Author: gunnalag

Check the status of reported client in SEPM console If client is ”’active”’, Run "Update Content" command from SEPM. To verify what definitions that client running with, check below files: C:>type "\<workstation name>c$Program FilesCommon FilesSymantec SharedVirusDefsusage.dat" (definitions in use) C:>type "\<workstation name>c$Program FilesCommon FilesSymantec SharedVirusDefsdefinfo.dat" (definitions dates) If client is ”’active but connected to remote site servers”’ (Computer icon with single red cross arrow) then Check if PC is able to resolve it’s local SEPM servers. Try flushing the DNS cache and see if client makes connection to local SEPM servers If still fails, drop the latest (you may copy […]

Resolving Risks: Every risk alert should be treated as high priority and attended to at the earliest to stop any risk activity. Immediately Disconnect or Shutdown the reported computer from the network. Once disconnected, ensure the latest virus definitions are updated on the machine and run a local full scan on the machine. Determine the risk severity using below strategies and act appropriately. If the risk incident obeys any of the below conditions then it’s considered to be a high severity risk otherwise a low severity risk: From the data in the risk request, · Sum of risk count per […]

Folder Locations: License files: C:Program FilesSymantecSymantec Endpoint Protection Managertomcatetclicense SEPM logs : C:Program FilesSymantecSymantec Endpoint Protection Managertomcatlogs Replication folder path: C:program FilessymantecSymantec Endpoint Protection Managerdatareplication SEP Client Packages location: C:Program FilesSymantecSymantec Endpoint Protection ManagerInetpubClientPackages keystoreFile: "C:Program FilesSymantecSymantec Endpoint Protection Managertomcatetckeystore.jks" Server Private Key: C:Program FilesSymantecSymantec Endpoint Protection ManagerServer Private Key Backup < p>