Symantec Endpoint Protection 14.x (SEP 14.x) clients might be unable to communicate with Advanced Threat Protection (ATP) appliance for Insight reputation queries.
The issue only occurs in following circumstances:
- SEP 14.x clients are configured to communicate with ATP using SSL (port 8443)
- ATP 2.3 or earlier is used
- ATP is configured with certificate provided by intermediate CA
This issue is addressed in ATP 3.0 release by introducing support for chained certificate bundles. Please upgrade to this version at your earliest convenience. After upgrading please make sure to install full certificate bundle on ATP 3.0 (containing certificates for: ATP, intermediate CAs, root CA)
Following workarounds can be implemented if there is a need to use previous ATP versions:
- configure ATP proxy to use a self-signed certificate or certificate signed by private-CA root (not "intermediate")
- configure SEP 14.x clients to use proxy server when querying ATP
- use HTTP instead of HTTPS
Please subscribe to this article to be notified of any updates.