Girish's Graffiti

Thoughts on SBS and other MS technologies

Symantec Endpoint Protection 11.0 with SBS

Symantec Endpoint Protection 11.0 with SBS

  • Comments 4
  • Likes

If you are using Symantec Endpoint Protection 11.0 with SBS then please go through this FAQ;

From Symantec Endpoint Protection 11.0—Customer Installation Issues with Resolutions
(The link might change again, since Symantec would keep updating it. Simply search for “Symantec Endpoint Protection 11.0—Customer Installation Issues with Resolutions” to get the latest link.)

FAQ: I am having issues with my Microsoft® Small Business Server, can you answer my compatibility question?

Description:
Microsoft Small Business Server and Symantec Endpoint Protection 11.0 will happily co-exist with each other. Users may run the Symantec Endpoint Protection Manager and Symantec Endpoint Protection Client on the same machine as the Microsoft Small Business Server. The key item to consider for users will be their resource usage on the target machine. There are some potential issues that can arise depending on how the administrator installs and configures Symantec Endpoint Protection 11.0.

Resolution: Here is a list of the most common compatibility issues and resolutions to each:

1. An under-resourced SBS machine causes Symantec Endpoint Protection 11.0 and other installed software to run slow

a. It is important to understand that in general, running Symantec Endpoint Protection Manager will require more resources than what was required with Symantec AntiVirus Corporate Edition because it provides more functionality (like Reporting, Active Directory, SEP Patch Management and Distribution) and preparing for this upfront is recommended. As a minimum, the SBS machine should have at least 2GB of RAM and 20GB of free disk space. See the product documentation for more specifics.

2. Windows Shares on the SBS machine become unexpectedly unavailable to remote workstations.

a. The Symantec Endpoint Protection Client install was run directly from the Symantec Endpoint Protection CD menu. This installs an unmanaged client, which has a firewall rule active to block Windows Networking traffic.
To fix:
- Launch the Symantec Endpoint Protection Client user interface
- Click “Change Settings”
- Click “Configure Settings” beside Network Threat Protection
- Click “Microsoft Windows Networking” tab
- Check the box to “Share My Files and Printers”

3. After an undefined period of time, workstations which are accessing Windows Shares on the Microsoft SBS, lose connection to them. From this time, no network drives can be mapped to the server. Note: this is a known product issue.

a. To temporarily fix, have user reboot the server. This will allow user’s access to the Shares while you prepare for rolling out the recommend fix.
b.To recommended a fix: Review the following knowledge base article and follow the included instructions as appropriate: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007102613484948

4. DHCP server traffic becomes blocked to and from the Symantec Endpoint Protection Manager and workstations cannot get an IP lease.

a. If users use the default firewall policy with the Symantec Endpoint Protection Client on the Microsoft SBS, and the server is performing the role of a DHCP server, and workstations will no longer successfully receive a DHCP lease from the server, since the default firewall policy blocks DHCP server traffic.

To fix:
i.Modify the default firewall policy to include a new rule for DHCP server traffic

FAQ: Why am I experiencing slower performance?

Description: Slow performance after Symantec Endpoint Protection Manager is installed.

Resolution: Symantec recommends 2 Gigabytes of RAM or more for optimal performance of the management sever. An additional 2GB of memory is recommended if running MS SQL on the same machine. There have been isolated reports of performance degradation on computers with the Symantec Endpoint Protection Client installed. This is not a general issue but Symantec is working with the effected customers to identify any problem. Maintenance Release 1 will provide additional performance enhancements.

If you want to read other FAQ, you should, please go here;

Symantec Endpoint Protection 11.0—Customer Installation Issues with Resolutions

The link also has "A SET OF BEST PRACTICES TO FOLLOW PRIOR TO INSTALLING SYMANTEC ENDPOINT PROTECTION 11.0"

A BIG Thanks to Liz.

Adding a bit more to this;
Windows Servers stop accepting network connections with Symantec Endpoint Protection 11.0 installed.

If the above update does not help then you could also manually uninstall Symantec using this article;
How to manually uninstall Symantec Endpoint Protection client from Windows Vista 32-bit
{Even though this article applies to Vista, I think you could follow the general guidelines for SBS)

 

Comments
  • Thanks this article has been a life saver

  • There have been a couple of KBs around knows issues with Symantec End Point Security 11 like: You may

  • I am already running MR4 (11.0.4000.2295) and I still experience problem #3

  • Hi Paul,

    Symantec claims to have resolved the issue in version 11.0.4202.75 (MR4 MP2). See the link below

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008100113145148?Open&seg=ent

    Hope that helps. Try contacting them.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment