After upgrading to Symantec Protection for SharePoint Services (SPSS) 6.0.9 or later, when attempting to send scan requests from SPSS to Symantec Protection Engine (SPE) the scan requests fail.
Symantec Protection Engine for SharePoint (SPSS) 6.0.9 and later has been updated with a new validation "Handshake" feature. The Symantec Protection Engine (SPE) bundled with this new version requires a valid encryption token from SPSS for scan requests to be accepted. If the token value provided doesn't match or is missing; the scan will fail.
-> Install/Upgrade to Symantec Protection Engine for SharePoint 6.0.11 and install the Symantec Protection Engine bundled with Symantec Protection Engine for SharePoint.
-> Please download the hotfix provided in this KB
To apply the hotfix please follow the steps below:
1. Stop the “Symantec Protection Engine” service
2. Go to “Symantec Protection Engine” install location -“C:\Program Files\Symantec\Scan Engine”
3. Take back up of original file “symcscan.exe” from install location.
4. Replace the above file with hotfix provided file.
5. Ensure the permission to newly copied file is identical to backed-up file.
6. Start the SPE service
-> Verify the computer time between the SPSS server and remote SPE servers are as close to identical as possible. A large time mismatch will cause the certificate validation to fail.
-> Check for any network timeouts or packet shaping that would modify the ICAP request sent from SPSS to SPE.