Endpoint Protection

 View Only
  • 1.  Symantec Endpoint Protection

    Posted Mar 21, 2014 09:59 AM

    We have Symantec Endpoint Protection and Encryption running on our laptops (Latitude E6330s)

    One particular laptop is having issues with SEP (version 11.0.6100.645)

    Laptop Windows 7 Professional, i7 3550M, 8 GB of RAM

    The user reported that they shutdown the computer (which installed windows updates and was able to shut it down properly) The next day when the user started the computer, the startup was

    1. Extremely slow

    2. Hard rive light is constantly on

    3. The laptop is running at a snail speed

    4. The does reach the desktop but the hard drive light is constantly on and nothing works

    5. When I manage to double click on SEP it was showing that "Proactive Threat Protection" is OFF. Then Network Threat Protection gets turn off. All this time the hard drive light is solid on.

    Any help would be greatly appreciated



  • 2.  RE: Symantec Endpoint Protection

    Posted Mar 21, 2014 10:01 AM

    Can you run the SymHelp tool on the machine to see if any issues show up:

    How to download Symantec Help (SymHelp)

    Are you able to verify what processes are consuming the CPU?



  • 3.  RE: Symantec Endpoint Protection

    Posted Mar 21, 2014 10:06 AM

    go to add/remove programs, select SEP , modify - remove NTP, does that stablize the system?



  • 4.  RE: Symantec Endpoint Protection

    Posted Mar 21, 2014 10:30 AM

    Hi,

    Is't 64 bit OS ? Does you have check disabled SEP client ?

    If yes SEP 11.x does not support PTP feature.

    Symantec Endpoint Protection 11.0 compatibility with 64-bit platform

    Article:TECH102143 | Created: 2007-01-23 | Updated: 2010-12-03 | Article URL http://www.symantec.com/docs/TECH102143


  • 5.  RE: Symantec Endpoint Protection

    Posted Mar 21, 2014 11:27 AM

    I don't suppose these Windows Updates included SP1 did they?

    As per the below article, SP1 is only support from v11RU7 and up:

    http://www.symantec.com/docs/TECH154768

    I'd highly recommend you upgrade to SEP12.1 instead though, as v11 is now on the final phase of the EOL wind-down.



  • 6.  RE: Symantec Endpoint Protection

    Posted Mar 21, 2014 02:50 PM

    Normally, I don't just go and say upgrade - but at the same time, I will - SEP 11.0.6100.645 is nearly 4 years old - the 11.x platform in generall was brought out 2007 - which defined the overall engines as a whole, yes some things were patched to fix issues with compatiblity and defects;

     

    Would you install Windows XP onto a new I7? I would hope that you would say no...why? Because features and how to OS works with your hardware is completely different then what was of the time back then...same goes for AV

     

    If you are running a 7 year old AV product, how can you expect that it will run well with modern HW/OS?

     

    In this case it is likely AV components are scanning literally every file in use, copying, etc...

    TruScan / PTP can be installed on a 64-bit or Server OS machine, but it will not initalize...ever so that rules out that option

    FW/IPS can possibly be an issue, however likely not the case (also as indicated by your own mention that you have disabled that option)

     

    What are your scheduled scans set to? What is the prioritizaiton? - In this case, do yourself a huge favor - get 12.1.4 rolling on the network - features such as Download Insight will drastically reduce your overhead for resources used...but then also, look at the policies that you have in place too, I would suggest remaking policies and overhauling that as well, if you have problem policies, they may haunt you throughout your 'SEP Experience'

    Just some ideas and suggestions and reaffirming what was stated above



  • 7.  RE: Symantec Endpoint Protection

    Posted Mar 21, 2014 05:29 PM

    Thank you for your time and assistance. I was able to fix the issue by stopping

     

    • Booting into safemode
    • Stopping ALL the the Symantec services (Antivurus, Event Manager etc)
    • Performed a system chkdsk c:\
    • Boot into safe mode and everything was fine
    • Started windows normally
    • Performed a Symantec Live Update
    • Eveyrthing got updated and was all Green (all Symantect Services in Symantec Endpoint Protection)

     

    Hope this helps someone else