How to verify that an Endpoint Protection client is able to communicate with the Symantec Reputation server
search cancel

How to verify that an Endpoint Protection client is able to communicate with the Symantec Reputation server

book

Article ID: 154426

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You need to check if there is network connectivity from the Symantec Endpoint Protection (SEP) client computer to the Internet-based Symantec Reputation server.

Cause

SEP clients require robust, reliable connectivity to online Reputation servers for the Insight component to function.  Other components also rely upon Reputation in order to function most efficiently.

Resolution

Most firewalls already allow Insight queries. Queries currently use the HTTPS protocol over the standard port 443 to a Symantec-controlled server.  Reputation submissions and lookups use the same proxy settings used for other technologies within SEP.

To test connectivity from a SEP client system to the Symantec Reputation server, type the following URL In a web browser:

https://ent-shasta-rrs.symantec.com/

A successful connection can be established if browsing to this URL results in a 400 or 405 response status code.  The URL is not an HTTP request that the server can accept but it does indicate that the server received it (and rejected it) successfully.  

Otherwise, it is necessary to consult with the network administrator for the particular SEP client's network to determine at what point on the local network access to that URL is blocked.

Additional Information

You can also utilize PSExec.exe to conduct a comprehensive connectivity assessment from a Symantec Endpoint Protection (SEP) client system to Symantec's reputation server and cloud services. This involves verifying if the Symantec Endpoint Security (SES) can effectively communicate with the ICDm cloud console and access specific URLs owned by Symantec to execute various functions. The outlined procedure exemplifies how PSExec.exe, a Microsoft SysInternal tool, can be employed for testing these connections.

To begin, acquire PSExec from the Microsoft Sysinternals repository, which can be accessed via the following link: Download PSExec from Microsoft Sysinternals.

With PSExec obtained, proceed to execute a SPOC Test utilizing the SYSTEM account. SPOC, the Cloud notification service, plays a crucial role in prompting the client to synchronize with the cloud services. This test will validate the seamless interaction between the SEP client system and Symantec's cloud infrastructure, ensuring robust connectivity and functionality.

Powered by Wolken Software