Antivirus S/W : Symantec Endpoint Protection (SEP) installed on two RHEL7.7 servers on Citrix Hypervisor, but two SEP clients are not displayed from SEP Manager(SEPM).
Reinstalling the SEP client did not change the situation.The following is the result of asking the vendor about the above problems.
SEP for Linux does not seem to be able to connect to SEP Manager.
< Our Environment >
SEP Manager : 14.2.1 RU1 MP1
SEP Client:14.2.4815.1100
OS of SEP Client:Red Hat Enterprise Linux Server release 7.7 (Maipo)
RHEL kernel version : 3.10.0-1062.12.1.el7.x86_64
B. Answer from Vendor: Symantec/Broadcom
The following is the result of asking Symantec/Broadcom about the above problems.
- - - - - - - - - - - - - - - - - - - - - - - - -
The client registers itself with SEPM by passing the information file in xml format, but the ">" is included in the BIOS version information in its own information.
It looks like an error occurred during the registration process.
The BIOS data recognized on the client side is as follows.
Question
Norifumi Suzuki
Hi.
A. What is in trouble
Antivirus S/W : Symantec Endpoint Protection (SEP) installed on two RHEL7.7 servers on Citrix Hypervisor, but two SEP clients are not displayed from SEP Manager(SEPM).
Reinstalling the SEP client did not change the situation.The following is the result of asking the vendor about the above problems.
SEP for Linux does not seem to be able to connect to SEP Manager.
< Our Environment >
SEP Manager : 14.2.1 RU1 MP1
SEP Client:14.2.4815.1100
OS of SEP Client:Red Hat Enterprise Linux Server release 7.7 (Maipo)
RHEL kernel version : 3.10.0-1062.12.1.el7.x86_64
B. Answer from Vendor: Symantec/Broadcom
The following is the result of asking Symantec/Broadcom about the above problems.
- - - - - - - - - - - - - - - - - - - - - - - - -
The client registers itself with SEPM by passing the information file in xml format, but the ">" is included in the BIOS version information in its own information.
It looks like an error occurred during the registration process.
The BIOS data recognized on the client side is as follows.
2020-02-18T13:12:44.624JST -239076544 DEBUG cve.registrationdata [2020-Feb-18 13:12:44.624119] [DEBUG] BIOS Version:4.7%3
Cdenied%3EBIOS SerialNumber:481554b1-d41b-52b1-ca36-f55d312d6829BIOS Manufacturer:XenBIOS UUID:F1%2006%2004%2000%20FF%20FB%20CB%2017Motherboard Manufacturer: [thread:0x580f45e0]
Although it is not the same time, the error at the time of reception on the SEPM side is output as follows.
2020-02-25 13:59:24.001 THREAD 144 Critical:
com.sygate.scm.common.configobject.ValidationException:
The value of the attribute "Version" associated with the element type "BIOS" cannot contain the '<' character.
BIOS Version: 4.7% 3Cdenied% 3E, and if URL encoded,% 3C is <and% 3E is>, and it seems that 4.7 <denied> is set.
We think that it can be avoided by not including <denied> in the BIOS version setting in the template on the XEN side.
Although the specific setting method and procedure on the XEN side are not clear at our company,
can you please confirm whether the countermeasure is possible on the XEN side?
Link to comment
1 answer to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now