Is a restart required for an Endpoint Protection/Endpoint Security Agent Install or Upgrade
Article ID: 226233
Updated On:
Products
Issue/Introduction
You would like to know, when installing or upgrading the Symantec Endpoint Protection (SEP) / Symantec Endpoint Security (SES) Agent, if a reboot is required?
Environment
- Windows Operating Systems
- SEP/SES 14.3 RU3 and later
Resolution
The SEP/SES engineering team has been working towards rebootless upgrades of the protection client. Starting with14.3 RU3, a restart of the operating system is only required under the following conditions:
New Installation
A restart may be required if any of the following features are included in the installation package:
- Application Control (SES)
- Application Hardening (SEP)
- Application and Device Control (SEP)
Upgrade
A restart may be required if any of the below conditions are met
- The agent is upgraded from 14.3 RU2 and earlier.
- Application Hardening is added or removed during upgrade.
- If any of the following software is installed:
- Standalone Symantec Data Center Security
- Standalone Symantec Critical System Protection
- Symantec Data Loss Prevention (15.5 - 15.8) (See Additional Information below)
- Hypervisor Enforced Code Integrity (HVCI) is in use.
- The registry key "RebootlessUpgradeBlockReason_Registry = 2" is present
- A previous upgrade attempt failed.
In the event you need to disable a Rebootless upgrade prior to rollout, set RebootlessUpgrade to 0 in registry path:
HKLM\SOFTWARE\WOW6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\RebootlessUpgrade
Additional Information
In situations with DLP Endpoint Agent 15.7.00333.01033 installed, both SEP/SES and DLP utilize SymEFA so a reboot is required.
DLP Endpoint Agent 15.8 MP2 and newer will allow SEP/SES 14.3 RU5 and newer to upgrade the client without a reboot.
Feedback
