Solved

Symantec location awareness changing

Posted on 2015-01-06
2
415 Views
Last Modified: 2015-01-20
I am trying to work out why multiple servers report changing location in their Symantec logs. The criteria is set to switch to external if the management server is not contactable. The servers are on the same LAN as the management server and the management server is not going down.
Also can anyone tell me the impact of a client switching locations. I don't have any firewalls configured so its not getting a new firewall policy but is there any negative impact for switching locations. Thanks
0
Comment
Question by:Sid_F
2 Comments
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
Comment Utility
It seems to have similar issue faced though it is in a (local and remote) hub and spoke context, but the running through of the symlink can be relevant as part of isolation findings.
http://www.symantec.com/connect/forums/location-awareness-problem-client-switching

Mostly the client relies on its sylink communications file and try to resolve the findings based on the location awareness logic (LAN vs Foreign score). If there are any dependencies in not resolving to find the mgmt srv be it DNS lookup etc, it is consider "missing" and also it first check the “Remember the last location” option so if that is resolved to past mgmt srv, it give a false impression that mgmt srv is "missing" too. Or the heartbeat to mgmt srv is slow to come back or block to come back etc..

Location Awareness Logic- How does Location Awareness determine what location to assign a Symantec Endpoint Protection (SEP) client?
http://www.symantec.com/business/support/index?page=content&id=TECH97097

Also for debugging autolocation, there can be more trail of leading events to maybe what is not alright in debug.log
http://www.symantec.com/business/support/index?page=content&id=TECH102412#AutoLocation

Best Practices for Symantec Endpoint Protection Location Awareness
http://www.symantec.com/business/support/index?page=content&id=TECH98211

Symantec does not recommend more than seven (7) locations per group when using Location Awareness as this can affect the execution time on how long it takes the SEP client to process and ultimately connect to a valid location where all conditions have been met.
0
 
LVL 5

Author Closing Comment

by:Sid_F
Comment Utility
Thanks
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now