    Thank you


  • 4.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 18, 2018 12:54 AM

    Hi Nathan,

    I'm using the value "install_agent.bat" file in the Installation program field when generating the application with the deployment type set as script installer. So i think this should be fine .. ?

    Kind regards



  • 5.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 18, 2018 01:44 AM

    Hi Nathan,

    So we just tested on another Endpoint that does not have SEP, in this case the SCCM managed to successfully deploy the DLP Agent.

    Do you know how the SEP might be interfering with the DLP Agent installation and how we can configure it to not interfere ?

    Kind regards



  • 6.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 18, 2018 03:49 AM

    Hi Muhammed,

     

    Have you looked at the SEP logs on the problematic machine to see if it's flagging anything about the installer?

     

    SEP also has a trusted updater policy which can be enabled which may preventing it, have you added the .msi as a trused installer in the SEP policy?

     

    Thanks,



  • 7.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 18, 2018 04:12 AM

    Hi Nathan,

    No, i've not been able to look at the SEP logs. 

    I'm running the install_agent.bat file so do i add the install_agent.bat file as an exclusion as well ?
     

    Also, so i should add the AgentInstall.msi as a trusted installer as well ? Can you guide on how to do that ?

     

    Kind regards



  • 8.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 18, 2018 05:01 AM

    Hi Muhammed, 

     

    The .bat file shouldn't be an issue as SEP also uses batch files behind the scenes for certain tasks so no concern there,

     

    To set the AgentInstall.msi as a trusted installer if you follow the below it should guide you through the process:

     

    https://support.symantec.com/en_US/article.TECH203266.html

     

    Pretty sure with SCCM deploying via Distribution Points and caching the installers into the CCM folders you will need to point the exception there as technically that is the location it will run from once downloaded,

     

    I hope this helps, do let me know and if this resolves the issue please mark as resolved,

    Kind Regards 



  • 9.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 19, 2018 07:19 AM

    Hi Nathan,

    The Windows/ccmcache folder was added as a Directory Exclusion on the SEPM, however even now the DLP Agent is not successfully deploying via SCCM on the endpoint having SEP. 

    Kind regards



  • 10.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 21, 2018 03:46 AM

    Hi Muhammed, 

     

    I'm at a loss on this one, I'd suggest posting this into the SEP community as you know the DLP installer is working now you've tested it on a non SEP machine,

     

    Sorry I couldn't be further help,



  • 11.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 28, 2018 10:27 AM

    Hi Muhammed,

    What do the DLP installation logs indicate?  They can be found on the target endpoint at C:\installAgent.

    The most frequent problem I've found is that the endpoint certificates can't be found.  This is usually due to the explicit path called out in the install_agent.bat when the installer (.msi) is run from a different location.  The installer can't find the certs.

    Also try running the installer in interactive mode and watch the installation.  That might help point out some road-blocks.

    Cheers!



  • 12.  RE: Symantec DLP Endpoint Agent via SCCM on Endpoint having SEP

    Posted Dec 31, 2018 04:59 AM

    Try installing with the help of a tool available with SEP Setup.