Endpoint Protection

 View Only

  • 1.  change definition out of date warning on unmanaged client

    Posted May 29, 2014 11:46 AM

    on windows 7 sp1 computer, 64-bit, running Symantec Endpoint Protection 12.1.4013.

    SEP was installed on this standalone computer as an unmanaged client.  It is not networked so I cannot use live update, instead I manually download the definition file and transfer to the computer and update it that way.  The warning now that comes up within SEP, and the little icon down by the time changes indicating so, that the definitions are out of date seem to happen much sooner than 30 days.  I'm used to version 11 SEP from Windows XP which would red flag the definitions out of date at 30 days or more.  With version 12 it seems like it might be 14 days or possibly sooner.  Is there a way to change this?

    I found articles here explaining using SEPM (manager) and setting the policy for the clients... I do not want to get that involved and have to install SEPM on a standalone computer / unmanaged client, that is crazy.

    Is there some registry setting, or Symantec patch available that can allow me to configure the SEP definition warning value?

    And I'm using just the antivirus portion of SEP, I'm not using advanced download protection nor proactive threat protection nor network threat protection.

    thanks.



  • 2.  RE: change definition out of date warning on unmanaged client
    Best Answer

    Posted May 29, 2014 11:52 AM

    HKLM\Software\Wow6432Node\Symantec\Symantec Endpoint Protection\AV\AdministratorOnly\General

    Check the WarnAfterDays key I believe it is

     



  • 3.  RE: change definition out of date warning on unmanaged client

    Posted May 29, 2014 12:09 PM

    that was it.  thank you.  Mine was set to 7.



  • 4.  RE: change definition out of date warning on unmanaged client

    Posted May 29, 2014 12:12 PM

    happy to help :)



  • 5.  RE: change definition out of date warning on unmanaged client

    Posted May 29, 2014 01:07 PM

    that seems to be the correct key, but i can't change any of the values of those keys in that registry folder.  I've tried smc -stop from the run menu and all the symantec services were stopped, but can't change it yet.

    anybody have an idea what needs to be done to change that registry value ?



  • 6.  RE: change definition out of date warning on unmanaged client

    Posted May 29, 2014 01:11 PM

    Disable tamper protection first



  • 7.  RE: change definition out of date warning on unmanaged client

    Posted May 29, 2014 01:18 PM

    ok figured it out.   under Change Settings - Client Management - Configure Settings button - Tamper Protection tab.

     

    need to uncheck "Protect Symantec security software from being tampered with or shut down"

    as soon as i uncheck, i can edit that WarnAfterDays registry value.

     

    and i verified this is the correct key, set it to 1 and SEP icon in try immediately goes red showing out of date.  Change number to something greater than today - yesterday which is when i last updated and SEP goes green.