[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Deploy of SEP missing Network Threat Protection ??

Posted on 2010-01-06
Medium Priority
Last Modified: 2013-12-09
Hi All.  We are using SMS 2003 to deploy SEP 11.0.5002 to several hundred clients w/  WinXP SP2   They currently have NAVCE 10 and Windows firewall is disabled.  The SMS package installs as expected and show no errors in logs, either SEP Setup log or Windows logs.  But, after the system reboots the 'Proactive Threat Protection' module shows up, but 'Network Threat Protection is missing completly.  This is not because of the SMS install as I ran the below CMD line on the local workstation.  it is the same CMD used in SMS:

msiexec.exe /qn ALLUSERS=2 /i "Symantec AntiVirus.msi"  REBOOT=REALLYSUPPRESS  /l %WINDIR%\temp\SEP-1105002Setup.log

I don't get it??  I searched Symantec's KB site and this is the closest articles I could find, but does not apply at al as the registry key is present before installl:  
- Network Threat Protection fails to load after install   http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/1d710556d47fe468882575ef00652769?OpenDocument

There was a KB article that pointed me to look in Add/Remove programs which showed the SEP NEP module as not installed. But we can't go around to nearly 2000 systems and add this component manually!  Can anyone think of why the NTP module is not installing??  I do not see ANY errors in the SEP setup log, or Windows logs.  Is there a known MSI install switch I need to include when deploying this package?  I saw a very limited set of MSI commands documented by Symantec for SEP.
Question by:net1994
  • 5
LVL 33

Expert Comment

ID: 26200002
seems that this is more of a SEP command line issue then an SMS issue... what happens when you run the command line manually (without SMS being involved)?  Does the installation work with the NEP module?

LVL 33

Expert Comment

ID: 26200080
The trick is to find out if this is actually an install error that occurs when you manually install the product using the command line options you list:

msiexec.exe /qn ALLUSERS=2 /i "Symantec AntiVirus.msi"  REBOOT=REALLYSUPPRESS  /l %WINDIR%\temp\SEP-1105002Setup.log

If the NEP does not work manually, it will not work through SMS either...  So, there might be a problem with you install command line switches or something related to the install itself.

If you can install the product using the command line switches manually (without SMS) , and its only a problem when you use SMS, we will have to look further into this from an SMS persspective.
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

LVL 33

Expert Comment

ID: 26200113
LVL 33

Accepted Solution

NJComputerNetworks earned 2000 total points
ID: 26200154
It looks like you can create a custom package right from SEP console to include the NTP component:  follow this guide:  http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/c741ec26fa674b1e8825738a0076abf3?OpenDocument

Author Comment

ID: 26201151
Wow NJ, you da man.  Thanks for taking all your time on this....

Befuire I ever put a software package into SMS, I test the same exact MSI install command line on the local PC for the program.  I did this and it does install SEP manually.  Things look 'great' no errors on screen or in the SEP logs.  Then you actally open up the program and the Network TP module is missing.  So yeah...

What is partially frustrating is I am not the SEP administrator so this slows down development a tad.  I think SMS is doing its job just fine, with the given MSI command line I'm using.  Symantec gives a very limited set of MSI switches to use with SEP and that is somewhat annoying,.  The only way I feel SMS could be falling short is if there is a specific 'Threat Protection Module' switch I'm not using.  This is not the case.


Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question