Symantec endpoint protection update
Author: m | 2025-04-24
symantec endpoint protection. symantec endpoint protection, symantec endpoint protection download, symantec endpoint protection manager, symantec endpoint protection removal tool, symantec endpoint protection price, symantec endpoint protection update, symantec endpoint protection 14, symantec endpoint protection uninstall password, symantec
Symantec Endpoint Protection and Symantec Endpoint
(ATP) is now Symantec Endpoint Detection and Response (Symantec EDR).All software downloads and licensing details are now available through MySymantec.Removed Lotus Notes and Internet Email protection in the Virus and Spyware Protection policy. You can still configure legacy client installation packages with these features through Symantec Endpoint Protection Manager.For more information, see:Version 14.2 RU1 (cloud-managed only)For more information, see:Version 14.2 MP1 (refresh)Improvements to Symantec Endpoint Protection Hardening - Application Control and Application IsolationFor more information, see:Version 14.2 MP1 (refresh)Support for compatibility with Symantec Endpoint Protection Hardening - Application ControlREST API enhancements for Symantec Advanced Threat Protection: EndpointSupport for the following operating systems: Windows Server 2019Windows 10 October 2018 Update (version 1809), including support for case-sensitivity macOS 10.14 (Mojave) Red Hat Enterprise Linux Server (RHEL) 7U5 (7.5)Support for Linux inode64 and XFS Support for Windows Server 2016 Hyper-V For more information, see:Support for compatibility with Symantec Endpoint Protection HardeningAdded support for the following operating systems: Windows Server 2019Windows 10 October 2018 Update (version 1809), including support for case-sensitivitymacOS 10.14 (Mojave)Red Hat Enterprise Linux Server (RHEL) 7U5 (7.5)Support for Linux inode64 and XFSSupport for Windows Server 2016 Hyper-VRemoved support for Windows Server 2008 (RTM) for Symantec Endpoint Protection Manager.REST API enhancements for Symantec EDRFor more information, see:By default, groups and devices are managed by the Symantec Endpoint Protection Manager rather than by the cloud portal: After you enroll a domain, the Symantec Endpoint Protection Manager manages groups and devices by default. In version 14.1, the cloud portal was the default. Automatically upgrading clients with Symantec Endpoint Protection Hardening: Symantec Endpoint Protection Hardening was introduced between the 14.0 and the 14.2 releases. As a result, you could not upgrade 14.0.x clients with Symantec Endpoint Protection (SEP) Hardening automatically. In 14.2, you can install Symantec Endpoint Protection Hardening on Windows clients using AutoUpgrade even if the feature was not previously installed. In the client installation package, even if Maintain existing client features when updating is checked, you can still install Hardening. You must also make sure that Application Hardening is selected in the custom feature set (enabled by default), or else Symantec Endpoint Protection Hardening does not install. 14.2 supports Symantec Endpoint Protection Hardening on both 32-bit and 64-bit Windows desktop operating systems. Earlier clients only support 64-bit Windows desktop operating systems. Symantec Endpoint Protection Hardening is not supported on server operating systems. Support for roaming clients: Roaming clients intermittently connect to the management server. In 14.2, when the clients cannot connect to the management server, roaming clients automatically send critical events to the cloud portal. After the client reconnects to the management server, the clients send any new critical events to the management server. Integration with the Symantec Content Analysis System: The Symantec
Symantec Endpoint Protection, Symantec Endpoint
Updates for customers with current Basic Maintenance Support or Essential Support on November 5, 2017 for Symantec Network Access Control, Symantec Network Access Control Starter Edition, and Symantec Network Access Control Enforcer with 6100 Series Appliance. Host Integrity has already been integrated in Symantec Endpoint Protection.For more information, see:Version 14.01 refers to the client; version 14.1 refers to Symantec Endpoint Protection Manager. What is the difference between the Symantec Endpoint Protection 14.0.1 and 14.1 releases?Symantec Endpoint Protection 14.0.1 is the next release after version 14 MP2 and includes improvements for both the Symantec Endpoint Protection Manager and the Symantec Endpoint Protection clients. 14.0.1 also includes components to connect to and manage Symantec Endpoint Protection Manager from a new cloud portal that is part of the subsequent release, version 14.1. Version 14.1 releases about the same time as 14.0.1. Symantec Endpoint Protection 14.1 includes the cloud portal, a 14.0.1 Symantec Endpoint Protection Manager, and 14.0.1 clients. The functionality for Symantec Endpoint Protection Manager and the clients does not change, and the user interface for both components is still labeled as 14.0.1. You do not need to upgrade to a new 14.1 management server or new 14.1 clients. The 14.1 cloud portal lets you manage Symantec Endpoint Protection Manager clients and includes some additional functionality that Symantec Endpoint Protection Manager does not have. If you do not enroll in the cloud portal, you continue to manage your client computers entirely from Symantec Endpoint Protection Manager. To connect to the cloud portal, you enroll a 14.0.1 Symantec Endpoint Protection Manager domain in the 14.1 cloud portal. For an overview of the new cloud-based features available as of this release, see:For more information, see:Third-party component upgradesFor more information, see:If you run 14 MP1 (14.0.2332.0100), DO NOT upgrade to the 14 MP1 Refresh Build (14.0.2349.0100). Both versions are considered current. Upgrading from 14 MP1 to 14 MP1 Refresh Build (14.0.2349.0100) is NOT supported. The code change in 14 MP1 Refresh Build, which addresses the following issue, is slated for inclusion in a future release of version 14.Support for Red Hat Enterprise Linux (RHEL) 7.3.Third-party components updates, including PHP, Java, and Apache Tomcat.Corrected style and formatting issues within the Symantec Endpoint Protection Manager user interface.For more information, see:Improved protection:Virus definitions in the cloud (Intelligent Threat Cloud Service)Advanced Machine Learning (AML) on the endpoint for improved static detectionsOS hardening (Generic Exploit Mitigation)Emulator for packed malware Security patches for Windows clients that download using LiveUpdate Usability and scale:New user interfaceCustom replication scheduleSubnet mask for explicit Group Update ProvidersIn-product notificationsREST API referencesCross-platform support: Device control (Mac client)AutoUpgrade (Mac client)Symantec Endpoint Protection Manager: Support added for Windows Server 2016Windows client: Support added for Windows 10 Anniversary UpdateLinux client: Support addedUpdating the content on Symantec Endpoint Protection
Directly over the old without uninstalling first; see the previous question.There's no Add or Remove programs for Mac. How do I uninstall?As of version 14, you can uninstall through the menu bar once the SEP client UI is open. See Uninstalling the Symantec Endpoint Protection client for Mac for more information.How can I configure the SEP Manager to supply definitions to SEP for Mac clients?The Symantec Endpoint Protection Manager cannot host Macintosh LiveUpdate content the same way as it does for Windows clients. As of Symantec Endpoint Protection version 12.1 RU4 the Symantec Endpoint Protection Manager can be configured as a reverse proxy for downloading and caching the latest Macintosh LiveUpdate content. All Macintosh updates otherwise must otherwise occur through Symantec LiveUpdate or from an internal LiveUpdate Administrator (LUA) server. Please see Using the LiveUpdate Administrator 2.x to download updates for Symantec Endpoint Protection for Macintosh for information on how to configure LUA for this content.Note: it is not recommended or supported for LiveUpdate Administrator and Symantec Endpoint Protection Manager to be on the same physical server. If you are looking for the standalone definitions updater, Intelligent Updater, for the Symantec Endpoint Protection (SEP) client for Mac, please refer to "Intelligent Updater and Endpoint Protection for Macintosh".Can a SEP for Mac client get updates from a Group Update Provider (GUP)?No, for the same reasons outlined above. Can a SEP for Mac client act as a GUP?No.How do I get Rapid Release definitions onto my SEP for Mac client?Rapid Release definitions are not available for Mac security products.How often are updates for SEP for Mac released?Daily, usually in the morning Pacific time (west coast, USA). How do I know whether or not the SEP for Mac client is managed?Connection Status: Connected appears under Management on the Symantec QuickMenu.Is it possible to convert an unmanaged SEP for Mac client to a managed client?Yes, see How to convert an unmanaged Symantec Endpoint Protection for Macintosh client to managed for more information.How do I prevent Windows policies from applying to Macs?Windows-specific policies will not apply to Macs; only those policies which contain Mac specific settings will be parsed and applied by the SEP for Mac client.Can Mac clients use custom Intrusion Prevention signatures?No. What about Device Control?Version 14 introduced Device Control for the Mac client. You can enable Device Control on managed clients only. See Mac Device Control in Endpoint Protection.Is Active Directory integration supported for Mac clients?Use SEP 14.3 RU1 MP1 (14.3.3580) or newer to support SEPM synchronization with AD/LDAP OUs.I can send Mac clients a command to become an Unmanaged Detector or to enable or disable Network Threat Protection, but nothing happens. Why?Even though the command can be sent, these features are. symantec endpoint protection. symantec endpoint protection, symantec endpoint protection download, symantec endpoint protection manager, symantec endpoint protection removal tool, symantec endpoint protection price, symantec endpoint protection update, symantec endpoint protection 14, symantec endpoint protection uninstall password, symantec symantec endpoint protection, symantec endpoint protection download, symantec endpoint protection manager, symantec endpoint protection removal tool, symantec endpoint protection price, symantec endpoint protection update, symantec endpoint protection 14, symantec endpoint protection uninstall password, symantec endpoint protection loginSymantec Endpoint Protection Manager or Symantec Endpoint
My live update is not working since 5th Jan 2015. I also check everything and found no problem. Plz find below live update log from management server for your information.January 26, 2015 11:40:33 AM PKT: LiveUpdate failed. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:33 AM PKT: LUALL.EXE finished running. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:33 AM PKT: LiveUpdate encountered one or more errors. Return code = 4. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:26 AM PKT: Symantec Endpoint Protection Win64 11.0.7000.975 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:25 AM PKT: Symantec Endpoint Protection Win64 11.0.6005.562 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:24 AM PKT: Symantec Endpoint Protection Win32 11.0.7000.975 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:24 AM PKT: Symantec Endpoint Protection Win32 11.0.6005.562 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:09 AM PKT: TruScan proactive threat scan engine Win32 11.0 is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:09 AM PKT: TruScan proactive threat scan commercial application list Win32 11.0 is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:09 AM PKT: TruScan proactive threat scan whitelist Win64 11.0 is up-to-date. [Site: Site Symantec] [Server: Symantec]Are Symantec Endpoint Protection Manager, Symantec Endpoint
Which operating systems are supported?Please see Compatibility between Symantec Endpoint Protection for Mac and versions of Mac OS X for specific Symantec Endpoint Protection version requirements. Note: You may see "System Extension Blocked" when installing SEP on macOS version 10.13, or newer -- this may be resolved by authorizing Symantec kernel extensions by using the macOS Security & Privacy system preference pane.To authorize the system extension for Symantec Endpoint Protection, during the setup of your Symantec Endpoint Protection client, in the Security & Privacy dialog box, on the General tab, at System software from application "Symantec Endpoint Protection" was blocked from loading, click Allow: What if I wish to perform a major upgrade to the macOS operating system with SEP installed?For minor updates to Mac OS X, such as 10.14.4 to 10.14.5, the Symantec Endpoint Protection client can remain in place.For a major update to Mac OS X on a client system (from OS X 10.13 to OS X 10.14, for example), upgrade the Symantec Endpoint Protection client to the version that is compatible with the newer operating system, and then upgrade the operating system. Otherwise, uninstall the Symantec Endpoint Protection client and cleanly reinstall the compatible version after upgrade to avoid possible corruption to logs and other Symantec Endpoint Protection components. What about Mac OS X Server?Although Symantec does not officially support Mac OS X Server, there are only minor differences between Mac OS X and Mac OS X Server; Symantec Endpoint Protection for Mac will function and scan for threats as expected. For guidance on best practices, please see Recommendations for installing Symantec Endpoint Protection for Macintosh on Mac OS X Server.How do I install SEP for Mac?Installing the Symantec Endpoint Protection client for Mac covers both managed and unmanaged installations. Push deployment from the Symantec Endpoint Protection Manager (using the Client Deployment Wizard) is supported as of Symantec Endpoint Protection 12.1.5.I already have a Symantec antivirus/security product on my Mac. Do I have to uninstall it first before installing SEP for Mac?Endpoint Protection client for Mac versions earlier than 12.1.4 must be uninstalled before you upgrade to version 14. You do not need to uninstall later versions first. See Supported upgrade paths to Symantec Endpoint Protection.What about upgrading SEP for Mac to a newer version? Can I use Upgrade Groups with Package (auto-upgrade)?Auto-Upgrade is supported as of 14, but cannot be used to upgrade from 12.1. You must export a client package for the new version then install or deploy as you would a new installation; it is not possible to use the Upgrade Groups with Package wizard (auto-upgrade) to migrate Macintosh clients up to a later client version. However, you can usually install the new versionSymantec Endpoint Protection and Symantec Endpoint Security
Content Analysis System (CAS) determines how malicious a file is based on its cloud-based file reputation classification service that identifies known files. The service uses reputation scores, numbers (1- 10) to indicate whether files are known to be trusted or malicious. High scores are more likely to be malicious. You can integrate the Symantec Endpoint Protection Manager with the Content Analysis System so that you can submit a file for analysis from the cloud portal to the CAS. After the CAS returns the reputation score, you can take an action on the file, such as blocking it or whitelisting it. To integrate the Symantec Endpoint Protection Manager with the CAS, click the Admin > Servers > Edit Site Properties > Content Analysis System tab. To submit files for analysis, go to the cloud portal. Replication for multiple sites available for a management server enrolled in cloud portal: You can now enroll sites that replicate with partner sites into the cloud portal. The partner site is not enrolled in the cloud portal, but continues to replicate data with the first site. Data collection and submissions options automatically enabled: After the Symantec Endpoint Protection Manager is enrolled in the cloud portal, the settings for data collection and submissions become automatically enabled. This occurs regardless of whether or not these settings were disabled beforehand. Symantec recommends that you keep these settings enabled so that the clients take advantage of the cloud's AML features. Support for IPv6: IPv6 support is added for the following items: Communication between Windows, Mac, and Linux clients and the Symantec Endpoint Protection Manager. Communication between the console and the management server, such as logging on locally or remotely to Symantec Endpoint Protection Manager. Communication between management servers and internal LiveUpdate servers that run LiveUpdate Administrator. IPv6-based criteria for many policies, such as custom IPS signatures, location awareness, Group Update Providers, and exceptions. The Symantec Endpoint Protection firewall for Mac provides the firewall protection that fully integrates into Symantec Endpoint Protection, which includes events, policies, and commands. You manage and configure the firewall rules and some settings in the same Symantec Endpoint Protection Manager firewall policy as for Windows. The Symantec Endpoint Protection firewall is only available for managed clients. WSS Traffic Redirection for Mac: WSS Traffic Redirection (WTR) directs web traffic with a Proxy Auto Configuration file URL to Symantec Web Security Service. This traffic redirection secures the web traffic for the client computer. This Symantec Endpoint Protection version extends WSS Traffic Redirection functionality to Macs. WSS Traffic Redirection enhancements for Windows: This Symantec Endpoint Protection version adds enhanced client authentication for Symantec Web Security Services (WSS). It enables a more granular level of security management for WSS Traffic. symantec endpoint protection. symantec endpoint protection, symantec endpoint protection download, symantec endpoint protection manager, symantec endpoint protection removal tool, symantec endpoint protection price, symantec endpoint protection update, symantec endpoint protection 14, symantec endpoint protection uninstall password, symantecComments
(ATP) is now Symantec Endpoint Detection and Response (Symantec EDR).All software downloads and licensing details are now available through MySymantec.Removed Lotus Notes and Internet Email protection in the Virus and Spyware Protection policy. You can still configure legacy client installation packages with these features through Symantec Endpoint Protection Manager.For more information, see:Version 14.2 RU1 (cloud-managed only)For more information, see:Version 14.2 MP1 (refresh)Improvements to Symantec Endpoint Protection Hardening - Application Control and Application IsolationFor more information, see:Version 14.2 MP1 (refresh)Support for compatibility with Symantec Endpoint Protection Hardening - Application ControlREST API enhancements for Symantec Advanced Threat Protection: EndpointSupport for the following operating systems: Windows Server 2019Windows 10 October 2018 Update (version 1809), including support for case-sensitivity macOS 10.14 (Mojave) Red Hat Enterprise Linux Server (RHEL) 7U5 (7.5)Support for Linux inode64 and XFS Support for Windows Server 2016 Hyper-V For more information, see:Support for compatibility with Symantec Endpoint Protection HardeningAdded support for the following operating systems: Windows Server 2019Windows 10 October 2018 Update (version 1809), including support for case-sensitivitymacOS 10.14 (Mojave)Red Hat Enterprise Linux Server (RHEL) 7U5 (7.5)Support for Linux inode64 and XFSSupport for Windows Server 2016 Hyper-VRemoved support for Windows Server 2008 (RTM) for Symantec Endpoint Protection Manager.REST API enhancements for Symantec EDRFor more information, see:By default, groups and devices are managed by the Symantec Endpoint Protection Manager rather than by the cloud portal: After you enroll a domain, the Symantec Endpoint Protection Manager manages groups and devices by default. In version 14.1, the cloud portal was the default. Automatically upgrading clients with Symantec Endpoint Protection Hardening: Symantec Endpoint Protection Hardening was introduced between the 14.0 and the 14.2 releases. As a result, you could not upgrade 14.0.x clients with Symantec Endpoint Protection (SEP) Hardening automatically. In 14.2, you can install Symantec Endpoint Protection Hardening on Windows clients using AutoUpgrade even if the feature was not previously installed. In the client installation package, even if Maintain existing client features when updating is checked, you can still install Hardening. You must also make sure that Application Hardening is selected in the custom feature set (enabled by default), or else Symantec Endpoint Protection Hardening does not install. 14.2 supports Symantec Endpoint Protection Hardening on both 32-bit and 64-bit Windows desktop operating systems. Earlier clients only support 64-bit Windows desktop operating systems. Symantec Endpoint Protection Hardening is not supported on server operating systems. Support for roaming clients: Roaming clients intermittently connect to the management server. In 14.2, when the clients cannot connect to the management server, roaming clients automatically send critical events to the cloud portal. After the client reconnects to the management server, the clients send any new critical events to the management server. Integration with the Symantec Content Analysis System: The Symantec
2025-04-03Updates for customers with current Basic Maintenance Support or Essential Support on November 5, 2017 for Symantec Network Access Control, Symantec Network Access Control Starter Edition, and Symantec Network Access Control Enforcer with 6100 Series Appliance. Host Integrity has already been integrated in Symantec Endpoint Protection.For more information, see:Version 14.01 refers to the client; version 14.1 refers to Symantec Endpoint Protection Manager. What is the difference between the Symantec Endpoint Protection 14.0.1 and 14.1 releases?Symantec Endpoint Protection 14.0.1 is the next release after version 14 MP2 and includes improvements for both the Symantec Endpoint Protection Manager and the Symantec Endpoint Protection clients. 14.0.1 also includes components to connect to and manage Symantec Endpoint Protection Manager from a new cloud portal that is part of the subsequent release, version 14.1. Version 14.1 releases about the same time as 14.0.1. Symantec Endpoint Protection 14.1 includes the cloud portal, a 14.0.1 Symantec Endpoint Protection Manager, and 14.0.1 clients. The functionality for Symantec Endpoint Protection Manager and the clients does not change, and the user interface for both components is still labeled as 14.0.1. You do not need to upgrade to a new 14.1 management server or new 14.1 clients. The 14.1 cloud portal lets you manage Symantec Endpoint Protection Manager clients and includes some additional functionality that Symantec Endpoint Protection Manager does not have. If you do not enroll in the cloud portal, you continue to manage your client computers entirely from Symantec Endpoint Protection Manager. To connect to the cloud portal, you enroll a 14.0.1 Symantec Endpoint Protection Manager domain in the 14.1 cloud portal. For an overview of the new cloud-based features available as of this release, see:For more information, see:Third-party component upgradesFor more information, see:If you run 14 MP1 (14.0.2332.0100), DO NOT upgrade to the 14 MP1 Refresh Build (14.0.2349.0100). Both versions are considered current. Upgrading from 14 MP1 to 14 MP1 Refresh Build (14.0.2349.0100) is NOT supported. The code change in 14 MP1 Refresh Build, which addresses the following issue, is slated for inclusion in a future release of version 14.Support for Red Hat Enterprise Linux (RHEL) 7.3.Third-party components updates, including PHP, Java, and Apache Tomcat.Corrected style and formatting issues within the Symantec Endpoint Protection Manager user interface.For more information, see:Improved protection:Virus definitions in the cloud (Intelligent Threat Cloud Service)Advanced Machine Learning (AML) on the endpoint for improved static detectionsOS hardening (Generic Exploit Mitigation)Emulator for packed malware Security patches for Windows clients that download using LiveUpdate Usability and scale:New user interfaceCustom replication scheduleSubnet mask for explicit Group Update ProvidersIn-product notificationsREST API referencesCross-platform support: Device control (Mac client)AutoUpgrade (Mac client)Symantec Endpoint Protection Manager: Support added for Windows Server 2016Windows client: Support added for Windows 10 Anniversary UpdateLinux client: Support added
2025-03-30My live update is not working since 5th Jan 2015. I also check everything and found no problem. Plz find below live update log from management server for your information.January 26, 2015 11:40:33 AM PKT: LiveUpdate failed. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:33 AM PKT: LUALL.EXE finished running. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:33 AM PKT: LiveUpdate encountered one or more errors. Return code = 4. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:26 AM PKT: Symantec Endpoint Protection Win64 11.0.7000.975 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:25 AM PKT: Symantec Endpoint Protection Win64 11.0.6005.562 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:24 AM PKT: Symantec Endpoint Protection Win32 11.0.7000.975 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:24 AM PKT: Symantec Endpoint Protection Win32 11.0.6005.562 (English) is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:09 AM PKT: TruScan proactive threat scan engine Win32 11.0 is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:09 AM PKT: TruScan proactive threat scan commercial application list Win32 11.0 is up-to-date. [Site: Site Symantec] [Server: Symantec] January 26, 2015 11:40:09 AM PKT: TruScan proactive threat scan whitelist Win64 11.0 is up-to-date. [Site: Site Symantec] [Server: Symantec]
2025-04-05Which operating systems are supported?Please see Compatibility between Symantec Endpoint Protection for Mac and versions of Mac OS X for specific Symantec Endpoint Protection version requirements. Note: You may see "System Extension Blocked" when installing SEP on macOS version 10.13, or newer -- this may be resolved by authorizing Symantec kernel extensions by using the macOS Security & Privacy system preference pane.To authorize the system extension for Symantec Endpoint Protection, during the setup of your Symantec Endpoint Protection client, in the Security & Privacy dialog box, on the General tab, at System software from application "Symantec Endpoint Protection" was blocked from loading, click Allow: What if I wish to perform a major upgrade to the macOS operating system with SEP installed?For minor updates to Mac OS X, such as 10.14.4 to 10.14.5, the Symantec Endpoint Protection client can remain in place.For a major update to Mac OS X on a client system (from OS X 10.13 to OS X 10.14, for example), upgrade the Symantec Endpoint Protection client to the version that is compatible with the newer operating system, and then upgrade the operating system. Otherwise, uninstall the Symantec Endpoint Protection client and cleanly reinstall the compatible version after upgrade to avoid possible corruption to logs and other Symantec Endpoint Protection components. What about Mac OS X Server?Although Symantec does not officially support Mac OS X Server, there are only minor differences between Mac OS X and Mac OS X Server; Symantec Endpoint Protection for Mac will function and scan for threats as expected. For guidance on best practices, please see Recommendations for installing Symantec Endpoint Protection for Macintosh on Mac OS X Server.How do I install SEP for Mac?Installing the Symantec Endpoint Protection client for Mac covers both managed and unmanaged installations. Push deployment from the Symantec Endpoint Protection Manager (using the Client Deployment Wizard) is supported as of Symantec Endpoint Protection 12.1.5.I already have a Symantec antivirus/security product on my Mac. Do I have to uninstall it first before installing SEP for Mac?Endpoint Protection client for Mac versions earlier than 12.1.4 must be uninstalled before you upgrade to version 14. You do not need to uninstall later versions first. See Supported upgrade paths to Symantec Endpoint Protection.What about upgrading SEP for Mac to a newer version? Can I use Upgrade Groups with Package (auto-upgrade)?Auto-Upgrade is supported as of 14, but cannot be used to upgrade from 12.1. You must export a client package for the new version then install or deploy as you would a new installation; it is not possible to use the Upgrade Groups with Package wizard (auto-upgrade) to migrate Macintosh clients up to a later client version. However, you can usually install the new version
2025-04-08--> Fix corrupt definitions on Endpoint Protection clients calendar_todayUpdated On: Products Endpoint Protection Issue/Introduction You have received a warning that Symantec Endpoint Protection clients have missing or corrupt definitions, from one of the following sources:Symantec Endpoint Protection (SEP)Symantec Endpoint Protection Manager (SEPM)SymDiagThese messages would appear in the form of: SymDiag shows the error "Some Symantec Endpoint Protection definition sets are corrupted"SEP clients show the error "Your Virus and Spyware definitions are missing or corrupted. This computer will not be protected against viruses and spyware until new definitions are downloaded."SEPM shows the error "Attention Required" which indicates that definitions are corrupted or that components are disabled.Connections to the LiveUpdate Servers have been tested as per Article ID: 15126 and determined to be normal. Environment Symantec Endpoint Protection 14.x Microsoft Windows Cause There is no single cause for corrupted virus definitions. Possible causes include:Other software interfering with our download and extraction processCaching proxies making changes to our definition update filesPower loss during the definition update processYou may also see this new message if new definitions have been downloaded but cannot be applied. Resolution For Endpoint Protection Manager (SEPM) Definitions: See article ID: 184206 for instructions on manually deleting the content. For Endpoint Protection (SEP) Client Definitions: Reboot the system, then download and apply an Intelligent Updater for your version of Symantec Endpoint Protection. The Intelligent Updater is designed to remove existing definitions and install a fresh set. If the issue persists, follow the manual steps found in article ID: 180682 to Manually clear the definitions in your client. If these steps fail, enable communication module logging and set to "debug" as per article ID: 171445. Once enabled, re-attempt to run LiveUpdate. Or, if managed, wait up to 2 heartbeat cycles. Once complete collect the resulting logs, preferably by collecting a full symdiag.
2025-04-05Detection of DLL as Heuristic Virus after Recent Symantec Update Hello,I’m encountering an issue where Symantec Endpoint Protection is detecting one of the DLL files used in my application as a heuristic virus. Let us say the file name is "abc.dll". This detection has started with the update released on 13th September 2024 - Live Update ID: 20240913.061 - of the Symantec Endpoint Protection. Before receiving this update (20240913.061) there was no issue with respect to the same DLL file. I have attached the screenshot of the quarantine logs. Currently we have the Symantec Endpoint Protection v14.3.7393.4000 installed in our systems. The details of the issue are as follows:The DLL file has been in use without issue prior to the update 20240913.061 received on 13th September 2024.The issue is only observed on Windows 10 22H2 systems. It does not occur on Windows 10 21H2 or Windows 11 with same version of Symantec Endpoint Protection.After adding a digital signature to the DLL, the issue is no longer observed on affected systems.Could you provide any insight as to why this detection might be occurring. Is there a way to prevent this from happening in the future?Any assistance or guidance on resolving this would be greatly appreciated.NOTE: I have also observed that a DLL related to Symantec has also been detected as Heuristic Virus. You can find it in the attached screenshot.Regards,Pannag
2025-03-28