Policy Serial Number does not get updated in Symantec Endpoint Protection Manager (SEPM)

book

Article ID: 157167

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

When editing a Client Group Policy in the Symantec Endpoint Protection Manager (SEPM) the serial number remains the same.

The dbvalidator log file show broken links related to a particular policy record.

The problem remains after editing the policy and re-assigning it to the client groups. Client groups not using the particular policy mentioned in the dbvalidator log may still fail to update while the problematic policy is present on the SEPM.

From dbvalidator.log:

 

2012-09-21 11:45:40.101 INFO: Link is broken for [1] target ids :
2012-09-21 11:45:40.101 INFO: TargetId:[70ABD6960A14402D01BFF9EABC94542D] TargetType:[FwNetworkInterfaceGroup] ObjectTypeName:[ObjReference] ParentObjectTypeName :[FwNetworkInterfaceTrigger] Parent's TopLevelObject's GUID:[435952129C1FBD3C0025C793306F801C]
2012-09-21 11:45:40.132 INFO: <?xml version="1.0" encoding="UTF-8"?>
<FwFirewallPolicy Creator="admin" Description="..." Enable="1" Id="435952129C1FBD3C0025C793306F801C" Name="Firewall-Enforced" NameSpace="schema" _d="false" _i="4891504E9C1FBD3C008B6C394E84DBB8" _t="1347334279407" _v="7">
  <FirewallRuleSystem MergeLocalAndParentRules="0" _d="false" _i="FBB507C59C1FBD3C008B6C394D06437C" _t="1347334279406" _v="6">
    <EnforcedFirewallRuleArray _d="false" _i="E71EC5059C1FBD3C008B6C395F10B7A0" _t="1347334279405" _v="57">
      <FirewallRule Enable="1" ....................

 

Cause

A corrupted Firewall Policy has been imported from another SEPM (in the example above the "Firewall-Enforced" policy seen in dbvalidator.log).

 

Resolution

Create a new Firewall Policy with the same configuration and apply this policy to the client groups. After this remove the corrupted policy and the problem should be resolved.