Symantec Endpoint Protection 12.1

Discussion in 'other anti-virus software' started by Brocke, Dec 3, 2011.

Thread Status:
Not open for further replies.
  1. dan_maran

    dan_maran Registered Member

  2. iwod

    iwod Registered Member

    Oh Great, i think i should pick up a copy soon.
  3. Anybody know when an RU2 update might come out?

    I have not yet updated to RU1, but I'm now thinking about it.

    At this link page: eventually lists:

    1. Patches-SEP32_12.1RU!.md5 130 B 11/16/11 9:04:00 PM
    2. Patches-SEP64_12.1_RU1.md5 134 B 11/16/11 9:04:00 PM
    3. SEP64_23To157_clientDAXMSI.exe 6.9 MB 11/16/11 9:04:00 PM
    4. SEP64_4971To157_clientDAXMSI.exe 11.8 MB 11/16/11 9:04:00 PM
    5. SEP_23To157_clientDAXMSI.exe 5.8 MB 11/16/11 9:05:00 PM
    6. SEP_4971To157_clientDAXMSI.exe 9.9 MB 11/16/11 9:05:00 PM

    For a client only update, I'd download the Patch for SEP64 (#2) --as I have a 64 bit computer. But what about #'s 3, 4, 5, and 6? And #2 is a small file... bottom line, which ones would I download?

    To further complicate this for me, at this link:

    This link:
    Client patches from Symantec Endpoint Protection 12.1 to 12.1 RU1 (21.9 MBytes)

    ..when clicked has only two files with slightly different dates from the above files.

    Can a SEP 12.1 knowledgeable person help me? I'm actually running SEP 12.1 on three computers -- all unmanaged clients. A Win7 64 bit desktop, A Vista 32 bit desktop, and a Win7 64 bit laptop.

    I just want to get this right.

    Thank you,


  4. Zyrtec

    Zyrtec Registered Member

    Okay, after reading your post and checking up at the links you provided, this is what I think:

    I believe that 4971 to 157 means the original release of SEP 12.1 which had been released to public on July 5th, 2011 that can be upgraded to version 12.1.1000.157 which is RU1 by applying that patch.

    In regards to 23 to 157 I believe that it's referring to the public BETA which was released to people who registered at in April-May, 2011 time frame being updated to RU1 [157] by applying that patch.

    In regards to RU2, I haven't heard anything yet, as of today. However, if you'd like to keep current in regards to the development of the next RU's for SEP 12.1, the best place to start would be this one:

    That's the web-site I visit regularly to keep up with the latest news in regards to new SEP versions and RU updates.

    By the way, I did not apply any patches to my SEP installation since I got the full 1.8GB SEP 12.1 RU1 installer from a friend and this installer included both folders, the 32-bit installer and the 64-bit one.

    Hope this helps.
    Last edited: Jan 7, 2012
  5. cruelsister

    cruelsister Registered Member

    Zyrtec- Remember that if you have installed SEP12 as an Unmanaged client you should also get a copy of your friends Symantec Licensing File (.SLF), otherwise SEP's Insight technology will not be active.

    When you get the file place it in Drive:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\inbox\

    Forgive me if you already know this, but many aren't aware that some things have changed since version 11.
  6. oliverjia

    oliverjia Registered Member

    Are you sure? I just checked the "inbox" folder and it's empty without any .slf file. However, I am 100% sure the download insight detection for SEP 12.1 client is still working fine on my system. sep 12.1 was installed as unmanaged client.
    Do you mind point me to the source of your information? I just would like to confirm. thanks.

  7. cruelsister

    cruelsister Registered Member

    Totally sure. From the SEP12 website: "To enable the submission of reputation data from an unmanaged client, you must install a paid license on the client. Use the following procedure to install a license on an unmanaged client."

    By the way, the fact that you don't have this file currently can be due to the license data being input on installation. SEP will initially check for the file; if the file exists and is valid, it's automatically removed from the inbox after it is processed.

    Initially there was much discussion about crippling unlicensed Unmanaged Clients to a far greater extent (apparently SEP had become popular among the Pirate crowd because of the ease of installation), but there was a raft of complaints from the Corporate Beta testers.

    Hope this helps.
  8. oliverjia

    oliverjia Registered Member

    Thanks very much. Followed the link and also your instructions, I've found the .slf in /config folder. Thanks much for your info!


  9. First, thank you Zyrtec, cruelsister & others for the information -- it is appreciated.

    My download is as an unmanaged client also. My employer has a very large contract with Symantec (I'd guess it is their largest contract), and thus we have been granted home use of the product.

    We actually get our download from my employers website... where we are given no licensing or other information. We can actually download all sorts of Symantec products at no cost -- but they are mostly enterprise products.

    What cruelsister stated makes sense to me:

    Reference Insight, I see it there... the box is checked (See image).

    From the image I've downloaded on this post, can I be sure that Insight is up and running?
  10. Zyrtec

    Zyrtec Registered Member


    As user Frank is pointing out I also do have the Insight component on my SEP 12.1 client installation and even when I do not have the license file installed on this client only installation, I've seen Insight kicking in whenever I download a suspicious and unknown file from MDL or malc0de. How is that?
  11. cruelsister

    cruelsister Registered Member

    From what I remember from the SEP Enterprise Beta dog and pony shows, the lack of a licensed unmanaged client would not change the GUI functionality in any way, but would result in no meaningfull Insight information coming back from the Symantec servers (if you catch my meaning).

    Zyrtec- When you say that you see Insight kick in when you are downloading, are you getting a box with the message "You should only allow files that you are sure are safe. Are you sure that you want to allow this file?" ?
    Last edited: Jan 16, 2012
  12. Zyrtec

    Zyrtec Registered Member


    This is the SEP 12.1 client, Download Insight screen popup I'm seeing whenever I download a file unknown to Symantec Download Insight [see attached image]:

    SEP Download Insight.jpg
  13. XTremeX

    XTremeX Registered Member

    same results here.Download Insight works pretty fine
  14. Last edited: May 3, 2012
  15. Zyrtec

    Zyrtec Registered Member

    @ Frank :

    Couldn't you try to install the full-installation file instead of upgrading from patch "0" to RU1 ? Which one are you trying to install, 32-bit or 64-bit one ?

    By the way, I have the official full 1.8GB installer provided by a friend who deployed SEP 12.1 throughout his organization [it contains the 32-bit/64-bit installers, Linux installer and Mac installer as well as documentation]. I also have the full standalone 32-bit installer as well as the 64-bit installer which are just several hundreds of MB in size only [less bandwidth needed to download].

  16. JRViejo

    JRViejo Global Moderator

    Removed Off Topic Posts. The subject is Symantec Endpoint Protection 12.1; let's keep it that way, shall we? Thanks.
Thread Status:
Not open for further replies.