Until now, no Monthly security updates from Microsoft has solved anything.
If I remove ANY ONE of these 3 elements, everything works well. This means the problem is not only with SEP + AppVolumes, but SEP + AppVolumes + MS Updates (starting january 2018 and all the Intel security breaches fixes).
We collected a large set of logs and offered it to Symantec for a second review.Īnother Interesting fact that is noticed by 'Scarlito' on the VMware forum (see link at the end of this post) is that this problem only appears after I applying Microsoft Security KB4056897 or later (and of course, with SEP agent installed and AppStacks mounted) And so we believe that specific non-persistent SEP policies and exceptions may not have worked at all. We declared all the collected log files to be unreliable before the exceptions in snapvol.cfg, because the SEPclient did not work at all. Since Symantec is working now we see better startup times of thinapps in an app stack. These exceptions have solved the problem that the client could be restarted/stopped and also a EICAR test virus was detected again. With the knowledge we had that this behavior only occurs when an app stack is attached, we added exceptions for Symantec in the snapvol.cfg of the App Stack. Then we discovered that this behavior only occurs when an app stack is attached. Only disabling "Application & Device Control" seems to improve login and application performance.īy accident we found out that SEP didn't work at all !! Everything looked fine from SEPM and SEP side.The SEP GUI indicated that there were no problems detected "Your computer is protected", but stopping and then starting the smc.exe resulted in a crash. It may seem that the service is running, but in reality the Symantec client has crashed see image below. The only way to start the SEP client was rebooting. We also saw that a simple EICAR test virus was not detected even when the SEP client was running and the GUI indicating that the computer was protected. We`ve been testing all scenario`s disabling components of SEP. When SEP is installed including all obvious exceptions and even using the virtual image exception tool no significant change in performance is noticed. Without a SEP client installed everything is performing well and user experience feels like a persistent VDI.
App Volumes and Symantec Endpoint Protection 14.x doesn`t seem to like each other. We`ve been troubleshooting slow login and poor application performance on our Non Persistent VDI for a while now.
0 kommentar(er)
