Endpoint Security Complete

 View Only

 When the Device Security Status: At Risk will disappear from the Cloud Console?

Rigo's profile image
Broadcom Knight Rigo posted Jan 06, 2022 09:38 AM
Team

SES Console is showing the following Security Status for a few computers:

I have checked the following:
- At the Device Group
   >> There are not Direct Applied nor Inherit Policies that includes Network Integrity.
   >> Network Integrity was removed from the Device Groups
- At my Tasks
   >> There's no pending, failed or in progress tasks.

Then, the question is , when this status reason will disappear? or is there something that I need to do to refresh the console?

Best Regards

Rigo's profile image
Broadcom Knight Rigo posted Jan 20, 2022 12:07 PM
Team,

I have opened a case but Support says that this a known issue that has not an active technical note available.

I´m concluding that the At Risk for specific situations needs to be improved.

This is the workaround from Support:
1. Upgrade the Network Integrity Policy based on this document:

https://knowledge.broadcom.com/external/article/175952/endpoint-security-clients-show-at-risk-s.html
Result:  Network Integrity is not upgradable at this time so it does not apply.
2. Clear Tasks and Alerts
3. Reboot the machine

After that ,,, the At Risk status still there for Policy not applied Network Integrity.

Could you provide feedback about this issue?  or I need to assume that this is going to be a lower risk due a misinterpretation on the SES Console? 

Rigo's profile image
Broadcom Knight Rigo posted Feb 10, 2022 05:26 PM
Hello 

Technical Support provided the following feedback, I suggested that they create a specific article to address this kind of question.

Please do follow the below article for the issue with the at risk and about the Network Integrity feature in detail.

https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Secure-Connection/what-is-v128662923-d4152e263.html

If the feature is installed with the secure connection enabled during the installation the policy needs to be enabled and applied to the particular client group, If the policy is not enabled the feature needs to be removed from the client so that we will not be facing the issues with the SES console.