How to disable ThreatCon lookup for the Symantec Endpoint Protection Manager homepage

book

Article ID: 158953

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

If the Symantec Endpoint Protection Manager (SEPM) does not have internet connectivity, the scm-server-0.log and scm-server-1.log files will show an unexepcted server error connection time out when services for the SEPM first start. This is expected, if the SEPM does not have internet access.

scm-server-0.log:

2019-07-29 10:17:20.470 THREAD 146 SEVERE:  in: com.sygate.scm.server.task.SecurityDataTask java.net.ConnectException: Connection timed out: connect

...

2019-07-29 22:17:20.471 THREAD 146 SEVERE: com.sygate.scm.common.communicate.CommunicationException: Failed to connect to the server

Cause

The SEPM does not have internet connectivity to our security response website and is generating failure messages due to the ThreatCon lookup failing. 

Resolution

Edit the SEPM's conf.properties file and add the line as described below.  (Default location: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\conf.properties)

  1. Go to <SEPM>\tomcat\etc folder
  2. Use text editor to open conf.properties
  3. Add the following line: scm.server.securitydatatask.disabled=true
  4. Save the change and restart SEPM service