DLP Agent can be disabled in Chrome incognito mode. Can we force enable DLP agent even in incognito mode?
We have a (physical) Windows 2016 Domain Controller with Symantec Endpoint Protection on it, version 14.0.3929.1200.
We can install SEP and it works, but we have experienced twice in a few months now that after a reboot, the DC will enter Safe Mode and refuses to work anymore. We need to deinstall SEP, use bcdedit to restore normal boot mode before it functions again.
We have configured all exceptions for Domain Controllers and 5 other DC’s are working without any problems with the same Server OS and SEP version.
Does anybody have any idea how to troubleshoot this?
I see from the forums a few people having similar issues so I’ll cut to the chase;
Our details (sender);
126.96.36.199 > server1.ssab.ws
188.8.131.52 > mail.ssab.ws
Our Bank details (receiver);
anz.com MX preference = 10, mail exchanger = cluster3vk.eu.messagelabs.com
anz.com MX preference = 20, mail exchanger = cluster3vka.eu.messagelabs.com
Our hosting services have confirmed that the emails snet has been received by the bank’s email server.
We can receive bank emails fine.
Please whitelist us or whatever needs to be done so we can resolve this issue, crtitical that we have email comms with the bank!
I hope that is enough info, please email email@example.com if you need more details
Thanks in advance and hope to have resolved within 8 hours 🙂
We are using 14.0.3929 verion in our environment along with ATP version 3.1.0-678 . From the last couple of days we are getting this alert in ATP:
|2018-07-18 14:21:59 UTC||
4124: Endpoint (IP/URL/Domain) Detection
Malicious traffic blocked: Web Attack: Fake TechSupport Domains 2
Could you please explain what this attack actually means? Bing.com is blocked already in this environment .
Im looking for some business benefits that I can exhibit for SEP 14 upgrade from Sep 12. I have afew points pulled from SEP14 whats’ new article.. but looking for something that might help the higher management.
Any suggestions/Ideas will really help me! TIA
When a machine is scanned there are 4 components detected :
|Symantec Endpoint Protection.cloud||
|Symantec.cloud – Cloud Agent||3.00.10.2737|
|Symantec.cloud – Endpoint Protection||184.108.40.2060|
And the add/remove program entry shows
I want to understand what each component indicates and why are 3 different versions being detected in the same product?
Are they the same product? Then why do they have different versions for the same product?
And what product does the version 220.127.116.110 belong to?
Can anyone help me undertand the correlation?
We have configured 2 Interface on proxy. One for Mangement Console and Second is for getting Internet access to proxy.
We observed that Management Console IP is making connection with DLP server IP instead of Second interface.
Can we define from which interface we can send connection to DLP.
We have transparent mode setup. Client enable TCP tunnel services in the protocol.
We have configured block rule to block social media and porn categories.
But user can access those blocked category url’s. whicl we are checking in the policy trace it shows in the IP addresses instead of the url
tunnel: get :/18.104.22.168
Even those rule is not matching in the policy execution.
Please advise on this.
I am using Endpint Protection manager 12.1.67
My clients not updating PTP and NTP automatically from server, but Virus and spyware protection updates without any problem. This is a closed network and not connected to internet. I downloads all the three jdb file and updates manager regularly. Now, for PTP and NTP I download the .exe file and manually updates all clients.
Suggest some solution.