search cancel

Endpoint Protection Manager reports version 13.0.0.0 when Endpoint Protection for Linux is installed using sep.rpm

book

Article ID: 175367

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Rather than using install.sh, to avoid having to install development tools and compile kernel modules for its AutoProtect real-time protection component, you choose to go with manual and scheduled scan protection only and install Symantec Endpoint Protection (SEP) for Linux using its sep.rpm in the Repository folder:

cd /path/to/sep-rpm/Repository
export curdir=$(pwd)
rpm -Uhv sep.rpm

Next, you import the sylink.xml that you exported from the client's destination Symantec Endpoint Protection Manager (SEPM) group and force a heartbeat sequence:

/opt/Symantec/symantec_antivirus/sav manage -i /path/to/sylink.xml
/opt/Symantec/symantec_antivirus/sav manage -h

Allowing several minutes for the SEPM's AgentInfo task to process the uploaded opstate information, you check the client's version number in the SEPM console. Contrary to expectations, it shows 13.0.0.0. On the SEP for Linux client, /opt/Symantec/symantec_antivirus/sav info -p does show the correct version.

Environment

  • SEP for Linux (14.2 RU1 MP1 and earlier)
  • Red Hat-based Linux operating system

Cause

The SEP for Linux client derives the product version it reports to SEPM from its /etc/symantec/sep/setup.ini file –a file that is not installed as part of sep.rpm.

Resolution

This issue is fixed in Symantec Endpoint Protection 14.2 RU2 MP1. For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec software here.

In the meantime, the issue can be worked around in the following manner:

  1. Copy /path/to/sep-rpm/Configuration/setup.ini to /etc/symantec/sep/.
  2. Install sep.rpm and import sylink.xml.
  3. Check the SEPM console.

If sep.rpm has already been installed, the workaround is slightly different:

  1. Copy /path/to/sep-rpm/Configuration/setup.ini to /etc/symantec/sep/.
  2. Restart the smcd service.
  3. Import sylink.xml to re-register.
  4. Check the SEPM console.