Symantec Endpoint Protection (SEP) clients produce a volume of Insight lookup requests which is larger than Advanced Threat Protection (ATP) can process. As a result, messages fill up a holding queue until a hard disk partition is completely full. Once this partition is full, critical processes of the system cannot communicate with each other and the appliance must be re-installed.
Before attempting to repair
Within SEPM, set all client groups to point Insight lookups directly to Symantec internet Insight servers
To repair full /var partition
Do one of the following: - Re-install ATP 8840 or ATP8880 with ATP version 2.2 ISO - Re-install ATP VE with ATP version 2.2 OVA
Restore from most recent known good backup
To prevent future occurrences
Upgrade to ATP version 2.3
Within SEPM, leave all SEP client groups containing SEP clients earlier than 12.1.6 pointed at Symantec internet Insight servers
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.