Endpoint Protection

 View Only

  • 1.  SEP 12.1 configuration values rollback

    Posted Jul 05, 2012 11:40 AM

    I created an unmanaged SEP client and deployed it. Setup allows configuration tempering and configuration changes byt he user.

    Changed some configuratin values throught he UI (LiveUpdate scheduled time and proxy). After a system reboot the values are reverted back to the original ones as set on the SEPM.

    Also changed registry values are also reverted after reboot.

    Same is Settings.Hosts.LiveUpdate removed after reboot (unless made readonly)

     

    How is one supposed to configure SEP client so that he does not have to reconfigure it each day?



  • 2.  RE: SEP 12.1 configuration values rollback

    Posted Jul 05, 2012 11:50 AM

    While exporting the un-managed client install package, did you check the option to export package with policy from following groups ? And did you select user mode or computer mode ?



  • 3.  RE: SEP 12.1 configuration values rollback

    Broadcom Employee
    Posted Jul 05, 2012 12:01 PM

    the settings.liveupdate has to be set to read only.



  • 4.  RE: SEP 12.1 configuration values rollback

    Trusted Advisor
    Posted Jul 05, 2012 12:07 PM

    Hello,

    When you want to have the SEP client as completely self managed, why even create a package when it is readily available in the DVD.

    I would suggest you to Simply use the Unmanaged Package - 

    For 32 Bit package -

    ....\Symantec_Endpoint_Protection_12.1_RU1_MP1_Part1_Installation_EN\SEP

    and for 

    64 bit package - 

    ....\Symantec_Endpoint_Protection_12.1_RU1_MP1_Part1_Installation_EN\SEPx64

    Hope that helps!!



  • 5.  RE: SEP 12.1 configuration values rollback

    Posted Jul 05, 2012 02:16 PM
    chosed computer mode and selected a policy group... i should have read some docs, right?


  • 6.  RE: SEP 12.1 configuration values rollback

    Posted Jul 06, 2012 04:57 AM

    Because I want to deploy it with some predefined configuration values and a smaller initial dw package.

    My scenario consists of systems where the "standard" users do not alter SEP settings but the local admins might need to do this.

    Also on each system SEP should be configured automatically bases on other settings of the system. This automatic configration update is done though other means we deploy on the system.

    see https://www-secure.symantec.com/connect/forums/scripting-proxy-settings-sep for some details



  • 7.  RE: SEP 12.1 configuration values rollback

    Trusted Advisor
    Posted Jul 06, 2012 10:41 AM

    Hello,

    Check this Article:

    How To: Create an unmanaged client install package from the SEPM with custom policies.

    http://www.symantec.com/docs/TECH105498

    NOTE: Even though this article is created for SEP 11.x, it works for SEP 12.1 as well.

    Hope that helps!!



  • 8.  RE: SEP 12.1 configuration values rollback

    Posted Aug 24, 2012 11:10 AM

    Per Symantec support:

     

    The problem is twofold:

    1.       When creating a unmanaged client with LiveUpdate policy settings, the settings revert to the default after a service or system restart. This occurs even when the client is in Client control mode. If you do not use a custom LiveUpdate policy when exporting an install package, the settings changes will not revert, however:

    2.       You must use a custom LiveUpdate policy when configuring an unmanaged client to use internal LiveUpdate server(s). I do not know of a way to configure an unmanaged client to use internal LiveUpdate servers, otherwise.