background preloader

Endpoint Protection

Facebook Twitter

How to reduce the number of content revisions stored in Symantec Endpoint Protection ManagerInetpubcontent folder in SEP SBE. The number of content updates stored in the \Program Files\Symantec\Symantec Protection Center\Inetpub\content folder can be reduced by creating the setting called "scm.lucontentcleanup.threshold" to the conf.properties file. This setting controls how many revisions that Symantec Protection Center retains of content (Virus Definitions, etc) for distribution and deltas (microdefs). Reducing this value reduces the amount of disk space and database space that is utilized, but increases the likelihood that clients that are not connected to the Symantec Protection Center for extended periods of times (such as laptops) will download a full virus definition set as opposed to microdefs, potentially increasing network utilization.

To adjust the number of content updates stored by Symantec Protection Center Open the \Program Files\Symantec\Symantec Protection Center\tomcat\etc\conf.properties file. Symantec Endpoint Protection virus definition folder consumes a large amount of disk space. SQLa0000.tmp file rapidly increases. Hi, We have noticed recently that there is a temp file in C:\windows\temp called sqla0000.tmp (c:\windows\temp\sqla0000.tmp) that continuously grows over time until it completely fills the hard drive.

This has happened 4 times in the last 5 months. It seems that the file grows gradually and then on one day it balloons to fill the entire hard drive. This file is associated with Symantec Endpoint Manager as you need to stop the SEPM service to delete it. I have tried searching for other people with the same issue and am unable to find anything online or in this support forum. Below is a graph showing the total hard drive usage over the last year. As you can see in the graph, there are four times that the spikes appear in the last 5 months all pertaining to the sqla0000.tmp file.

How do I control the file sqla0000.tmp to stop it from expanding limitlessly? Any assistance would be gratefully received. Limit VirusDef disk space - SEP Small Business Edition. Solving the System running out of disk space and SEP content Folder growing. Keeping system folder to a minimum comes very handy in term of backup still to small might result in System running out of disk space which causes SEP and the whole system performance to lag How to proceed?

1. On safe mode cut past the Symantec Endpoint folder content on a different location 2. create a clean partition 3. Windows + R type diskmgmt.msc 4. Right click on the new partition and select New Partition 5. Follow the instructions until you reach Assign Drive Letter or Path section 6. Select Mount in the following empty NTFS folder radio button and select Browse… 7. Highlight the C: drive and click on Symantec empty Folder 8. Just remember to keep this action documented in the server history in case you realise SEP content folder keeps growing follow the steps below Stop Symantec Endpoint management service modify this file Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties add scm.lucontentcleanup.threshold=1. How to use a new Drive or Partition to host the Symantec Endpoint Protection content directory without reinstalling. To solve this issue, follow the steps below: Stop the following services via the "Services" control panel.

"Symantec Endpoint Protection Manager" "IIS Admin Service" (This will also stop the "World Wide Web Publishing Service"). (for version 11.0 of the product) "Symantec Endpoint Protection Manager Webserver" (for version 12.1 of the product) Open My Computer Browse to the folder where the Symantec Endpoint Protection Manager application is currently installed (Typically Program Files\Symantec\Symantec Endpoint Protection Manager\) Open the "Inetpub" subfolder, and rename the "Content" folder. The new name does not matter, but for ease of use, I would recommend using "Content1" Create an empty folder called "Content" in the "Inetpub" folder. Notes: For this procedure to work, a drive partition dedicated exclusively for Symantec content must be used.WARNING: Using the partition to store other data may cause loss of that data.

This document is available in the following languages: Out of disk space for SEPM - move SEPM to another drive. Issue Related to Low disk space. Problem: Receiving pop-up Error message stating "Low Disk Space" after installing Symantec Endpoint Protection Manager (SEPM) or Symantec Endpoint Protection(SEP) on Machines. Error: Receiving pop-up Error message stating "Low Disk Space" Cause: There may be lots of causes for this issue.

Solution There may be lots of causes for this issue. Before we start Troubleshooting the Issue, we need to know which drive is running Low on Disk Space and which folder is using the highest space on the Drive. Once, we have Figured out, we can start with Troubleshooting. If in case, Windows Files using the Space. 1) Run a Windows Disk Cleanup Manually. 2) Make sure you Uninstall the Unwanted Softwares from the machines. If in case, Symantec Files using the Space, work on the Steps below: Stop the Symantec service Symantec Endpoint ProtectionClick Start, then RunType: smc -stopClick OK Deleting the files Open the Command Prompt Deleting files from User Temp folder Click Start, then RunType: cmdClick OK 1. 2. 3. 4. Best Practices for configuring the number of content revisions to keep in Symantec Endpoint Protection Manager. The SEPM must have previous content revision downloads in order to create a "delta", or differential, capable of updating a client from its current content version to the most recent version of that content being stored on the SEPM.

The value of deltas is that content revisions are kept to a minimal size as they are sent across the network. To determine how many content revisions you should keep consider the following: For the majority of your clients how often do they communicate with their SEPM? Historically, how long have your clients had to go without communication with their SEPM? What disaster recovery scenarios must you consider and of what duration? The number of content revisions to keep should depend on the need to balance network bandwidth usage with the amount of hard drive storage availability on the SEPM. Technical Information To determine how long it will take to perform a content distribution update in a best case scenario, use the following formula of: Downloads Storage. Disk Space Management procedures for the Symantec Endpoint Protection Manager.

By default, the Symantec Endpoint Protection Manager downloads and keeps a particular number of virus definition revisions in its repositories based on the type of install performed: Simple or Default: A management server that manages fewer than 100 clients and uses an embedded database. By default, the number of content revisions to keep is three (3). Advanced: A management server that manages more than 100 clients, or if you want to customize the configuration. By default, the number of content revisions depends on the number of clients indicated: Between 100 and 500 = three (3) revisions Between 500 and 1,000 = ten (10) revisions More than 1,000 = 30 revisions This number can be lowered to help reduce the amount of disk space that is used by content revisions.

How to change the number of revisions retained by the Symantec Endpoint Protection Manager Log on to Symantec Endpoint Protection Manager. Log on to Symantec Endpoint Protection Manager. How client computers receive content updates - Nightly. How client computers receive content updates Your client computers automatically download virus definitions and other security content updates from Symantec Endpoint Protection Manager.

You can also allow them to use LiveUpdate over the Internet to download security definitions and other product updates directly from a Symantec LiveUpdate server when they do not have access to the Symantec Endpoint Protection Manager server. Enabling a computer to use LiveUpdate over the Internet is especially useful if you have users who travel with portable computers. If the computers connect intermittently or not at all to your network, have them update directly from a Symantec LiveUpdate server over the Internet. The Symantec Endpoint Protection Manager LiveUpdate schedule settings are defined in the on the Admin page. See Managing content updates .

Table: Content distribution methods and when to use them A client computer receives the content updates from LiveUpdate in the following situations: Symantec Endpoint Protection Manager - LiveUpdate - Policies explained - Nightly. LiveUpdate Settings LiveUpdate Settings policy server settings This panel lets you specify where client computers in a group get updates. The updates that are downloaded are specified in the LiveUpdate Content policy. Table: LiveUpdate policy server settings LiveUpdate Settings policy schedule Use this panel to specify how often to push updates from LiveUpdate servers to clients in the groups to which this policy is applied.

Table: LiveUpdate policy schedule options LiveUpdate Settings policy advanced settings This panel lets you specify the control to give end users with using LiveUpdate on client computers. Table: LiveUpdate client security settings LiveUpdate Content Security Definitions This panel lets you select the type of updates that can be installed on Symantec Endpoint Protection clients. The definitions and content types that you select must also be downloaded to the Symantec Endpoint Protection Manager if the Symantec Endpoint Protection Manager is the only update provider. Excesive TCP 8014 traffic from SEP Clients to SEPM Server | Symantec Connect Community - Nightly. Which Communications Ports does Symantec Endpoint Protection use? - Nightly. Best Practices for the Intrusion Prevention System component of Symantec Endpoint Protectoin on high-availability/high bandwidth servers.

Ver. 11.x

Ver. 12.x. What are the Symantec Endpoint Protection (SEP) versions released officially? | Symantec Connect Community - Nightly. Enterprise Support - Symantec Corp. Supported Upgrade paths to Symantec Endpoint Protection 12.1 - Nightly. Supported and unsupported upgrade and migration paths for Symantec Endpoint Protection 12.1.x Supported upgrade paths to a newer version of 12.1.x Table: Supported upgrade paths from 12.1.x to a newer version of 12.1.x Note: You can upgrade from a Small Business Edition product to the enterprise version, but the reverse (enterprise version to Small Business Edition) is considered a downgrade and is not supported.

See the release notes for the version to which you are about to upgrade: Release Notes and System Requirements for all versions of Symantec Endpoint Protection and Symantec Network Access Control Also see: Best practices for upgrading to Symantec Endpoint Protection Supported and unsupported paths from 11.0.x and 12.0 Table: Supported and unsupported upgrade paths from Symantec Endpoint Protection 11.0.x or Small Business Edition 12.0 to 12.1.x Migration paths Table: Migration paths from legacy Symantec virus protection software that can migrate to Symantec Endpoint Protection 12.1.x. Enterprise Support - Symantec Corp. How to upgrade a client from a non-manager server using the Download the client package from the following URL (http or https) option. - Nightly. How to Auto-Upgrade Remote Site Clients using IIS | Symantec Connect Community - Nightly.

Reduce WAN traffic and upgrade failures by using an IIS server in a remote site. Please refer the below exhibit. Site1 has SEPM. Site2 and Site3 are remote sites having a Windows server with IIS. Configuring a remote site, in this case Site2 or Site3. The name of the Server is Site2. Step1.1: Create a folder on local drive and copy the setup.exe created using SEPM. Step1.2: Create a virtual directory in IIS on Site2 server. Step 1.3: Make sure the Virtual Dircetory has the correct 'Local Path' where the setup.exe is saved. Step2: Verify that the package can be downloaded without any permission issue.

To test this, type the client package url for e.g. You should get a file download doalogue box. Step3.1: Goto Install Packages under Clients tab in SEPM. Step 3.2: Select 'Downloadthe client package from the following URL (http or https)' and type the URL of the client package hosted in IIS of site2 and click 'Ok'. e.g " Upgrading SEM 11.0.5002.333 | Symantec Connect Community - Nightly. Enterprise Support - Symantec Corp. Supported upgrade paths to Symantec Endpoint Protection Manager 12.1 from Symantec Endpoint Protection Manager 11.x - Nightly. Supported Migration Paths The 11.0 RU7, RU7 MP1, and RU7 MP2 SEPM contains SQL schema changes that are newer than the schema used by 12.1. For this reason, migrations from certain 11.0 RU7 to 12.1 versions are not supported, and are prevented by the installer.

Migration support for 11.0.7000.975 (RU7) to 12.1 is present in 12.1.1000.157 (RU1) or later. Migration support for 11.0.7101.1056 (RU7 MP1), 11.0.7200.1147 (RU7 MP2), and 11.0.7300.1294 (RU7 MP3) to 12.1 is supported for 12.1.2015.2015 (RU2) or later. Migration support for 11.0.7400.1398 (RU7 MP4) to 12.1 is supported for 12.1.4013.4013 (RU4) or later. All versions of Symantec Sygate Enterprise Protection up to 5.1 up to Maintenance Release 9 Maintenance Patch 5 (MR9 MP5) can only be migrated to versions of 12.1 earlier than RU2.

This document only covers the supported upgrade paths to the enterprise edition of Symantec Endpoint Protection 12.1. Enterprise Support - Symantec Corp. Licensing Symantec Endpoint Protection - Nightly. Enterprise Support - Symantec Corp. Best practices for upgrading to Symantec Endpoint Protection 12.1.2 - Nightly. The following resources will help to plan and perform an optimal upgrade from previous versions of Symantec Endpoint Protection (SEP) to the current version, while following the recommended best practices and being aware of any potential issues and risks. Benefits of upgrading to the latest version of 12.1.x Important information for the latest version Things to know before getting started Before the upgrade, use the Symantec Help diagnostic tool to determine whether the computers meet minimum system requirements.

Consider the following product-specific suggestions and recommendations and make sure routine maintenance has been done on the computers to be upgraded. Best Practices As a best practice, always back up the Symantec Endpoint Protection Manager database prior to an upgrade. FAQs Q: Where do I get the current version of Symantec Endpoint Protection?

A: Use your serial number to download it from FileConnect. A: Yes.