Quantcast
Channel: Symantec Connect - Security - Discussions
Viewing all 10103 articles
Browse latest View live

An instance of removable storage access utility is already running

October 19, 2017, 6:32 am
$
0
0
I need a solution

Hi there,

I've got a question about the Removable storage access utility. My company is using the Symantec encryption and therefore I had to use this removable utility on my USB drive when copying any files. These files were encrypted by a password and could have been opened on any computer.

Several days ago I opened the removable utility to access some of the files - no issue. When I try it now the utility doesn't open at all (the mouse icon shows it's doing something but then it stops). When I try to open it again an error message pops up - An instance of removable storage access utility is already running".

The utility is visible in the task bar but other than that there is no way how to access it.

Does anyone have any idea how to overcome this issue and access the encrypted files?

Thanks

0
Search

How to Prohibit SEPC Client Windows Uninstall

October 19, 2017, 9:26 am
$
0
0
I need a solution

As an IT administrator, I am currently trialing Symantec Endpoint Protection Cloud (SEPC).  Unfortunately, I can find no "feature" in SEPC to prohibit users from uninstalling the client.  If this is the case, this is a major product flaw.  I cannot allow my users to casually be able to uninstall the SEPC client.

I am familiar with Symantec Endpoint Protection Small Business Edition (SEPSBE) and was told that eventually this product was going to be discontinued.  SEPSBE provides the ability to require a password to uninstall the client.  Surely, Symantec understands the importance that SEPC also have such feature.

Looking forward to comments/suggestions on how to prohibit users from being able to casually uninstall SEPC client from windows machines.

0

LUA & SEP 14: Can you please provide a description of these selections?

October 19, 2017, 10:38 am
$
0
0
I need a solution

Hey guys,

I've been trying to get a somewhat decent explanation from Symantec about the different items you can download and have been having difficulty. I was able to figure out the issue by accident and resolve it. I'm coming to the community to perhaps get a better explanation since I'm getting nowhere with support.

Our network is setup like this: I manage technically three domains. Domain 1 is here, domains 2 and 3 are global. No machine has internet access except for a few exceptions with domain 1, including our SEPM server. In order to get virus definitions the 6 SEPM managers, we use LUA (on the SEPM box that has internet access) to pull the updates and then distribute them to the other SEPM clients. From there, those SEPM clients hand them to the SEP clients.

The problem we had is that one of the sites began installin SEP v14 MP2, and wasn't getting virus definitions for that client. I've been working vigorously with support and LUA to get that narrowed down, and honestly it was a package that wasn't clicked. They haven't even been able to confirm which package it is. I've been looking at the different page and descriptions, and I would like to get some explanation on them.

1) In our case, SEP clients all get their virus definitions from their respective SEPM clients that communicate with LUA. Does this mean that the only options I want ticked for this all say Manager, not Client (under content)?

2) The important ones I am more concerned with are:

- Virus Definitions (Win32/64)
- Virus R Definitions (Win32/64)
- Virus Definitions SDS (Win32/64)
- Virus R Definitions SDS (Win32/64)

Here is what I think the explanations have meant, and would like some confirmation or clarity on the matter if ya don't mind!

Virus Definitions (Win32/64) - These apparently are for 12.1.6 and below... which raises the question: If I have this checked, can I uncheck the 12.1.6 and below options also specified in LUA?

Virus R Definitions - These are reduced size definitions for windows embedded. We aren't using that client, so we won't need these.

Virus Definitions SDS - If the other virus definitions are for 12.1.6 and below, then these are for version 14 and up right?

Virus R Definitions SDS - These are reduced size for v14. The other ones (without SDS) are for 12.1.6 and below right?

What does SDS even stand for?

Thanks!

0

Deferred: lost connection with cluster1.us.messagelabs.com[216.82.242.44] while receiving the initial server greeting

October 19, 2017, 12:17 pm
$
0
0
I need a solution

Hi,

But this is not the only messagelabs server that would give me this error, and we have this problem with a lot of clients.

Sometimes the emails are delivered in 30 minutes, sometimes after 20 hours , and a lot of times the emails will be dropped.

My ip is 67.211.124.64

Please let me know if my ip is blacklisted somewhere by messagelabs, we have this problem for more than 6 months.

Thank you

Mike

0

SEPM Admin Password reset

October 19, 2017, 9:48 pm
$
0
0
I need a solution

Hi,

Is there any way to recover SEPM Admin password for SEPM? I understand previously there used to be adminpassword reset tool but Symnatec doesn't provide it anymore.

We tried with forgot password option but there is wrong email address defined. Can we manually edit the mailconfig to define correct email address and try with forgot password again?

Please share if you have any workaround/solution for this.

Thanks !!!

0

Autologon Snap-in error

October 20, 2017, 1:22 am
$
0
0
I need a solution

Hi,

I've just installed the Autologin Utility on my server but get the below error.

I have SEE 11.1.2

The Autologon Utlity is 11.1.3

Could this be the error? I don't have the Autologon.msi on my server C:\Program Files\Symantec\Symantec Endpoint Encryption Manager.

0

Firewall Component Check in Endpoints

October 20, 2017, 2:35 am
$
0
0
I need a solution

Hi Everyone,

Will like to know is there any way that I can check whether the Firewall Componnet is Installed in the Manged clients. I have like 17,000 endpoints.

0

Weird 14.01 Cloud Manager Web Fonts

October 20, 2017, 5:03 am
$
0
0
I need a solution

Hello,

Following Webpage has strange fonts:

https://sep.securitycloud.symantec.com/cc/#/welcome

Exemple:

IÄßWelcöme tö Symäntec Endpöint Prötectiön 14.1IIIIIIIIII I€üÖI

IÄßENÄßLED PRÖDÜCTSF€üÖI

IÄßEndpöint Prötectiön 14.1IIIIIII€üÖI

Server: windows 2012R2 or Windows 10, Locakle: Swiss German

Best Regards

Gerard

0
Search

Traps

October 20, 2017, 5:12 am
$
0
0
I need a solution
 
while these messages sent via trap, I would like to better understand the message, what specific event is the same as critical?
 

18/10/2017 14h10min13s GMT-03:00

SERVIDOR Unknown alert received from device SERVIDDOR of type GnSNMPDev. Device Time 328+15:21:45. (Trap type 1.3.6.1.4.1.3417.2.12.2.6.3) Trap var bind data: OID: 1.3.6.1.2.1.1.3.0 Value: 2839450531 OID: 1.3.6.1.6.3.1.1.4.1.0 Value: 1.3.6.1.4.1.3417.2.12.2.0.3 OID: 1.3.6.1.4.1.3417.2.12.1.1.1.0 Value: Health Monitor (CRITICAL): Health Check Status is 'CRITICAL'System  GnSNMPDev0x1080110
 

18/10/2017 14h10min5s GMT-03:00

SERVIDORAn event occurred for model 'SERVIDOR' of type 'GnSNMPDev' for which no event format file exists.System  GnSNMPDev0xfff0017310
0

custom attributes for email incidents

October 20, 2017, 1:26 am
$
0
0
I need a solution

Hello Team,

It's my first post so let me say hello!

Could you please advise on the scenario below:

1. User sends an email on behalf of shared mailbox.

2. Network prevent for email detects violation and blocks the message from sending outside.

How  to find who is the real vilolator? - I was thinking of additional headers but it seems X-Headers are not taken from the message so this cannot be used.

I would appreciate your comments.

0

Unable to set Management Interface IP

October 20, 2017, 1:51 am
$
0
0
I need a solution

I am not able to set Management IP for ATP 8840.

I got error "INTERFACE_NOT_PRESENT".If i run "ifconfig -a" command can see the interface

0

At Risk on Windows 10 Device

October 20, 2017, 1:46 pm
$
0
0
I need a solution

I am beginning a roll-out of Symantec Endpoint Protection Cloud at our company.  I evaluated the software on my work Windows 10 box with no issues.  I have started rolling out the install to our employees, and made some tweaks to the security policy (password complexity and minimum PW length).  Now, my Windows 10 PC is giving my an 'At Risk' message, with 'Device does not comply with security policy for: Passcode' and 'Security feature is disabled on the device'.  I have reset my password to ensure it complies with the policy and I'm still seeing this message.  I have un-enrolled and re-enrolled this device with no luck.  I have 5 other users using SEPC, with no issues.

What am I missing?

0

Your virus and spyware definition are missing or corrupted

October 20, 2017, 11:10 pm
$
0
0
I need a solution

Hi All,

I have received below  warning message in my SEP client.

"Your virus and spyware definition are missing or corrupted"

SEP Client version is : SEP14 MP2

Operating system: Windows  server 2008 enterprise edition.

Virtualization platform: VMware.

I have tried to run intelligent updater too. But no luck.

Kindly help me to sort this issue.

0

what is ccSvcHost.exe ?

October 21, 2017, 1:38 am
$
0
0
I need a solution

Hello All,

New to symantec.

Can anyone help me out to know whats is ccSvcHost.exe will do in SEP client.

Thanks in Advance.

0

Client not reporting to management server based on conditions

October 21, 2017, 8:28 am
$
0
0
I need a solution

I have creted the folders like this and created the locations as follows.Now im planning to remove the Hyderabad and pune group and create the same in Axis CC group as a locations.After creating the locations the clients is not going to respective management servers depending on the location conditions.

Please advise.

TIA.

0

Search

Removing PGP files from HD...

October 21, 2017, 3:20 pm
$
0
0
I need a solution

Hey everyone, quick story here... I've been having trouble trying to restore a W7 image I believe was encrypted when I backed it up.

When I put the restored image in the computer I simply get a black screen with bootguard in the upper left hand corner with a blinking cursor... I can't bypass it, use a rescue CD, put in a PW, etc.

When examining the files on the HD I saw PGPWDE01 and PGPWDE02 were present and cannot be deleted or erased. So my first question is, is are those the files causing the issues related to the bootguard? And if so, how can they be removed? Thanks in advance

0

Having issues delivering to clients using MessageLabs filtering

October 21, 2017, 4:40 pm
$
0
0
I need a solution

We’re having issue delivering to at least some accounts using MessageLabs filtering.

We have recently switched IPs when hosting moved our server, but have maintained a positive reputation and do not appear on any blacklists.

Example failed response -

The mail system

: host cluster4a.us.messagelabs.com[85.158.139.103]
said: 421 Service Temporarily Unavailable (in reply to RCPT TO command)

Return-Path: Received: from mail.ajj.com (26.58.197.104.bc.googleusercontent.com [104.197.58.26])

0

Symantec Endpoint Protection cannot open

October 21, 2017, 7:16 pm
$
0
0
I need a solution

I just installed Endpoint Protection 14.1 and getting the following error message:

Symantec Endpoint Protection cannot open because some Symantec services are stopped.  Restart the Symantec services, and then open Symantec Enpoint Protection.

I had Norton Security installed and it appears to be somewhat active.  Should I uninstall it?  I disabled Windows Defender.

Thanks,

    Mike

0

Question about Symantec DCS pre-defined windows-hardening policy!

October 22, 2017, 12:51 am
$
0
0
I need a solution

Dears,

I am using symantec learning portal to study for DCS implementation but I am kind of confused, the scenario i am thinking about is if we have a host that have the predefined prevention policy "sym-win-hardened-sbp" applied to it and this host has an application that doesn't have a predefined sanbox in Symantec DCS in this scenario will the default prevention policy be able to protect the application or do we need to create a custom sandbox for this application and apply it to an application rule identifying this application and routing it to our custom sand box inside the applied prevention policy "sym-win-hardened-sbp" ?

Another question: if i need to create a custom sandbox for this application, from what i learned from the DCS video training is that I can enable application profilling from the java management console then make the console create the custom sandbox for me but the instructor said that this is not accurate and might leave holes in the custom sandbox so we need to review the created sanbox, but doesnt this mean I need to know everything about the application like what it is accessing...etc ? so what difference does this tool make?

Thanks in Advance.

0

Scan Status

October 22, 2017, 11:21 pm
$
0
0
I need a solution

Hi!

I was looking for the article for the definition of scan status. I was a bit confuse on the scan statuses.

when exporting scan logs in SEPM. I found these status.

1. Cancelled

2. Started/In Progress

3. Suspended

Also as per checking on SEPM admin guide. there is no such think about scan status logs.

0
Viewing all 10103 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>