[DISCUSSION] Symantec Endpoint Protection

Discussion in 'Application Software' started by CHEF-KOCH, Dec 14, 2013.

  1. ABCXYZ XYZ

    ABCXYZ XYZ MDL Novice

    Jul 12, 2021
    6
    1
    0
    I am running SEP 14.3.4615.2000, my exceptions are not disappearing, they are there, BUT my LiveUpdate is not working. I have fully updated Win 7 x64 with SHA-2 update and all the registry entries mentioned above. Anyone have any idea how to make LiveUpdate work?

    My LiveUpdate was not working on older version 14.3.3580.1100 either. Upgraded to 14.3.4615.2000 in hopes that it might work.
     
  2. x90126

    x90126 MDL Novice

    Mar 16, 2019
    18
    4
    0

    It's always a good idea to test any new updates (especially those involving a lot of configuration or have system-wide effect) in VMware of VirtualBox. ;)

    Mea culpa: I didn't do that because usually SEP builds were solid, but now Broadcom is at the helm I will do that every time from now on!
    (they write good drivers, but I'm not impressed with their talents so far)


    /x13
     
  3. infinitevs

    infinitevs MDL Novice

    Mar 19, 2014
    4
    0
    0

    ABCXYZ XYZ:
    Try re-installing as dark web client... and if no good try manually installing the definitions from the definitions packs offered on the broadcom site?
     
  4. ABCXYZ XYZ

    ABCXYZ XYZ MDL Novice

    Jul 12, 2021
    6
    1
    0
    Before installing 14.3.4615.2000, I had CleanWiped the older version and then first installed the dark net client and tried, no luck with LiveUpdate. Then again CleanWiped and installed the standard client. So thanks for the suggestion, but I've already tried that. As for manual standalone definitions, they do work and my SEP is up-to-date on defs, but it is quite cumbersome to manually install, isn't it. Wish someone would have a real solution for LiveUpdate. Thanks.
     
  5. infinitevs

    infinitevs MDL Novice

    Mar 19, 2014
    4
    0
    0
    ABCXYZ XYZ: The reason I suggested the manual definitions was because I had a dark client where the liveupdate wouldn't work and simply manually updating the defs and rebooting a few times seemed to correct it. And yeah manually updating all the time sounds like a massive hassle, I mean if worst came to worst you could write a script though I hope you find a better solution!
     
  6. odinthegreatone

    odinthegreatone MDL Junior Member

    Dec 4, 2008
    79
    2
    0
    Has anyone installed 14.3 ru2 and noticed their Google Chrome is suddenly managed by an organization whereas prior to the update, it hasn't? Did the new client introduce a new policy being pushed in?
     
  7. pm67310

    pm67310 MDL Addicted

    Sep 6, 2011
    539
    222
    30

    Yes last version have chrome extension
     
  8. x90126

    x90126 MDL Novice

    Mar 16, 2019
    18
    4
    0

    If you scroll back a few pages in this thread there's a method for disabling that extension if it bothers you. ;)


    /x13
     
  9. odinthegreatone

    odinthegreatone MDL Junior Member

    Dec 4, 2008
    79
    2
    0
    Yup, I tried. It keeps reappearing and then I tried modifying the key and then it still says managed by organization.

    Hmm guess there has to be an update or another way.
     
  10. x90126

    x90126 MDL Novice

    Mar 16, 2019
    18
    4
    0
    I confess I use Brave browser so I'm not forced to use that extension. ;)
     
  11. ABCXYZ XYZ

    ABCXYZ XYZ MDL Novice

    Jul 12, 2021
    6
    1
    0
    Hello,
    I have a weird problem with SEP, whenever I connect to VPN, the SEP disregards all my Application Settings and Firewall rules and just allows all applications to connect to the net. I have a bunch of applications which I don't want to have network access and as such have blocked them. Also created a firewall rule to block those particular apps on all network adapters. These rules are followed by SEP whenever I am not using VPN, but as soon as I connect to VPN, these rules are out the window. Did a lot of searching on net, but couldn't find anything. Does anyone have any clue why SEP by default allows all traffic on VPN. Btw, I use Surfshark, but it doesn't seem to be an issue of that, my friend has NordVPN and he too has similar issue. So it is definitely a SEP issue. If anyone has a similar issue or knows how to resolve it, I would be very thankful. I want SEP to follow the firewall and application settings rules. I have the latest SEP 14.3 RU2.
    Thank you.
     
  12. x90126

    x90126 MDL Novice

    Mar 16, 2019
    18
    4
    0


    Also for you I recommend downgrading to 14.3.3580.1100 RU1 MP1.

    /x13
     
  13. odinthegreatone

    odinthegreatone MDL Junior Member

    Dec 4, 2008
    79
    2
    0
    Anyone had difficulty getting a full scan or active scan working with 14.3 ru2?
     
  14. x90126

    x90126 MDL Novice

    Mar 16, 2019
    18
    4
    0
    Well folks, it seems like 14.3.3580.1100 RU1 MP1 isn't so stable after all.

    By pure coincidence I went in SEP's settings and saw that all my exceptions were deleted AGAIN.

    Not only that, some other settings (like proxy, submitting suspicious files) were also reset to their defaults.
    So it's not just the exceptions that are affected, it seems that this bug (could be more that one of course) resets some settings which also clears the exceptions.

    So I'll have to downgrade again... to 14.2.5569.2100 RU2 MP1, which is Symantec's last release before the Broadcom's code butchers took over.
    Such a shame to see this brilliant software go to hell like this.

    BEWARE
    if you use any other Symantec products (since the take-over), they may also suffer the same fate!


    /x13
     
  15. Mks1440

    Mks1440 MDL Novice

    Jul 9, 2018
    6
    1
    0
    I had the same issue with this version of SEP but it did work just fine when
    1-uninstall.
    2-removal of any SEP trace in windows registries.
    3-install and update.
    4-reboot PC (important step)
    5-configure SEP (exceptions,etc...)
    6-run update again
    7-reboot PC and verify setting again if it get reset then reconfigure again and it should stay.

    could not update SEP to the new version because of the new chrome extension (it blocks many sites and it can not be disable or configure)
     
  16. x90126

    x90126 MDL Novice

    Mar 16, 2019
    18
    4
    0
    #1116 x90126, Aug 9, 2021
    Last edited: Aug 9, 2021

    Seems waaaay too complicated.
    Software should adapt to us and not the other way around.

    Of course the extension can be blocked!
    Scroll back in this thread. There are several ways to do this.

    PS: This extension only gets installed on Chrome. Other Chrome-type browsers (Dragon, Brave) don't have this problem.

    /x13
     
  17. f41lbl0g

    f41lbl0g MDL Novice

    Jun 2, 2015
    1
    0
    0
    #1117 f41lbl0g, Aug 23, 2021
    Last edited: Sep 3, 2021
    Would anyone be able to mirror the 14.3 RU2 for macOS? It released after the windows version, so RU1 is included in the all clients package.

    @LostED
     
  18. Bushwalker8

    Bushwalker8 MDL Novice

    Jun 17, 2015
    6
    2
    0
    Anyone tried with Edge?
     
  19. Foomanchoo

    Foomanchoo MDL Junior Member

    May 15, 2020
    55
    23
    0
    I don't see Symantec extension in Edge nor in Firefox
     
  20. arbitshell

    arbitshell MDL Novice

    Feb 25, 2014
    2
    0
    0
    I have below questions. I appreciate if someone can answer these.

    1) I used Symantec_Endpoint_Protection_14.3.0_RU2_All_Clients_EN.zip having SHA256 17BB269515A6C5ABA97FE8430F0C483F6E587FA127FC45C7ADFED7DC9F43D251, I think it installed unmanaged Symantec endpoint on latest windows 10, it also does update live updates. I am aware that I can't do any version update directly since I dont have any license for this. What are other downsides of continue using non-license/unmanaged Symantec client from security point of view? Using unmanaged or not-licensed, is my windows 10 safe? (of course to some extend!)

    2) Right SHA256 is correct way of validating authenticity of file, but if a file is signed (ex: Symantec_Endpoint_Protection_14.3.0_RU2_Win64-bit_Client_EN.exe) using proper Symantec certificate, does that mean that file is genuine? Can I trust that exe without worrying about SHA256?

    3) My company has Symantec and I am slightly inclined towards that regardless its memory/CPU usage. But how is this compared to other free personal use anti viruses (ex: McAfee, Kaspersky etc.). Can you give few important differences why I shouldn't use Symantec unmanaged?

    4) For home free usage, please give your personal preference of anti virus software's.