Endpoint Protection

My company uses SEP version 12.1.16 on Windows 10 machines, and uses Outlook 2016. Some users are having email take forever to attach a file, or send mail. When we disable SEP Outlook Add in, everything works great. Our company Security Policy will not allow the SEP Outlook Add in to be disabled. Does anyone have a workaround or better yet, a solution?

Unfortunately, this has been a problem with this plugin for some time. It is also not very configurable.

Do already have email scanning done at your gateway? If so, this plugin is redundant and you can disable it.

One change you could try is to scan only specific file types - the ones that are more likely to be malicious - .exe, .com, .bat, .js, .cmd, office filetypes, etc.

When you attach a file or send an email, it gets scanned on the spot. So if the email/attachment is big, it will look as if it's 'frozen' for a while before it does something.

As ℬrίαη has said, this has been a known issue for a long time. We ended up disabling the plug-in as we have an email gateway where it scan all incoming & outgoing emails, so it was done on the server side, rather than clent side, which makes everything much quicker.

The Outlook plugin adds no extra security to SEP.

What the plugin does is to automatically download all email attachements as they arrive and scan them asap.
Normally Outlook won't download an attachmements until you open the email: And when opened, they are scanned anyways.

They scan using the exact same technoligy. The plugin just scans the files before you access them,

Best to disable it. It is known to make outlook unstable.
 

Thanks for all the input, guys. Yes, we do have email scanning at the gateway, but my boss is adamant about not disabling the SEP Outlook Add in. Does anyone have any more ideas that don’t involve disabling this add in?

Since you have email gateway scanning then using this plug-in is redundant. You're doing double the scanning.

And this plugin is not really configurable so you're really stuck with it if you choose to use it.

One last question. What is the easiest way to disable the SEP Outlook Add in from the Manager Console so that it gets pushed out to all the clients?

In the AV policy on the Microsoft Outlook Auto-Protect tab you just need to uncheck the box for "Enable Microsoft Outlook Auto-Protect"

After this change is made and a new policy number is generated in the SEPM, clients will heartbeat in and pickup the new policy.

Thanks guys!

You're welcome.

Does anyone know if the issue with outlook has been resolved? I had a the same problem. I've been holding off on upgrading the machines until the issue was resolved.

Thanks,

Chanda

so if there is a problem with a part of the symantec client, just need to disable this part :-(

We have many employees who can connect to their private mail account because they travel a lot,

and don`t tell me we need symantec mail gateway