Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Endpoint Loading in Citrix sessions

Posted on 2012-03-14
2
Medium Priority
?
1,169 Views
Last Modified: 2013-12-09
Recently users started seeing an extra Symantec Endpoint icon in their system tray. It's coming down with their Citrix session from the servers (of them). How do I keep this from happening? I'm not sure of the additional bandwidth that this may be using and I don't see a point for it to be running when all machines have AV anyway.
0
Comment
Question by:TSB14883
2 Comments
 
LVL 25

Expert Comment

by:Coralon
ID: 37726925
Are you running a published app in a published desktop? or multiple published apps from different servers?

These are common scenarios that could cause the symptoms you describe.  If it is, check your version of Symantec and see if there is simply a way to hide it.. If it doesn't work, you can look at blocking the systray icons from the published apps, but that could hide important icons.

Coralon
0
 
LVL 1

Accepted Solution

by:
jduell earned 2000 total points
ID: 37727609
This is common with Symantec's SMCGUI and terminal services.

There is a regkey to Prevent SmcGui from loading with each user session

HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\LaunchSmcGui=0x0
See Symantec Endpoint Protection 11.0 Terminal Server and Citrix Best Practices http://www.symantec.com/docs/TECH91070

We applied this setting by GPO but you can create a regkey file just the same...

A word of caution... adding this regkey will also prevent Symantec popups from displaying on the console.  Not a real issue unless you have Symantec SEP issues that require the troubleshooting popup... you have to either set the Dword value to 1 just long enough for the SMCGui to launch. Or delete the LaunchSmcGui key all together

Second word of caution: Without the LaunchSmcGui key, if SEP detects a problem, all the existing user sessions will also get the popups and likely click update now... or scan now... causing the server to tank. If not locked down correctly they may also change Symantec Endpoint Protection  settings. This is why we enforce the setting with a GPO... Better Safe than Sorry

This problem has been around for years... Symantec is aware of it but it just isn't a priority to fix it so it only runs on the console... Here is hoping someone at Symantec is listening.

Good Luck
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question