( )ĥ) SEPM console was Reconfigured and connected to DB againĦ) Windows SEP Clients pulling updates(Liveupdate frequency) changed from 2 hours to 4 hours and Linux SEP clients to get Updates through Reverse Proxy to 2 Hours.ħ) JAVA Reinstalled and Updated to latest. ( )Ĥ) Java Heap Size - Increased from 2048 to 3072 as SEPM runs on JAVA. Confirmed that the Server is a HYPER-V running on latest Updates. error logs shows performance degradation was because of VMware defect, hence check the configuration of the VM environment. Both SEPM and Database are in same network zone.Īctions done till now to Rectify the Issue:ġ) System Drive(C:/)- Increased from 40Gb to 199GbĢ) D:/(SEPM Installed)- Increased from 50Gb to 99.8Gbģ) ersecreg-a. Operating System - Win2012 R2 on Hyper-V 2012 R2 Hope someone can help! And thank you in advance! Do you think its scanning all of the account files at logon? Its become a real issue and I am considering going back to KEP simply because it is causing some nasty workflow disruptions. Ran VMWare's Logon Monitor, but again, did not see anything specific. Couldn't identify anything in WireShark, though, that may be due to me not filtering properly. Removing SEP from the terminal server seems to remedy the issue partly (though having it on the DC I think is still causing it to lag a bit).Īnyways, I'm not sure what the hang up is. It doesn't affect everyone, just a handful of accounts. After the "Applying Folder Redirection" notice, the blue logon screen goes away, the logon scripts execute, and then it sits at a black screen for upwards of 2-5 minutes before the desktop loads. So, that being said, some users are experiencing VERY long load times upon logging in. Previously had Kaspersky Endpoint 10 installed which did not cause this issue.
However the engineer insisted this is how it should be done.Īm I missing something here? or SEP's application Control feauture is broken and has no use.Īll servers in this environment are WS2012R2 running SEP 14.2U1. I tried to explain that using Application Control makes no sense if we are to allow running applications from the TEMP folder. We created a case with Symantec and after several months the engineer recommended that we should include user's TEMP folder in the allowed locations. A randomly named temp file is created under user's TEMP folder and SEP prevents Java Updates) (The similar issue happens when java.exe calls java Updates - both from allowed locations listed above. However this temporary file doesnt have an EXE extension and its name changes everytime. Logs shows that during this process, a randomly named temporary file is created under user's TEMP folder which is not a permitted location. However, we are having problems with version 14.xįor example if a user clicks a hyperlink in an Outlook email and if Internet Explorer is the default browser for hyperlinks, SEP prevents this action. This is preventing executables from trying to run from various places, most notably the users' AppData folder due to ransomware and other malicious software.Įverything was working fine until we upgraded SEP from 12.x to 14.x We also allow certain apps to run from other locations based on their fingerprints. We use Application Control rules to prevent users installing applications or running executables by limitting applications to run only from the following locations: