search cancel

Symantec Endpoint Protection Manager Server Activity logs show "Error: Request Authentication"

book

Article ID: 229427

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

When Symantec Endpoint Protection Manager Server Activity logs show "Error: Request Authentication", with no other explanation, there will also be paired with this error a "Suspicious Activity" alert email generated using the IP / Host Name of the SEPM server only. 

Below is an Example of the Alert Email generated by the Symantec Endpoint Protection Manager Server :

Subject: Security alert for SEPMSERVER

Message from:
 Server name: SEPMSERVER
 Server IP: 192.168.XXX.XXX
 
Security alert: suspicious activity from 192.168.XXX.XXX was detected on Symantec Endpoint Protection 
Manager SEPMSERVER. Check the log files for details.

Cause

This is caused by missing session information while performing actions in the SEPM.

This is a known defect with Symantec Endpoint Protection Management Server versions 14.3 RU2, 14.3 RU3 and 14.3 RU4. 

Resolution

This issue is fixed in Symantec Endpoint Protection (SEP) 14.3.5.0 (RU5). For information on how to obtain the latest build of SEP, see Download Symantec software, tools, and patches.

Additional Information

ESCRT-7760