It downloads policies, processes them, and uploads logs to the SEPM (SEP Management server). The Symantec Management Client service (SMC.exe) is responsible primarily for client-to-server communication.
#SYMANTEC ENDPOINT MANAGER RESTART SERVICES DRIVERS#
As long as it installed and the drivers are running, the real-time virus scanning portion of SEP (i.e., Auto-Protect) should continue scanning files even if this service is stopped. The Symantec Endpoint Protection service is run as Rtvscan.exe and is responsible for many client features, including scheduling of jobs (e.g., scans) and communication between components. It will show you what features are installed. You can check this by opening Programs and Features (appwiz.cpl) and modifying the SEP installation. The Symantec Endpoint Protection services should be installed anytime the Antivirus and Antispyware component is installed with SEP 11. I'll answer your questions as best I can. I work for Symantec supporting Symantec Endpoint Protection (SEP). TIAV I'm dealing w/ a botnet investigation and have been on very little sleep for a few days so I need a sanity check.I know we should be on 12-actually our servers are not my area and for those whose it is, the bean counters calling the shots. If I have Symantec Management Client disabled, but SEP service itself is enabled, the GUI will not open and will prompt you to start the service (which, usually means it's corrupt in my experience dealing w/ a few).ĩ5% of our systems have both so I'm just looking at this smaller group, but not that small really.
My understanding was SMC was what the GUI communicates with to operate the actual SEP service, in order to separate the security of the GUI that anyone can initiate from the higher level security the SEP service needs? It also provides network threat protection and application and device control for the client.'' - Symantec Endpoint Protection service is dubbed ''Provides virus-scanning for Symantec Endpoint Protection'' Symantec Management Client service is dubbed in the service list as ''provides communication with the Symantec Endpoint Protection Manager. ? I'm nearly positive these are the result of corruption and not done on purpose but I'm forwarding a report I created ground up by probing systems and need to dot my T's before. I'm doing reporting and finding a lot of machines that have Symantec Management Client, but not the Symantec Endpoint Protection service installed - maybe 5%-10% or so but it's a triple digit count of machines.Ĭonfiguration-wise, does anyone know what happened here? Is there any scenario where you would be able to configure SEP like this on purpose? Is it corruption that removed the one service, was it never there, IDK.
0 kommentar(er)
