SEP Summary:
Symantec Endpoint Protection is the next generation of antivirus from Symantec.
-Integrated antivirus, antispyware, firewall, intrussion prevention, device and application control.
-single agent managed by a single console
-Network Access Control ready
-Lowers operating costs and reduces security risks.
Key Features:
- Seamlessly integrates essential technologies such as antivirus, antispyware, firewall, intrusion prevention, device and application control.
- Requires only a single agent that is managed by a single management console.
- Provides unmatched endpoint protection from the market leader in endpoint security.
- Enables instant NAC upgrade without additional software deployment for each endpoint.
Key Benefits:
- Stops malware such as viruses, worms, Trojans, spyware, adware, bots, zero-day threats and rootkits.
- Prevents security outbreaks thus reducing administrative overhead.
- Lowers total cost of ownership for endpoint security.
Download trial version here.
Look at on page, find ‘All Trialware’ Section, click ‘Security’ > then click ‘Endpoint Protection’.
Downloads are available in multiple languages, and include the following:
- Symantec Endpoint Protection 11.0 Trial (Client and Management Console). A fully functioning trial version of the Endpoint Protection Client and Management Console. Trial version will expire on September 30th, 2008.
- The Symantec Endpoint Protection User Guide
- Read Me file. Important information on the Endpoint Protection software and details about the newest maintenance release (MR2).
How to Install Symantec Endpoint Protection Manager:
Requirement:
- Windows 2000 Server with Service Pack 3, Windows XP, or Windows Server 2003
- Internet Information Services (IIS) version 5.0 or later, with World Wide Web services enabled
- Internet Explorer 6.0 or later
- Java Runtime Environment 5.0, update 13 or above recommended
- Hardware:
| Component | 32-bit | 64-bit |
| Processor | 900 Mhz Intel Pentium III | 1 Ghz on x64 only with the following processors:- Intel Xeon with Intel EM64T support-Intel Pentium IV with EM64T support-AMD 64 Opteron-AMD 64 Athlon
Note: Itanium is not supported. The management components are 32-bit applications. |
| Memory | 1 GiB RAM Minimum (2-4 GiB Recommended) | 1 GiB RAM Minimum (2-4 GiB Recommended) |
| Hard Disk | 4 Gib for server, plus Additional 4 Gib for database | 4 Gib for server, plus Additional 4 Gib for database |
| Display | Super VGA (1024×768 ) or higher resolution | Super VGA (1024×768 ) or higher resolution |
| Database | The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or later- MS-SQL server 2005 | The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or laterMS-SQL server 2005 |
Installation Process:
a. Insert the installation CD and start the installation.
b. In the installation panel, click Install Symantec Endpoint Protection manager:
c. In the Welcome panel, click Next.
d. In the License Agreement panel, check I accept the terms in the license agreement, and then click Next.
e. In the Destination Folder panel, accept or change the installation directory.
f. Do one of the following:
- To configure the Symantec Endpoint Protection Manager IIS Web as the only Web server on this computer, check Create a custom Web site, and then click Next.
- To let the Symantec Endpoint Protection Manager IIS Web server run with other Web servers on this computer, check Use the default Web site, and then click Next.
g. In the Ready to Install panel, click Install.
h. When the installation finishes and the Install Wizard Complete panel appears, click Finish. Wait for the Management Server Configuration Wizard panel to appear, which can take up to 15 additional seconds.
How to Install Endpoint Protection Client:
Requirement:
- Windows 2000 Professional with Service Pack 3, Windows XP, Windows Server 2003, or Windows Vista
- Internet Explorer 6.0 or later
- Hardware :
| Component | 32-bit | 64-bit |
| Processor | 400 Mhz Intel Pentium III | 1 Ghz on x64 only with the following processors:- Intel Xeon with Intel EM64T support-Intel Pentium IV with EM64T support-AMD 64 Opteron-AMD 64 Athlon
Note: Itanium is not supported. The management components are 32-bit applications. |
| Memory | 256 MiB of RAM | 256 MiB of RAM |
| Hard Disk | 600 MiB | 700 MiB |
| Display | Super VGA (1024×768 ) or higher resolution | Super VGA (1024×768 ) or higher resolution |
| Database | The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or later- MS-SQL server 2005 | The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or laterMS-SQL server 2005 |
a. Endpoint Protection Client (Unmanaged/Standalone)
- Insert the installation CD and start the installation.
- In the installation panel, click Install Symantec Endpoint Protection:
- In the Welcome panel, click Next.
- In the License Agreement panel, check I accept the terms in the license agreement, and then click Next.
- Select setup type: TYPICAL or CUSTOM, typical for default. click Next
- In the Ready to Install panel, click Install.
- Here the Symantec Endpoint Client screen shoot:
b. Endpoint Protection Client (Managed)
- Start>>All Program>>Symantec Endpoint Protection Manager>>Migration And Deployment Wizard
- Click “Next” then select “Deploy the Client”
- follow the on-screen instructions.
Another method:
- From Endpoint Manager Console, click “Client” icon then click ‘Find Unmanaged Computers”.
- Insert the client ip address range, user/passwd, domain/workgroup then click “Search Now”.
- you will see the client with ‘Deployment Status’ NO, select the client then click”Start Installation” button.
- Wait for client installation till finish.
- more detail, see the picture below. click to resize.
How To configure Endpoint Protection Manager:
A. Exporting/Create Client Installation Package:
When you export client software packages, you create client installation files for deployment. When you export packages, you must browse to a directory to contain the exported packages. Read more on Admin Guide, page 101:
B. Install and configure Symantec Live Update Administrator:
- Double-click ‘LUA21ESD.EXE’ from SEP disc2 (TOOLS\LIVEUPDATE Folder)
1. launch Symantec LiveUpdate Administrator, login with your username and password
2. Click ‘Configure’
3. click ‘Add New Products’
4. Select ‘Symantec Endpoint Protection’>’Symantec Endpoint Protection v11.0 English’
5. Configure ‘Source Server’
6. configure ‘Distribution Center’
-By default, SEP create 2 Distribution server, for Production and Testing. click ‘Add’ button to create a new Distribution Center
7. Add ‘Symantec Endpoint Protection v11 English’ Product to ‘Distribution Center’ coverage
-Click your distribution Center>Edit
Scroll down, then on ‘Product List’ >>click ‘Add’ >> select ‘Symantec Endpoint Protection 11 english’
8. Edit the ‘Preference’
9. Configure ‘Download and Distribute’, add Download schedule
10. Click ‘Run Now’ if you want to run the LiveUpdate now.
11. After fininshing the Update Process, run the ‘Manual Distribution request’ or you can create ‘Distribution Schedule’.
12. Last Step, Configure Symantec EndPoint Manager Live Update Policy .
C. Configure Device Policy (Exp. Block All USB device, CD/DVD Drives, Bluetooth)
(Exclude Human Interface Device: USB mouse, Joysticks, Gamepads)
-Click “Client”, select the User Group, click “Policies”, then right-click “Application and Device Control Policy” then select ‘Edit Policy’
-Click ‘Device Control’ tab
-in ‘Blocked Device’ click ‘Add’ button. select the device you want to block (USB, CD/DVD Drivers & Bluetooth Radios)
-in ‘Device Excluded from Blocking’ add/select ‘Human Interface Device (Mice, Joysticks, game pad and system control’;
D. Configure Security Policy (Firewall Rule)
———————————————
Symantec Endpoint Protection 11 Manual and Administration Guide:
Install Guide:
http://www.ziddu.com/download/5664607/installation_guide.pdf.html
Client Guide:
http://www.ziddu.com/download/5664608/client_guide.pdf.html
Admin Guide:
http://www.ziddu.com/download/5664609/administration_guide.pdf.html
LiveUpdate Admin Guide:
http://www.ziddu.com/download/5664610/LiveUpdateAdministratorUsersGuide.pdf.html
All comments are welcome; but Before post any question, please go to SEP Forums here:
https://forums.symantec.com/syment/board?board.id=endpoint_protection11
Update:
Migrating to Symantec Endpoint Protection 11.0 MR3:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008091611042748
Downloading the Symantec Endpoint Protection 11.0.3001 MR3 Maintenance Release:
https://fileconnect.symantec.com/
-
Recent Comments
Mohammed on Solaris 10 Remote X11,X-Server… Mitza on Download Cisco Unified Communi… Bruno on Symantec EndPoint Protection… Bruno on Symantec EndPoint Protection… mandar on How to Configure Drive on Sola… mandar on How to Configure Drive on Sola… Mal on CCNA Study Guide 640-802 Installation of Orac… on Step Install Oracle 10g R2 on … Sailaish on Symantec EndPoint Protection… Surick on “Cannot find VRTSperl to… -
My blog is worth $1,129.08.
How much is your blog worth?
Links
About Me
Just call me Aziz, An Ordinary human, live in Jakarta, work as an IT Engineer.
Contact:
saifulaziz@gmail.com
saifulaziz2004
-
Flickr Photos
More Photos Facebook Badge
SOCIAL NETWORKING
Visitors
DONATION
SEO STATS
July 27, 2008 at 8:24 pm
problems uninstalling s.e.p unmanaged client MR2 ,vista home 32 !!
help please!!
used all methods cleanwipe, don’t work !!
uninstall manually ,don’t work !!
windows security center always “saying” symantec is enabled etc etc ….
best regards
July 28, 2008 at 7:05 am
@bindo
“How to manually uninstall Symantec Endpoint Protection client from Windows Vista 32-bit”, go to here:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007080209280848
and also here:
https://forums.symantec.com/syment/board/message?board.id=endpoint_protection11&message.id=1426&query.id=60214#M1426
If you still got a problem, try to disable the SEP services:
START>>RUN>MSCONFIG>SERVICES
#uncheck the SEP services, like:
-symantec endpoint protection
-symantec management client
-symantec network access control
-symantec bla bla bla….etc
restart PC, then re-run uninstall again..
Good Luck.
July 28, 2008 at 6:35 pm
thanx aziz !!
the third try was almost the good one ,but …sorry there is a but!
after logging in as administrator,disabling symantec security techs ,symantec managemnt client live up date ……etc ,restarting ,uninstalling ok symantec was gone ,but after restarting symantec was back in security center …..
so another trick ? please !!
July 31, 2008 at 1:21 am
Unfortunately, I don’t hv any Vista Box to try right now, but I think, you need to remove manually all SEP files from “C:\WINDOWS\system32\” and also from Registry. Reboot to Safe Mode, then Follow the instruction here:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007080209280848
If you need the Third-party software for cleaning up, try to install ‘TuneUp Utilites 2008′, then run menu ‘TuneUp 1 Click maintenance’ or ‘tuneUp Registry Cleaner’..
August 1, 2008 at 8:30 am
Hi Aziz, thank you for this blog!! I have a question please, I can connect to the console manager despite i entered admin as user and the password i’ve given during installation!!what can i do to resolv this problem please!?
August 5, 2008 at 6:41 am
@sofien
You can use ‘resetpass.bat’ file, it will reset the password for the Symantec Endpoint Protection Manager admin account.
1. open Windows Services, then stop ‘Symantec Endpoint Protection manager’
2. Go to:
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools
then, double-click the Resetpass.bat.
3. start again the ‘Symantec Endpoint Protection manager’ service.
4.Launch Symantec Endpoint Protection Manager Console
user: admin
password: admin
—-
August 15, 2008 at 8:40 am
i have a problem my sep.after i upgrade sep 11 to sep 11 mr2 mp1 the symantec console user admin can load a long time in to console. could u help me for my problems
August 19, 2008 at 4:30 am
@teguh
MR2 MP2 released already, I think, better for you to upgrade to MP2. go to here for detail step:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008080112464448?Open&seg=ent
August 21, 2008 at 11:11 pm
wish I had this weeks ago! the install is a nightmare…
Great blog on Symantec EndPoint. well done Aziz!
Christopher
August 22, 2008 at 12:46 am
The Vista clients i have do not appear in the SEP console is there a way to force this or have I missed anything while making the SEP policies.
Thank you
btw: excellent blog Aziz, lots of great info.
Abdul
August 23, 2008 at 6:28 pm
hey Aziz,
actually am having problem when installing network threat protection, its prevent me from pinging or share (copy) files over network.
right now am solving it by installing antivirus and antspam only for clients.
your help will be appreciated.
August 26, 2008 at 8:56 am
@TKADY
I think there might be something wrong with your Firewall Rules. The firewall is installed with default rules that are classified as Allow, Deny, Block and Log, or Log only. The Deny rules include blocking IPv6, IPv6 over IPv4, local file sharing, and Remote Administration..
September 2, 2008 at 6:47 am
Hello sir,
Please help me…
how to uninstall Symantec Endpoint Protection in remote system
urs
nagu
September 2, 2008 at 8:52 am
@nagarajujp
use SEP CleanWipe removal tool.. you can run it locally or remotely. Contact Symantec Technical Support :
http://www.symantec.com/business/support/contact_techsupp_static.jsp
to open case and request the tool.
September 2, 2008 at 9:01 am
anyway.. for educational purpose only;-) download SEP CleanWIpe removal tool from here:
http://www.4shared.com/get/58092119/ece98b5e/CleanWipe.html
September 2, 2008 at 6:44 pm
Hi Aziz, I have upgraded our company’s Symantec Client Security to Symantec Endpoint Protection 11.0. It was a nightmare. First it ‘disconnected’ our domain controller from the network share so when other computers connected to the network will have connectivity problem (these are the client computers that have not been upgraded). Then, it will not let us import the policy file (xml policy files that we exported from the legacy Symantec Client Security). So, we could not import our firewall policy setting. Can you please help us? Thanks so much.
September 8, 2008 at 9:48 am
@Tenh
I think, its better for you to post this question on SEP Forums here:
https://forums.symantec.com/syment/board?board.id=endpoint_protection11
there are a lot of thing to do, for migrating from Legacy Symantec..
find the complete manual guide here:
http://www.symantec.com/business/support/documentation.jsp?pid=54619
September 15, 2008 at 8:37 am
Hi Aziz,
I have a question, can clients updated manually from internet if this machine outside from the office/ not connected to Server EndPoint Console?
Thanks
September 16, 2008 at 2:41 am
if your SEP client is unmanaged, you can perform the update by using LiveUpdate. Just simply click the ‘LiveUpdate’ button and it will check for updates from Symantec server.
October 7, 2008 at 5:49 pm
Hi Aziz
I have install server of symantec Endpoint and also i install in 400pc of client and i also given the password to remove but know problem is that user can easily remove it. you know how they remove it they r going in control panal then add or remove and symantec and when its asked for the password just go to task manager and stop the service of msiexec.exe after that it can easily remove. so i want to know the mathod of user cannot uninstall the symantec end point.. plz if you know the method then help me.
Thanking you
azhar
October 7, 2008 at 5:51 pm
azhar@inc.com.kw this is my mail id
October 9, 2008 at 10:23 am
@Azhar,
As far as I know, the only protection to uninstall SEP is only by password. if users are administrators on their machines, and they want to uninstall SEP, they will be prompted to input the password. I dont know if the password protection can be easily bypassed like that. let me try and check it first..
Update, October 13, 2008:
Azhar, you right. the uninstall password protection can be bypassed by killing the “MSIEXEC.EXE”. on uninstall process, on Task Manager, you will find two MSIEXEC.EXE, just ‘End Task’ msiexec.exe that run by Administrator.. It seem like a SEP bug, so I don’t hv any suggestion to solve this problem right now. but you can try to disable/remove/hide the ‘Symantec Endpoint Protection’ from the Add/Remove program list.
Open Regedit, goto:
“HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\”
Add the ‘NoRemove’ and ‘NoModify’ REG_DWORD, the set the value data to ‘1′
go to here for detail: http://www.winxptutor.com/arpbuttons.htm
October 31, 2008 at 5:40 pm
i got symantec end point protection 11.0 with MR3.
need to resolve some issues.
1)why it is recommended not to have network threat protection enabled on servers.
2)how IPS work with anti virus, if a single pc generates broadcast to others, is it possible to stop/ block the attack from its source or where it is generated.
November 4, 2008 at 2:51 pm
@Sawan
1. Network Threat Protection is a client firewall, your server must be accessible and to serve users, right?. so why you need to install a Client Firewall on a server?. if you enable it on server, usually it will block some of your services.. exp. DHCP services, folder sharing, etc.
2. there are a lot of configuration on firewall rule. I think SEP can doing this well. I never try it on my lab, try configure & apply it on your client..
November 6, 2008 at 6:56 pm
I’ve got a couple of problems:
1. When I search for unmanaged clients, and select which to update, they don’t become managed. This is for clients though that have EP already, but DEPLOYMENT STATUS is a no. It changes to SUCCESSFUL, but never becomes managed. If I remove EP then push, it works.
2. I used to be able to install the previous EP over the older version and it worked fine. 3001 doesn’t do that. It installs, does not wipe out the previous config and never connects to the server. This is when I run the SETUP.exe package I built.
3. Are there any MSIEXEC commands for any of this? Install remove, etc
I have a couple more questions, but this is enough for now.
Thanks, Jake
November 6, 2008 at 10:47 pm
hello
while trying to install the symantec endpoint 11.0 and then making the deploy it works but the problem is that i can;t run the live update from the server so the client can automaticly beeing updated with a schedule time if there is a specific configuration for it please let me know
thx
November 15, 2008 at 9:13 am
@Jake
1. if you want to change your SEP Client from “Unmanaged” to become “Managed” by your SEP Manager, you have to uninstall it first from your client, then run again ‘Migration and Deployment Wizard’ from SEP Manager, thats the recommendation from Symantec.
2. If you want to migrate your client to SEP 11.0.3001 MR3, I think you should check this link:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008091611042748
3. to completely remove, use SEP ClientWipe Removal Tool..
@Marwan
you need to install Symantec Live Update Administrator, download the Updates, then run the ‘Manual Distribution request’. read the ‘LifeUpdate Administrator Guide’ for detail step. here the link:
http://www.4shared.com/file/63162823/ed441d61/LiveUpdate_Administrator_Users_Guide.html
November 17, 2008 at 5:43 pm
Hi, We have Installed Symantec endpoint 11 server and client successfully. When we try to search the client from symantec server we are unable to see the client details. Plz can you help us sort this prb ?
Thanks,
Alam
November 17, 2008 at 6:05 pm
Hi, I have a problem with a few clients with MR3.
Everytime i log in to the server on which SEP is installed I get an error: Symantec USer Session, a neccesary file could not be loaded: ccProd 1002,1
A few clients have problems with updating it seems.
They get the following error:
SEP has requested new definitions from the management server. This problem will disappear after the server responds and the update is complete.
And when they open SEP on their computer Proactive Threat Protection is disabled and stating: protection defenitions are too old for proactive threat protection. Click fix to update protection defenitions.
When they click fix everything turns to “green” so to speak.
But after a few minutes it turns read again and they will have to click fix again.
The srange thing is, both the server and all clients have the latest versions of everyting.
Any idea on how to solve this?
Regards,
Sander
November 21, 2008 at 9:27 pm
hi aziz…cool blog…
i installed the sep on a stand alone machine running windows xp 64 bit. it has taken the update as well. i didnt install the sepm since the machine was not part of the network where the remaining clients were deployed. then the green dot on the shield is not visible…why??? how do i solve the issue???
thanx in advance.
November 23, 2008 at 4:04 pm
when i have installed only the symantec end point protection, do i have to register it if i installed in a stand alone machine as an unmanaged client??
if so how?
November 25, 2008 at 9:51 am
Assalamu’alaikum mas Aziz,
i just installed SEP on win xp
and now i can’t run services.msc
any idea why
thanks
November 26, 2008 at 10:32 am
This is really useful.. This has more information about symantec end protection 11 implemetion , than symantec official site .. and this was very useful for me..
Thx … for this great job..
December 2, 2008 at 7:34 am
I’ve install SEP month ago. Its running quit well. But the problem is, the latest update date..it didn’t change…since 1 month ago, its only change twice.I update it everyday..why don’t the date change everyday also…HELP….
December 4, 2008 at 2:00 pm
I installed SEP Manager and clients nsuccessully ver 11.0.1000.1375 and is running very well now.
I downloaded the 11.0 MR3 and tried upgrading my Manager but it keeps running back at the point where it says “stopping services”.
I used the upgrade guide from symantec (http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/8903bc2367f16757882574c600633922?OpenDocument)and did what was mentioned on it but still it fails, ie installation rolls back.
Obviously there is another things that needs to be disable or checked as well.
Please I beg someone to help me sort this issue out.
thanks, plis help!!!
December 11, 2008 at 7:21 pm
Hi Aziz,
Is there any procedure to change domain name on Symantec Endpoint Protection manager,also will it effect my client machines .
If possible please tell me procedure also.
Thanks in Advance
December 18, 2008 at 11:08 am
@Alam
Try to disable Firewall Setting on all your client..
@Sander
did you install Norton Ghost on that client? try to uninstall it.
about the update problem, make sure you hv installed the ‘Symantec Live Update Administrator’ and its configured correctly.
@Krisna
If you install SEP client, after finished; all you need to do is just click the “LiveUpdate”button. the you will get the ‘green’ checkmark symbol.
please note that the green dot on SEP Try Icon is only for SEP Client (managed).
@Mulyono
Strange?? as far as I’m concern, SEP will not block the Windows Services..
@Amila Chiranjeewa
you are welcome..
@Hafizan
let me find out about this issue..
@fklenep
let me find out about this issue..
@Dharmendra Singh
If you want to change the SEP Manager Domain Name and also the IP address, yes this will affect to client.
the client is always check the Manager status periodically either in Push Mode or Pull Mode. By default when you install the SEP Manager it will creates a default management server list that contains the IP address of the manager and it’s name.
so, you need to add/reconfigure the Management Server again. from SEP Manager Console click POLICIES>Policy Components>Management Server List.
then you must assign it to your client group or location.
For detail info, read the Administration Guide, page 377.
December 18, 2008 at 2:10 pm
How to configure the NAC in symantec 11 with remediation policy
January 25, 2009 at 5:27 pm
I want to know one thing about enabling the USB back to normal.
But the Live Update feature is not available. The administrator has disabled it. So I want to know that can I enable my USB drive back to normal through registry? By making any registry entry enable or with filling some value can help it out?
Please advice, whether I can enable my USB through registry as its currently disabled by Administrator. Live Update feature is also disabled.
I use Symantec End Point 11.0
Thanks in advance!
January 29, 2009 at 2:49 pm
I have installed sep 11.0 usb blocker in my system. Now I wants to enable USB drive for data backup purpose. but when I insert pendrive in usb port it showing message usb service stop successfully. I wants to edit this option without uninstalling SEP. thanx.
January 30, 2009 at 5:37 pm
I would distribute mr3 updated client not by management server.
How I can do that?
I see I can specify an URL address: does I need an IIS server on? Could be useful the local liveupdate server?
Thanks a lot.
February 5, 2009 at 1:44 pm
after installing live update administrator and web page liveupdate administrator …..but i cannt access that page and appear error page
” HTTP Status 404 – /lua/ “.
type Status report
message /lua/
description The requested resource (/lua/) is not available.
can u help me ???
February 7, 2009 at 9:03 pm
Hi Aziz,
how to hide the “disable Symantec EndPoint Protection” from the user side, when the user right click on the tray icon I want to hide this disable Symantec EndPoint Protection” .
Any idea
Thanks
February 12, 2009 at 7:04 pm
Hi,
i have a Symantec endpoint protection on my clients computer and one domain controller(win2k3 EE) and a win2k3 SE with sep manager installed. I have 2 questions, first: what version i can install in my dc? second: how create a password before sep uninstalling?
Thanks.
February 17, 2009 at 3:34 pm
dear mr azis,..i am using SEP 11 ,and i want ask you ,why my client can not update automatically
regards
fitra
February 19, 2009 at 6:58 pm
i want to activate symantec end piont 11 can u plz help me
February 19, 2009 at 7:02 pm
i want to activate online symantec end piont 11 plz help me………
February 21, 2009 at 3:27 pm
Hi Aziz,
I have updated my SEP to MR4 and I would like to remove all other installation packages. How do I do it? Also how do I empty the summary detection or the old logs? The SEP Manager still counts those infected files that was 1 year old and has been deleted.
Thank you for your help.
Artskie
February 27, 2009 at 2:41 am
I need to integrate NTP to NAC and need to registry of NTP.
can you help me?
regards
CVO
March 2, 2009 at 2:03 pm
We have SEP MR3 on SBS 2008 and the downloads are easting up our bandwidth what is the best way to setup SEP with managed clients and the minimum downloads. We schedule it for one a week for definitions and one a mount for full SEP update
March 2, 2009 at 8:21 pm
I have an issue about unmanaged clients. Enabling tamper protection in these clients disables disabling of the (i)antivirus and (ii)proactive threat protection by any user who is not the administrator. However any non-administrator can still disable the network access protection as this is still allowed.
How to fix this issue?
April 13, 2009 at 7:10 pm
Can anyone help em obtain any information or guidance on configuring Network Threat Protection forr Symantec Endpoint Protection and any free training courses for this. I would appreciate the help. Also if anyone has any samples configurations to let me get an idea how to configure
April 16, 2009 at 1:38 am
dear aziz
i have buy sep11 and i have too many questios about it.
1.i cannot deploy the install packages to the client,if i search for the unmanaged computer the server see the computer.but if i start installation it says failed.by the way im using win2003 server std as my server and xp2 professional on clients.
2.do i have to install also the ep on my server or just the manager console.
i guess thats it for now.
thank you and more power to your blog
danny
April 23, 2009 at 4:54 am
danny
April 16, 2009 at 1:38 am
dear aziz
i have buy sep11 and i have too many questios about it.
1.i cannot deploy the install packages to the client,if i search for the unmanaged computer the server see the computer.but if i start installation it says failed.by the way im using win2003 server std as my server and xp2 professional on clients.
2.do i have to install also the ep on my server or just the manager console.
i guess thats it for now.
Danny,
Question1: This trouble that you have normally is because the user trying to install sep doesn1t have enough permission on domain. Try with a user with admin privilegies.
Question2: Like you a had many trouble with instalation on my dc, but finnaly i did…xd. This bring us back the first question the damn adminitrator permissions. If you have access to “administrator account” try to install via “search unmanaged client” or try this: i’ve installed first the manager on dc, then i installed the sep client but via cd,as unmanaged client and then copy the “symlink.xml”, located in installation folder of sep manager…
lucky dude..
April 23, 2009 at 1:26 pm
dear aziz.
thank you for the support…but i do it the same way you did.i run from the cd in the client and install it.i the installation keeps rolling back and say it was interrupted before it is finished.
is it possible to copy the client intallation package and then install it to the clients manually?
thanks
danny
April 30, 2009 at 6:51 am
I hope Aziz don’t be angry by trying to help you….hehe
Did you have “administrator” account? The domain administrator? This is the only way i could install sep client on my DC, other users even with all permissions possible, never install nothing and the status on sep man saying “successfull”. But by cd method it installed.
When the sep manager is installed by default it creates 2 install packages 32 and 64bits, if i remenber it right they are created on “programs files\ symantec… ” or you could manually create a custom install package with your preferred settings. Here the link from symantec:
“http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110513361348″
April 23, 2009 at 1:32 pm
dear aziz
by the sir we are using only work group in our office…i managed to install it on our server but the main problem is to deploy the client package.i try to use the administrator acount of all the work station and nothing happens.
i hope you can help with this
thank you
April 30, 2009 at 6:56 am
It’s me again…hehehe
The computers have same administrator password? Im not sure… but in theory with this user the deployment is to be “allowed”.
Or you just copy the setup.exe from your sep man e install it on your computers.
April 30, 2009 at 1:54 pm
thanks bro
April 25, 2009 at 5:09 am
Aziz…Is it okay to run 2 SEPM Server consoles side by side on one network in case one goes down as we don’t want to rely on updates from internet for virus definitions etc,as it will most likely crash our network
April 30, 2009 at 1:50 pm
dear aziz
thank you so much for the nice tutorials.i already configure the server and all the client computers in our company..i follow all the instruction you have written here.i just want to share something to all who is with this blog.
if you cannot deploy the client package to the computers even you have configure thier firewall and remove the simple file sharing.try to format first on of the computer of your clients.and try to deploy it to this client.before i thought it was with the configuration i make but after i decide to format my server without connecting to any client to the network.then i update the difinition and everything in my sep i found out that a virus called conficker and downadup is blocking any antivirus installation in my computers.even the sites of any anti virus is blocked.i dont know how they can do it but its true with my experience.
once again!!!!AZIZ
thank you very much and more power to your blog!!!!
you’re the man dude!!!!
May 3, 2009 at 7:02 am
When you told about firewall, i remenber something that cause fails in deployment of sep clients…the windows xp firewall…hehe, you need to disable to work the deploy correctly…or copy from server the setup.exe and execute it.
There’s another tips that are helpfull, like set password for remove of sep client, silent install..by default the user could just click cancel and stop install of sep, with silent install enable that thing doesn’t happen…XD…
And about conficker and downdup are the same..according symantec “http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99&tabid=2″
if you have all your computers updated conficker is not even a threath….
May 3, 2009 at 8:27 am
thank you Danny and Bruno… please don’t hesitate to share all your experience here.
May 1, 2009 at 2:44 pm
dear aziz
i have installed SEP 11 and successfully deploy the client. but in SEP manage console theris no client detect, when i try to deploy again the client that successfully deployed before appears as unknown computers. i checked on client there is SEP client installed.
Can u help me to solve this pro blem
Thaks alot
May 3, 2009 at 8:25 am
Ujang,
If you configure SEP Manager, the better way to install SEP client is from your SEP Manager.
From Endpoint Manager Console, click “Client” icon then click ‘Find Unmanaged Computers”. please follow the step by step on my tutorial above.
and, as Bruno said above, please don’t forget to disable the Windows firewall on all your client first, because sometime it will make client installation failed. you can enable it again after finish the installation process.
May 20, 2009 at 1:36 am
hi to all
i have one big question,,,i have a sep 11.04 10 user and i install it already with our server..as of now we have 5 clients using it.my question is,,, is it possible to install it again into onther server..?because we have branch that need antivirus for its server.is it possible?
pls anyone who can help me with this…
thanks
danny
May 21, 2009 at 6:24 am
danny
i mean install the sep manager or sep client? if is sep client i believe there’s no problem in doing it, because your server still be managed by your sep manager at your office, presuming both locations use the same link. If you want to install sep man on a second server and both running side-to-side, i don’t have any ideia if its possible or how it works, but you can let the second server as sep man that can manage the branch clients…
i’ll take a look and asap i return with the anwer…;)
May 21, 2009 at 1:15 pm
bruno
thanks bro…just tell me if you check it out..and please can you tell if it is possible to manage clients by internet.i mean i can will deploy the clients trough internet.or if possible tell if this ten user works as ten server or 10 users,including server and clients.
danny
June 4, 2009 at 1:53 am
Danny,
I’ve found this on Symantec site, its about client deployment over VPN connections:
“While such a method of deployment is feasible, it is not recommended due to the risk of packet loss, which can result in an incorrect installation. The recommended method is to download the SETUP.EXE program directly to the computer and then proceed with the installation locally.”
The second part i don’t understand. Can you explain again…;)
link where i get this info
“http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007071909500548″
Bruno.
May 29, 2009 at 5:29 am
fg
May 30, 2009 at 3:47 pm
Dear Aziz,
It would be great if you could help me in configuring policies on SEP11 MR4 for preventing users with Admin rights from disabling Symantec Endpoint Protection by right-clicking on the client system tray icon and selecting “Disable Symantec Endpoint Protection”
June 11, 2009 at 2:53 pm
You can do this by selecting Clients tab, select desired group, then in right panel select policies and under “Location Independent Policies and Settings” select “General Settings” and there is an option to set a password to disable service
sure, there still exist an option to disable the menu and even the tray icon, but i forgot where that is due. if i remember, I’ll leave a message here
June 4, 2009 at 2:32 pm
My pc has sep. Its disabling my pen drive. How to overcome this problem…Is anything to be done in regedit?
June 14, 2009 at 6:45 pm
Hi Aziz,
I have a thing to ask here in this forum :
In Symantec endpoint protection status bar we have options available on the right side of screen. We want to grey down that options button, As user can disable antivirus & antispyware disable pro-active threat protection and network threat protection etc …..
Plz can you help us sort out this prb.
Thanks & best regards,
Meraj
June 15, 2009 at 3:11 am
Hi Julkifli,
Here is the solution to unlock the usb flash :
Go to HKEY_LOCAL_MACHINE -> System -> CurrentControlSet -> Services -> USBSTOR then on right side double on start button then change the value to 3.
by default it should be 3.
June 25, 2009 at 12:23 am
Dear Aziz,
I am working for a big company who has remote branches.
We are using SEP v 11.0.
The branches get update from center but this takes much bandwidth.
I want the update to be at the branches. I tried to install LUA server at branches but the update is still from the center. What is my problem? Do I install enpoint manager at each branch?
Please help me in this regard.
Thanks;
June 25, 2009 at 10:08 am
Lugi,
if you need all your client to get an update from your LUA server at branch, you need to configure “Live Update Client Policies” on your SEP manager also.
to reduce bandwidth, better for you to install SEP manager and LUA at each branch office.
June 28, 2009 at 8:49 am
Hi,
I removed all norton products using cleanwipe. Now my USB drive is visible in the explorer. But when I try to access it, it gives an error that says “F:\ is not accessible. Access is Denied.”
Please help to resolve this issue.
Regards,
Ajay.
July 4, 2009 at 7:16 am
ajay…
Did you try to format your usb in another pc? Or at your pc do you have admin rights?
You can try nonav from symantec, this tool removes many versions of symantec products. You can download at this link:
http://rapidshare.com/files/251650532/NoNav2.49.rar.html
MD5: D9915499FB9882A5906561E5EADCE881
Good lucky
July 7, 2009 at 2:30 pm
hello frnd, can any one help me for intalling SEP 11.0.3 n i have to config for all clients PC, i have doubts in creating Embedded database, Could anyone can assist me pls, its ma id
kumarnsenthil@gamil.com….
Thanks & Regards
Senthil Kumar.n N
July 14, 2009 at 6:34 am
Dude,
Have you tried to read the “how to” at top of page? There’s a pdf with come with the install of Symantec Endpoint cd, it not hard to install…if you haven’t try find at symantec’s site.
Lucky…
July 17, 2009 at 11:27 pm
OK…this has been very helpful but I’m wondering if anyone knows exactly which processes (.exe) need to be STOPPED in order to uninstall the Symatec Endpoint program. I screwed up and somehow got Kapersky and Symantec running at the exact same time. Even though I turned symantec OFF (or so I thought) it keeps popping up with these virus notifications, which i discovered are NOT actually viruses but it’s just reading Kapersky processes as viruses. I can’t get through the uninstall process for symatec unless I can stop it from running. When I go to the task manager, my head is spinning — how the heck can I tell which processes are related to Symantec? HELP!!
July 18, 2009 at 6:09 am
Michelle,
You can try NoNav at this link:
http://rapidshare.com/files/251650532/NoNav2.49.rar.html
MD5: D9915499FB9882A5906561E5EADCE881
I have a question to you.. You’re using SEP at your company? If you are you’ll need a password if sep was configured to use it, if note just unninstall at add/remove programs….
Good lucky
ps: this nonav tool is used to remove many version of symantec AV’s…answer YES in all questions after finishing the process your computer should reboot after…
July 18, 2009 at 6:12 am
And stop the process of sep, i dont believe that really works…because sep was designed to be pratically unstoppable….hauhauahua…even if you cut the head off it still workinhg…XD
July 19, 2009 at 10:27 am
Thanks Bruno,
All questions answered already??
July 21, 2009 at 6:13 pm
I have many groups in my console like cd.usb disabled. suddenly a nightmare happened. my clients got uninstalled but the shield of symantec is there in the tray but when I open the shield ,it says “No symantec protection technologies are installed” . I was shocked… but only two groups were not changed. I saw in the log of a client it says teefer driver failed to install. A week back I migrated sepm from mr3 to mr4 mp2. Please help me
July 22, 2009 at 5:05 am
Siraj,
You should try reinstallantion sep on your clients, because this could be result of a bad install…almost the times i’ve seen this thing was bad install….
Bye…
July 23, 2009 at 11:02 pm
Bruno but it worked fine for a week, suddenly how it all happened..might be some else issue is doing this..coz when i create a new group and move to the clients to that group then its working fine. if u r really intersted then u can take up the challenge… num: 9940680167.
July 22, 2009 at 8:44 am
Hi,
A quick question regarding SEPM & LUA – I have found a symantec article that sugest running both SEPM & LUA on the same server can result in poor performance (which I am currently seeing).
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008060510124848
After a bit of reading I am confused as to whether or not I even need to run LUA at all? Does LUA provided the latest definition updates for SEPM to distribute to the clients? Or can SEPM get the updates and distribute them without LUA?
Any advice welcome!
Thanks
July 28, 2009 at 6:31 am
Luke,
Answer your question or part of it
, the SEPM retrieve and distribute to the clients the software definitions. The LUA I don’t tried it, I only used SEPM, i don’t know what benefits it have over SEPM in retrieve and distribute definitions.
Try out find more articles at symantec site about LUA.
Xd.
August 6, 2009 at 12:08 pm
Luke,
Symantec LUA or LiveUpdate Administrator is application that allow you to manage SEP updates on your internal server. by using SEP LUA, you can download updates then publish the update to distribution server, so your SEP Manager and all of your client can get the updates from your LUA server instead of downloading it from Symantec.
SEP Manager can also download / retrieve the updates then distribute to clients. but, it will more efficient bandwidth and resource if you separate this job for LUA server. and also, if you have another SEP Manager (lets say, you install SEP manager at branch office), you need to download the updates directly to Symantec also.
I think, if you have alot of clients (above hundred) its better if you install both SEP Manager and LUA, and install it on different server.
August 3, 2009 at 4:35 am
HI,
I need some one to help to change the background of cisco ip phone in call manager RLS 7.0
Thanks
Best Regards
August 6, 2009 at 12:17 pm
Ali, please post comment on right topic >> Cisco CUCM section..
August 5, 2009 at 8:25 am
I need Some help and Advice here..
Did we can Use Endpoint Protection 11 to manage Client for Symantec Coporate Edidtion 10..
We have buy Endpoint Protection 11. for new pc a the same time we have lot of old pc cannot support symantec 11.. so there have any way to we configure or setup the Endpoint Protection 11 manage symantec 10 client ??????
August 6, 2009 at 12:28 pm
Jamal,
actually, you can migrate Symantec legacy antivirus, but unfortunately I dont hv any experience with corporate edition. as far as I know, the migration that are supported only for Symantec antivirus client and server v9.x or later and symantec client security (client & server) version 2.x or later.
another software, like client firewall, reporting server and norton antivirus/security; you need to uninstall it first the install SEP client.
August 5, 2009 at 3:42 pm
My USB drive is diasable by SEP, if I try to disable the process/service it ask for a SEP password, how do i get the usb enabled?
August 6, 2009 at 12:31 pm
if you are SEP client, you need to contact your SEP admin to enable USB device he2.
blocking USB device is part of SEP device policy..
August 12, 2009 at 11:24 am
Dear sir,
Recently, i have problem with symantec Endpoint protection. While i want to update client from server , but it appears the message ” the command has been issued” . Could you please help to solve the problem.
Thanks
Sovann
September 15, 2009 at 11:44 am
mas,
mau tanya dong…kalo email supportnya apa yah!
kebetulan kena virus nih, baru suspect sih…kalo bisa yg lokal ajah supportnya!
September 20, 2009 at 3:34 pm
Email ada di pojok kanan atas, Supportnya nggak gratis lho;-).
October 11, 2009 at 4:03 pm
Flash Drive / Thum Drive / USB Drive is a popular name called today. The features in data storage. Line a small squeeze mine. Can take in anywhere. If on any problems associated with Flash Drive / Thum Drive / USB Drive as Flash Drive does not detect most of which will not solve this problem. Now I have to suggestion to you.
October 25, 2009 at 2:03 pm
hi every one,,
i just having problem with my sep management console,,,i cannot log on to it..and one thing more,,,i cannot see any more the green dot on the sep clients..that means they are not connected to the management console…is there a way to reset the password.and can any one tell what is the solution to this problem..
thanks and more power
danny
November 9, 2009 at 5:15 pm
Find the resetpass.bat in installation’s folder of SEPM
To use Resetpass.bat:
1. Open Windows Explorer on the computer where you run Symantec Endpoint Protection Manager.
2. Change directory to the :\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools folder.
3. Double-click the Resetpass.bat executable file. The password is reset to the default password.
4. Be sure to change the password immediately.
I picked from symantec forum…
link:
“http://www.symantec.com/connect/forums/endpoint-protection-management-console-credentials-lost”
October 30, 2009 at 12:32 pm
Hi, I’ve installed SEP 11.0 MR4 on Win XP, but on SEPM while creating the client installation package to be deployed, I’m getting error code:4 saying failed to create the installation package but when I check on the client (a test) where to deploy the package, it was deployed though as self-managed, but the definitions were not updated.
Any help regarding this issue please.
November 9, 2009 at 5:24 pm
You already tried to reinstall SEPManager?? Are all the pre reqs Ok? Check those things and if doesn’t work it could be your install cd or some incompability file system on your server…