Hi,
We have encounter major impact due mandatory upgrade - (SEPM, contains a number of security vulnerabilities) - SYM16-010 and SYM16-011, publication date: June 28, 2016, url: https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01
The given advisory for the above was to upgrade the endpoints to the latest SEP release version: Update to 12.1-RU6-MP5
In the upgrade plan we have encountered a major impact after we have deployed the newer SEP 12.1-RU6-MP5 version. The majority of the 8000 SEP endpoints have triggered a .dll error after the mandatory restart.
For this we have opened a support case: xxxx472
The suggestion to resolve the impacted endpoints which was given by your guys, was to do a local (clean) reinstallation of the whole SEP package.
When i have heard the given solution, I was very disappointed because the impact was even bigger and it was impossible to do a local SEP reinstall, because one endpoint it takes almost 1.5-hour to resolve. the .ddl error was on 3072 endpoints.
SEPM enhancement proposal:
It would be very beneficial for all the SEP customers to have a feature in SEPM which can do a full remote reinstallation of the corrupted package without the intervention locally on the endpoint itself.
Kaspersky has such feature, e.g. a full remote product reinstallation task which can be created to overwrite the existing (currupted) one.
If you think this is possible and you need someone for testing purposes, then you always can count me in!
Thank you!