Fix communication between Symantec Protection Engine (SPE) and cloud console for SPEs enrolled to cloud console

book

Article ID: 185714

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS

Issue/Introduction

Symantec protection Engine (SPE) installations already enrolled to cloud console use a URL to poll and receive communication from the cloud console over https. This URL is identified by a parameter “spoc-uri” in CAFStorage.ini file.

The value of the spoc URL referred above has changed to a newer value on 15th January 2020. As a result, SPE installations that have already enrolled to the cloud console prior to 15th January 2020 need an update to this URL in CAFStorage.ini file.

The older spoc URL may cease to work on 9th April 2020 beyond which SPE may not be able to receive and apply policy from cloud console or respond to any other command from cloud console.

SPE installations that have enrolled after 15th January 2020 automatically get the new URL and should have no impact, and thus no action is required.

Environment

Release : SPE 8.0.0 / SPE 8.1.0 / SPE 8.1.1

Resolution

Please apply hotfix, which is attached herewith.
Hotfix application procedure is as follows:

1. Download the “SPOC_URL_Update.zip” file attached to this KB.

2. After unzipping the files copy the OS specific scripts on to the SPE server machine(.bat for Windows and .sh for Linux) which is already enrolled to cloud console.

3. Navigate to CAF installation directory:

Windows: - C:\Program Files\Symantec\Common Agent Framework

Linux: - /opt/Symantec/cafagent/bin


4. Open the CAFStorage.ini file and check for the spoc-uri parameter. If the parameter already has value https://us.spoc.securitycloud.symantec.com, no need to execute the scripts.


5. If the value is different execute the script from command prompt as follows:

For e.g. On Windows :- “C:\<spoc_ script_location>spoc_url_update.bat”

Linux: - /<spoc_script_location>/spoc_url_update.sh

 

Where “spoc_script_location” is the location where spoc script is located.

6. Once the script is executed check the CAFStorage.ini file for the updated spoc URL as mentioned above.


7. Logs for the scripts are generated at following locations,

 

Windows: - C:\Program Files\Symantec\Common Agent Framework\spoc_url_upgrade.log

Linux: - /var/log/spoc_url_upgrade.log


Note: - Explicit CAF service restart is not required after executing the script, as the
script takes care of the same.

Attachments

1583385134344__SPOC_URL_Update_README.docx get_app
1583385123209__SPOC_URL_Update.zip get_app