Quarantined SES agent by Host Integrity policy is still quarantined after moving to other device group where no Host Integrity policy is applied.
search cancel

Quarantined SES agent by Host Integrity policy is still quarantined after moving to other device group where no Host Integrity policy is applied.

book

Article ID: 256256

calendar_today

Updated On:

Products

Endpoint Security Endpoint Security Complete

Issue/Introduction

Symantec Endpoint Security (SES) Windows agent is moved to "Quarantine" location by failing Host Integrity (HI) policy. You move this agent to other device group on ICDm console where no HI policy is applied. Agent is moved to the expected device group but still in "Quarantine" location.

Environment

  • Symantec Endpoint Secuirity Windows agent

Resolution

This issue is fixed in Symantec Endpoint Security 14.3 RU7. For information on how to obtain the latest build of Symantec Endpoint Security, see Upgrading Windows client software automatically.

Work-around if issue happens:

  • Uninstall SES agent and delete it on ICDm console as well. And re-install SES installer of other group where no HI policy is applied.
  • On ICDm, move agent to original group and disable the specific requirement in HI policy where agent is failing. Thus HI check becomes success and agent is moved from quarantine to default location.

Additional Information

CRE-12591