Data Center Security

Hi Team

I have installed a DCS Agent  6.7 MP2 on Windows 2016 Standard  and just noticed that the Windows Program Compatibility Assistant is blocking the installation of SDCSS IDS Registry Filter and IPS Drivers.

Based on the current KB it was not possible to find something around this error and the DCS Agent (similar situations happened with SEP 12.1.6 MP8 / Per TECH246824)

I'm assuming that a 6.7 MP3 potentially will fix this error but in the meantime seems that a workaround could be: Disabling Secure Boot

Does anybody have something better than that?

Best Regards

Update

I was able to trace the error.

The Agent is installed on a HyperV 2016  guest machine.

The restriction was not from the OS itself, it was from the HyperV and the Security options for the virtual machine

#1. The VM is Generation 2

#2. Security Features are set to enable Secure Boot

#3. If you try to run the installation then the result will be as mentioned before,

Finally,

You should disable Secure Boot on the Security Options in order to complete the installation of the DCS Drivers. But there is a question... Is this a problem that Symantec is aware?

Best Regards

We have the same problem with Hyper-v Windows 2016 Servers

Symantec published this week the following Technote

You are receiving the error "A digitally signed Driver is required" when installing a DCS agent.

Solution:

Disabling secure boot should address this issue. If disabling secure boot is not an option then one could look into Critical System Protection Embedded which does use signed drivers.

I have a question about that:  Is Symantec going to allow the use of Critical System Protection Embedded for free for a customer with DCS:SA that has this issue if the customer does not want to disable the feature "Secure boot"?