Symantec Symantec Client Security (NAV v9 - SCF v2.x)

Version: 2
Views: 1.5k  |  Created: 09/16/2004

Average Rating: 0
Symantec Client Security (NAV v9 - SCF v2.x) has 1 inventory records, 1 Questions, 0 Blogs and 0 links. Please help add to this by sharing more!

Deployment Tips (10)

Most Common Setup Type
Not Determined
Average Package Difficulty Rating
Rated 3 / 5 (Average) based on 1 ratings
Most Commonly Reported Deployment Method
Windows Installer with Custom Transform (MST)
or cancel
118
Command Line
I've used this, it appears to have worked fairly well to-date.

msiexec /i "\\srvr\Symantec Antivirus.msi" ADDLOCAL=SAVMain,SAVUI,SAVHelp,QClient NETWORKTYPE=1 INSTALLSERVER=0 SERVERNAME=srvantiv ENABLEAUTOPROTECT=1 REBOOT=ReallySuppress /Lv c:\log2.txt /qn
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
117
Note
The best way to deliver this package is with a custom MST file. Although the Symantec provided switches do work, a tool such as Admin Studio or Wise will suite your needs better. For those who can't afford these tools, download a Microsoft Office Resource Kit (preferably 2003) and utilize that tool to create a transform.

Documentation on Symantec's website, in the forums, is much better than the included documentation. Here is a link to a good documenton Symantec's Forum. The document title is named "How to create a customized distribution file..." in case the link path changes.

http://service1.symantec.com/SUPPORT/ent-security.nsf/c9b1ac1936fbf63488256e77006521df/d637ed0f601f9f8388256e7d006a79eb?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=

Deploying custom firewall policy isn't documented clearly. There seems to be no mention of how to apply the custom rules file either through MSI or the Symantec installer. I will post if I find.
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
117
Note

Confirmed: The custom Firewall policy file as well as the custom AV config file must be named Symantec's default namefor it to be applied. The firewall policy must be named Cpolicy.xml and the NAV file must be named Grc.dat. CHanging these files from their default names renders them useless.

Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
117
Note
Be aware that when performing an administrative install to a network path the installer does not copy over two necessary file from the SCSClnt folder. ALErules.exe and INSTOPTS.DAT need to be copied over manually. If this is not done a GPO install will fail with an event log entry specifying a fatal error.

An msp patch file can be applied to upgrade the source to build 1400. This is a necessary upgrade for SCS to properly communicate with the Windows XP SP2 Security Center.

One last point: I had a problem that I spent the better part of a month troubleshooting with Symantec. SCS2 has a serious issue with Terminal Services and Remote Desktop. This is why the firewall portion of the client is officially unsupported on Server operating systems. If you RDP over to an XP machine that you are not already logged into, the ccapp.exe process pegs the CPU. If you log in at the keyboard (or in my case with DameWare Mini Remote) and then RDP to the machine, there is no CPU issue. From what I can tell, Symantec does not consider this to be high priority issue.
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
117
Note
Command line for MSI deployment inc Maintenance Patch 2.

MsiExec.exe /I"\\servername\VPHOME\CLT-INST\WIN32\Symantec AntiVirus.msi" PATCH="\\servername\VPHOME\CLT-INST\WIN32\savce1400.msp" REBOOT=ReallySuppress /qn

Replace servername with he name of your central server.
This requires that the msp file is named savece1400.msp and is located in the vphome share. The location of the patch can be any server, just update path as necesary.

I have found that using options other than /qn (eg /qb-) causes the LiveUpdate install to not perform its install silently and prompt the user to click next, etc.

I've used the above deployment method both manually and wihin LANDesk 8.1 and have had no problems.
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
117
Command Line
Try using setting the property MIGRATESETTINGS to 0 (default is 1). This should allow the cpolicy.xml file in the same folder at setup.exe and the MSI to apply.

Check out this related article:

A migration from Symantec Client Security 1.x to Symantec Client Security 2.0 does not apply a custom firewall policy
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
117
Note
When using the Symantec uninstall utility, ensure your Windows OS has MSIEXEC version 3.x or higher installed.

I've noted that Windows OS with an MSIexec version less than 3.x will reboot if you uninstall an MSI and then try to Install an MSI without rebooting in between. The OS just spontaneously reboots,
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
116
Note
The actual package is quite easy. You can use what they give you, just cusomise the setup.ini file.

The main problem is unistalling previous versions. It does a great job from 8.1 to 9, but does not uninstall other previous versions. You can go to the Symantec website to look for the uninstall stuff.

This is the part that is killing me. It doesn't always pull it off, or only partially does. Since I am rolling this out to 6000 clients world wide, you can see why I am worried.
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
116
Note

Download the NONAV.EXE utility and run it as a preliminary job prior to installing your new NAV client.

Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment
0
Note
To prevent the "Old Virus Definitions File" po-up window from appearing there are a couple of options:

1. Update the package source with virus definitions on a regular basis.
2. Set the "WarnAfterDays" registry entry to a larger number.
3. Bypass the warning altogether.

In a managed corporate environment option 3 was the best choice for me so I searched the MSI for the follwoing entry:

DisplayOutdatedMessage

It appeared in the Registry table twice in v10.1.5.5010 with a value of 1. Change this to 0 (zero) and the message will not appear.
Setup Information:
Setup Type: unspecified
Deployment Method Used: unspecified
Deployment Difficulty: unspecified
Platform(s): Windows
Please log in to comment

Inventory Records (1)

View inventory records anonymously contributed by opt-in users of the K1000 Systems Management Appliance.

Versions

Symantec Client Security (NAV v9 - SCF v2.x)

Version

2

Questions & Answers (1)

Questions & Answers related to Symantec Symantec Client Security (NAV v9 - SCF v2.x)

5
ANSWERS

Blogs (0)

Blog posts related to Symantec Symantec Client Security (NAV v9 - SCF v2.x)

Reviews (0)

Reviews related to Symantec Symantec Client Security (NAV v9 - SCF v2.x)