SEP 14.x clients might be unable to communicate with ATP for Insight reputation queries

book

Article ID: 170397

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

Symantec Endpoint Protection 14.x (SEP 14.x) clients might be unable to communicate with Advanced Threat Protection (ATP) appliance for Insight reputation queries.

The issue only occurs in following circumstances:

- SEP 14.x clients are configured to communicate with ATP using SSL (port 8443)

- ATP 2.3 or earlier is used

- ATP is configured with certificate provided by intermediate CA

 

Resolution

This issue is addressed in ATP 3.0 release by introducing support for chained certificate bundles. Please upgrade to this version at your earliest convenience. After upgrading please make sure to install full certificate bundle on ATP 3.0 (containing certificates for: ATP, intermediate CAs, root CA)

 

Following workarounds can be implemented if there is a need to use previous ATP versions:

- configure ATP proxy to use a self-signed certificate or certificate signed by private-CA root (not "intermediate")

- configure SEP 14.x clients to use proxy server when querying ATP

- use HTTP instead of HTTPS

 

Please subscribe to this article to be notified of any updates.