Endpoint Protection

 View Only

  • 1.  Thinapp + SEP 12.1

    Posted Apr 24, 2012 05:55 AM

    When we are running a thinapp packages with SEP 12.1 it goes very slow and after a while a lot of error are popping up.
    Mostly this are connection time-outs to a SQL DB.

    What I already tried:

    * Turning autoprotect off. (We don't use SONAR)
    * Stop symantec client.
    * Add folder exception (%appdata%\thininstall)
    * Turned firewall off.

    I tried al above at the same moment to.
    But we can't get thinstall apps working with sep 12.
    When we roll back to SEP 11 we don't have any problems at all.

    We didn't find anything in the logs. (There is no mention of thinstall of de app name.)

     

    Anyone have a solution for this?



  • 2.  RE: Thinapp + SEP 12.1

    Trusted Advisor
    Posted Apr 24, 2012 06:32 AM

    Hello,

    Could you please tell us more about the Error?

    Is this Similar to this Thread: -

    https://www-secure.symantec.com/connect/forums/client-install-package-error-windows-xp-embedded



  • 3.  RE: Thinapp + SEP 12.1

    Posted Apr 24, 2012 06:48 AM

    While our application is starting we get after serveral minutes the following error.

    translate: Can't connect to database.

     

    When we remove or install SEP 11.0.6 we don't get this error.
    SEP is somewhere blocking this thinapp from connecting to database.

    Thinapp is like APP-V, but we already solved the problems with APP-V. (Uninstalling the Proactive Threat Protection component of SEP)



  • 4.  RE: Thinapp + SEP 12.1

    Posted Apr 24, 2012 06:50 AM

    Hi Glenn,

    I have a suspicious that this may be resolved in the forthcoming release of SEP 12.1 RU1 MP1.  There is an important change to the SymEFA driver which has resolved a similar performance-related ThinnApp issue.

    Please try this new release (which should be available within a week) before deciding to go back to SEP 11 RU6.

     



  • 5.  RE: Thinapp + SEP 12.1

    Posted Apr 24, 2012 07:06 AM

    The problem is that we can't wait. There are users who really need to work in that application, For now we decided to roll those users back to 11.0.6, All other user will have 12.1 and we wait for next patch.



  • 6.  RE: Thinapp + SEP 12.1

    Posted Apr 24, 2012 07:42 AM

    Cheers up the update, Glenn.

    I will make it a point to update this thread when SEP 12.1 RU1 MP1 is out, for those other  users.

     

     



  • 7.  RE: Thinapp + SEP 12.1

    Posted May 09, 2012 05:16 AM

    We did a few test with SEP 12.1 RU1 MP1 but it stil doesn't work. The same error.

    But the good part is we still gonna upgrade all other computer to the new client, Cause we can now use APP-V with proactive threat Protection.

    Waiting for next patchsad

    We hope you can fix it then. Its not very big Issue but we can't use SEP 12.1 on a few (25) computers now.

     



  • 8.  RE: Thinapp + SEP 12.1

    Posted Jun 12, 2012 06:13 AM

    Our environment:

    - We created about 75 ThinApps in a VDI-Environment (VMWare View, 1 Windows 7 Master-Client, 700 non persistent linked Clones)
    - ThinApps are locaated in a DFS-Environment, the Apps will be registered on the Client based on AD Group Membersships during Users login.
    - SEP12.1 vor VDI is configured "best practice", we only user "Auto Protect", we don't use "SONAR", we don't use "Download Protection"; in global Scan Options, "Bloodhound heuistic virus detection" is enabled (Level: "Automatic" - we don't even want to know what would happen, if the level was set to "aggressive" ;-))

    Our experience:

    - when the users launches a new compiled ThinApp, they get a Timeout (15-20 seconds) until the ThinApp-splashscreen appears, even the Process of the ThinApp appears after this period in taskmanager. The Timeout has not with every ThinApp the same duration, sometimes the effect is not even noticeable... it seems to be worth, when Java-based Applications were virtualized with Thinapp.

    Our Conclusion:

    SEP12.1 heuristic Detectionmethod "bloodhound" seems to expect a potential risk within each new new compiled thinapp-executable. The Agent reports this exe as "Detected Application" back to the SEP-Management Server and marks it with the default Action "Log Only".

    Our Workaround:

    - After a new thinapp is deployed, add a new exception for the "Detected Application", set Action to "Ignore"...

    (in the SEPM-Console navigate to "Policies", "Exceptions" and Edit an existing and to the Client-Group linked Policy (or create a new one). Inside the Policy navigate to "Exceptions" and Click "Add", "Windows Exceptions", "Application". In the Popup-Window you may find  a lot of thinapps (in our case neary every thinapp was listed as "Detected Application"). Mark all ThinApps you want to execept, choose "Ignore" from the "Action"-Dropdownlist, Confirm with "OK" and save the Policy. As soon as the client refreshes it's Policy, the ThinApp should not be affected anymore by bloodhound-heuristics (manually refresh the Policy on the client: Start the Agent-GUI, klick "Help", "Troubleshooting", "Update").

    If any other/better Experiences and/or Solutions/Workarounds is found by anyone, feedbacks are very welcome...

     



  • 9.  RE: Thinapp + SEP 12.1

    Posted Aug 02, 2012 10:35 AM

    We tried to do what you said but i didn't solve the problem. But i don't mind at this moment we have a bigger issue now. Computers getting slow when SEP 12.1.1 is installed.