Endpoint Protection

 View Only

Symantec Releases Symantec Endpoint Protection 12.1.6168.6000 (12.1 RU6) 

May 20, 2015 03:15 PM

# Updated: 27th May'15


Hello Everyone,

SEP 12.1 RU6 (12.1.6168.6000) has been released and now available on Flexnet to download. For Non English languages it may take few more days.

Note: Symantec Endpoint Protection 12.1 RU6 does not ship Small Business Edition which reached End of Life (EOL) in May'15. Small Business Edition 12.1 customers can use a tool to migrate to the cloud-based Symantec Endpoint Protection.

This does NOT mean the customer needs to immediately upgrade their product. Customers will be able to renew their on-premises license and continue to use their SBE SEPM’s until 2018.

For more details check this blog: https://www-secure.symantec.com/connect/blogs/end-life-small-business-edition-121x-edition

SEP 12.1 RU6 includes the additonal following support:

  • Red Hat Enterprise Linux (RHEL) 7.0 and 7.1
  • Oracle Linux (OEL) 6U5

Browser Support:

  • Microsoft Internet Explorer 11
  • Mozila Firefox 11 through 38.0.11
  • Google Chrome through 42.0.2311.152

For more details go through release notes: http://www.symantec.com/docs/DOC8626

To install RU6, process almost same as we seen in previous versions so can definitely refer an article: "Endpoint Protection Manager 12.1.5 (RU5) installation pictorial walkthrough"


To know upgrade path please refer: Supported upgrade paths to Symantec Endpoint Protection


New Enhancements:

In SEP 12.1 RU6 “What’s new” page is added to be a companion of the “welcome” page. What’s new” page contains the summary description of the new features and links to open pages for more information. What’s new” is displayed after every upgrade to every admin who logs onto SEPM
“Welcome” page is displayed after fresh installation.




Windows Embedded Platform Support:

Symantec Endpoint Protection includes the following additional support for clients that run on Windows Embedded devices and in virtual desktop environments.

  • You can create a client installation package that includes a smaller set of virus and spyware definitions. The reduced-size installation package includes the same protections as for a standard-size Windows client. To deploy a reduced-size client installation package, in the wizard, choose a new package deployment. In the Select Group and Install Feature Sets pane, in the Install Settings drop-down list, click Default Reduced Size Installation Settings.

    Symantec Endpoint Protection supports Windows Embedded write filters. Write filters protect the Windows Embedded operating system from any writes by redirecting the disk writes to temporary storage. When the device restarts, the device reverts to a default clean state, and discards any writes from the last boot session. The disadvantage to an enabled write filter is that after you install the client and restart the device, the client is no longer installed. However, the write filter can be disabled to allow writes to files, directories, or registry keys by excluding the Symantec Endpoint Protection client's file path and registry keys. The Symantec Endpoint Protection installer detects if write filters are installed or enabled and alerts you if you need to disable the filter to continue the installation.

  • Symantec Endpoint Protection supports the File-Based Write Filter (FBWF) for Windows XP Embedded, Windows 7 Embedded, and Windows 8 Embedded. The Registry Filter, combined with the FBWF, allows persistence of specific registry keys while protecting the rest of the operating system. Symantec Endpoint Protection does not support the Unified Write Filter (UWF).


Reduced Size-client

Virus and spyware definitions are now available in a reduced size. You use reduced-size definitions on computers where you need a reduced footprint, such as on Embedded devices and in virtual environments. The reduced-size definitions are 80-90% smaller than the size of the standard-size Windows definitions. The reduced-size definitions are a fixed size and include the most recent set of definitions only, rather than the standard set of definitions.

To configure Symantec Endpoint Protection Manager to download reduced-size definitions, click Admin > Servers, select the site, and click Edit Site Properties. On the LiveUpdate tab, change the selection for Content Size to Download.

Reduced .jpg

System Lockdown Enhancement:

You can run a new command from the management console to collect file fingerprints for applications to use in your system lockdown configuration. The command fingerprints for the .exe and .dll extensions. You use this method to add a list of the approved applications for a master image. The master image, or gold image, is a template for a virtual machine or Embedded device. The advantage of the new command is that it collects the file fingerprints that all the client computers in a group use at one time. Otherwise, you have to run the checksum utility or a third-party utility on each client computer individually. You add the collected file fingerprints to the system lockdown policy to specify which applications are allowed or blocked. These collected file fingerprints include the additional new files that belong to those applications. All other files are blocked from running on the client computer, such as zero-day malware.

File finger list.jpg

You cannot edit or merge the collected file fingerprints with other file fingerprint lists so that you do not mistakenly merge the applications that you don't want. However, you can copy a collected file fingerprint into an existing file fingerprint list.

The collected file fingerprint list for a master image is targeted to a group. After you include the list in the system lockdown configuration, it applies to the group's computers immediately. However, you may want to include other fingerprints or to test the configuration first. You then use a different utility and the two-step process to set up and test the system configuration. You should also use the two-part process if you do not want to collect the fingerprints for all applications on the computers. For example, you may want to target the applications in a folder only.

You can run the command on a group or a single client from the Clients tab. Right-click the group or client and click Run a command on the group > Collect File Fingerprint List or Run Command on Computers > Collect File Fingerprint List respectively.

To add the file fingerprint list, click Clients > Policies > System Lockdown. In the System Lockdown dialog box, click Log Unapproved Applications. In the File Fingerprint List text box, click Add and select Fingerprint from <server name>.

See Running commands on client computers from the console.

See Configuring system lockdown.

See Automatically updating whitelists or blacklists for system lockdown.

Advance Threat Protection Enablement:

Symantec Advanced Threat Protection: Endpoint (ATP: Endpoint) is a virtual appliance that detects advanced threats on Symantec Endpoint Protection clients in your network. Advanced threats are those that typically bypass traditional protection technologies. The ATP: Endpoint server acts as an intermediary for Symantec Insight. ATP: Endpoint analyzes reputation data from Symantec Insight combined with submitted client detection data.

You can configure Symantec Endpoint Protection Manager to redirect the reputation queries and submissions from clients in a client group to ATP: Endpoint.

Under Clients --> Group --> Policies --> External Communication Settings --> Private Cloud.


See Configuring client groups to use private servers for reputation queries and submissions.

Content Distribution Monitor tool will be available under Tools folder.

The Content Distribution Monitor tool (SepmMonitor) helps you manage and monitor multiple Group Update Providers (GUPs) in your environment. The tool displays a graphical display of the GUPs' health and content distribution status. You can run the tool on Symantec Endpoint Protection Manager directly or remotely.

To install and use the tool, see the following article and video:


Content Download Managment

If the management server can provide only full definitions, you cna let clients download smaller packages from a liveupdate server instread. Make sure to optimize the rest of your environment to support this option. It helps

SEPM configuration: Policies > LiveUpdate > LiveUpdate Settings policy > Windows Settings > Advance Settings: (enabled by default)


Content .jpg


For more detail information go through public article: What’s new in Symantec Endpoint Protection 12.1.6



Related Articles:

Title: Upgrading or migrating to Symantec Endpoint Protection 12.1.6 (RU6)

Document ID: TECH230601

Article URL: http://www.symantec.com/docs/TECH230601


Title: New fixes in Symantec Endpoint protection 12.1.6 (RU6)

Document ID: TECH230558

Article URL: http://www.symantec.com/docs/TECH230558


Title: Symantec Endpoint Protection 12.1.6 Release Notes/What’s New

Document ID: DOC8626

Article URL: http://www.symantec.com/docs/DOC8626


Title: System Requirements for Symantec Endpoint Protection 12.1.6

Document ID: TECH230602

Article URL: http://www.symantec.com/docs/TECH230602


Title: Symantec Endpoint Protection 12.1.6 Installation and Administration Guide

Document ID: DOC8645

Article URL: http://www.symantec.com/docs/DOC8645


Title: Symantec Endpoint Protection 12.1.6 Getting Started Guide

Document ID: DOC8646

Article URL: http://www.symantec.com/docs/DOC8646


Title: Symantec Endpoint Protection 12.1.6 Windows Client Guide

Document ID: DOC8647

Article URL: http://www.symantec.com/docs/DOC8647


0 Favorited
0 Files

Tags and Keywords


Feb 05, 2016 07:42 AM

The Endpoint Protection Small Business Edition 12.1.x product has reached End-of-life and is set to be replaced by the Hosted (or .Cloud) version of the product.

Note: This does NOT mean the customer needs to immediately upgrade their product. Customers will be able to renew their on-premises license and continue to use their SBE SEPM’s until 2018.

Please be aware of the official announcement in case you haven't received yet.


You do have an option to cross grade to the Enterprise version which will allow you to obtain 12.1.6 MP3 for your Windows 10 machines or migrate to SEP.cloud.

Feb 04, 2016 03:27 PM

So are you guys saying that SEP SBS is not supported going forward?

I just logged into my Flexnet and noticed the only thing there is a 12.1.5 release which will not support Windows 10.

Plus is 12.1.5 supported on Windows server 2012?

Sep 21, 2015 02:28 PM

sorry, I have Server 2012 R2 and the machine client is Windows 10.


Sep 21, 2015 01:50 PM

I have the two requeriments that you mention. Server has totally communication with the client 

Sep 21, 2015 10:48 AM

Make sure the windows firewall is disabledon this client and remote registry is enabled:

Preparing Windows and Mac computers for remote deployment

Sep 21, 2015 10:44 AM

I send you a screenshot. Thanks

error al instalar el paquete.png


Sep 21, 2015 10:43 AM

As per System requirements article, Server 2013 is not the supported operating system.

Symantec Endpoint Protection (SEP) adds support for Windows 10 with 12.1.6 MP1. For Symantec Endpoint Protection 12.1, a maintenance patch has been released on July 29, 2015.

Sep 21, 2015 10:18 AM

Would need to see a screenshot.

Sep 21, 2015 10:16 AM

I´m using 12.1.6 and I don´t know what show me this error. Do you know?

Sep 18, 2015 07:37 PM

Are you using 12.1.6 MP1 and or MP1a? Both of these versions support Windows 10:

Endpoint Protection support for Windows 10

Sep 18, 2015 05:52 PM


I have SEP 12.1.6 install on windows server 2013 but I can´t install the package in a host with Windows 10. The error is "Can´t install the client in the remote computer.Can somebody help me? Plis

Sep 02, 2015 02:19 AM

@ Chetan..Thanks for the update ..

Seems like cache install folder is empty on Symantec reduced package while installed .

Whether any other drawback if we using the reduced package .

Sep 01, 2015 11:09 AM

You can download reduced-size definitions for virus and spyware content to use on client computers that support compact definitions, such as VDI or Windows embedded clients. Typically reduced definitions are used in virtual environments where you want to eliminate the resource consumption of standard-size definitions.

The reduced definitions are a compact version of the standard definitions.

Warning: If you choose to download only standard-size definitions, any reduced-size clients in your environment do not get virus and spyware content updates. If you choose to download only reduced-size definitions, any standard-size client in your environment do not get virus and spyware content updates.




Both standard-size and reduced-size content

Downloads both standard-size and reduced-size virus and spyware definitions to the management server.


Standard-size content only

Downloads only standard-size content to the management server. Select this option only if you do not run any clients that require reduced definitions in your environment.

With this option, only clients that use standard definitions get content updates. Any clients that require reduced definitions, such as clients that run on Windows Embedded, cannot get content updates.


Reduced-size content only

Downloads only reduced-size content to the management server. Select this option only if you do not run any clients that require standard-size definitions in your environment.

With this option, only clients that use reduced-size definitions get content updates.

Sep 01, 2015 05:57 AM

Hello chetan

Can we use reduced set defintion package on our environment as we have some bandwidth issue.

whether the reduced set have any major difference than the standard definition set on performace .

How much is protection of  reduce defintion package 


Aug 19, 2015 07:48 AM

Yes, you can directly upgrade from 12.1 RU5 to 12.1 RU6 MP1a. It's a supported path.

Upgrade is preety simple & straight forward. Let me know if need any assistance.

Here you can find release notes & System requirements documents:


Here is best practice guide: Best practices articles for Symantec Endpoint Protection (SEP)


Recently we have uploaded new video, how to check pre-requite & install SEPM, check it here:




Aug 19, 2015 07:36 AM

Hi ,


can we upgrade directly from 12.1 RU5 to 12.1 RU6 MP1a?


If possible please share the install and upgrade documents for 12.1 RU6 MP1a

is 12.1 RU6 Mp1a supports SQL 2014 ?

Aug 11, 2015 11:51 AM

@Ankeeb: Yes, it's possible. but we do recommend to have SEPM & SEP clients on the same version.

Aug 11, 2015 11:50 AM

I've got a handful of machines running on my 12.1.5 SEPM without incident.

Aug 11, 2015 11:46 AM

In short, yes.

Aug 11, 2015 11:44 AM

Hi Chetan, Hi All

Can a 12.1.5 SEPM manage a few 12.1.6 clients ?

Thanks :)

Best Regards


Aug 11, 2015 05:56 AM

You can keep this article in your favourite, we always keep it updated with release info.


Aug 11, 2015 12:49 AM

You nailed it,.


Aug 11, 2015 12:32 AM

Hi Chetan,

We did the upgrade to RU6, but how can we know if it's MP1?

The Help page says Version 12.1.6(12.1 RU6) Build 6168.6000)


Thank you,

Aug 10, 2015 03:24 PM

nevermind.  I found out the remote registry was set to disabled. As soon as I made it Automatic it worked.

Aug 10, 2015 02:51 PM

I am trying to deploy to a WIN 10 Enterprise test machine and having an issue.  I am running RU6 SEPM and each time I try and deploy I get an error saying Login to computer failed.  I checked the registry as per the error documentation and it is setup correct.

Aug 10, 2015 01:37 PM

@Chetan, whom do I speak to, in order to get my 36months subscription to Symantec Small Business Server 4.0 money back?? As part of the SSBS, Endpoint Protection is included. However Symantec's current position in regards to SSBS 4 is a end of life in 2018. We are in 2015, so why is Symantec refusing to provide us with a Endpoint Protection that works with Windows 10?? As I said, I want my Endpoint protection compatible with Windows 10 or give me my money back!! And let's make sure everyone understands. When you say 12.1.6, that is not the small business edition. That is only for the enterprize edition. Many users like us, running the small business edition are being misslead. Symentac Small Business Edition is not and will never be compatibile with Windows 10. From everything I have read and Symantec employees I spoke to, Symantec has no plans on making SSBS compatible to Windows 10. Shame on Symantec. Time for me to swith to eset or someone else, maybe sopho....



Aug 10, 2015 05:40 AM

Symantec Endpoint Protection (SEP) adds support for Windows 10 with 12.1.6 MP1.For Symantec Endpoint Protection 12.1, a maintenance patch has been released on July 29, 201 For more details go through this blog: https://www-secure.symantec.com/connect/blogs/symantec-endpoint-protection-and-windows-10-compatibility

For more details check the following article:


Aug 10, 2015 03:33 AM

So what now? is windows 10 supported now or not?  I mean, the windows 10 is already out right?

Jul 28, 2015 04:06 PM

Only if SSL was enabled on the SEPM then it won't be able to communicate, see here:


Jul 28, 2015 02:44 PM

Has anyone ran into any issues with Windows XP clients and TTL having to be enabled? I have a few XP machines and have held back upgrading due to this requirement. If I do not use TTL, XP clients will not be able to communicate with SEPM?

Jul 27, 2015 02:12 PM

That's true latest patch will be compatible with Windows 10.

Jul 27, 2015 01:28 PM

The current 12.1.6 version is not supported but should still install and work just fine.

The supported version patch will be released on the 29th.

Jul 27, 2015 01:24 PM

So, if I pull down the latest version of 12.1.6 I can test on Win 10?



Jul 12, 2015 01:37 PM

There was some discussion about this awhile back and they actually pulled links that stated it was supported so perhaps they forgot this one. I can't say for sure. The comment was made that until Windows 10 was officially released, SEP 12.1 would not support it.

See here:


Jul 12, 2015 01:15 PM

Why update the official data sheet - only to have to change. See for yourself with the link provided so under "two person integrity" you see what I see. Either Symantec know something we all do not know or this is a fiasco - it is or it is not.

Jul 12, 2015 10:26 AM

I'd be weary of this. Symantec has already said SEP 12.1. does not support 10 until is officially released. Although it obviously works if installed on 10.

Jul 12, 2015 10:16 AM

@Chetan and et al., page # 4 says Windows 10 (32-bit and 64-bit) is a supported Client Operating System. It has "07/15" in bottom right hand corner of page # 5. BOOYAH!!!!!


Jun 24, 2015 03:04 PM

Windows 10 is not supported for 12.1.6 because Windows 10 is not released yet, officially.

Jun 24, 2015 03:04 PM

Hi Justice,

SEP Page  (http://www.symantec.com/endpoint-protection/.) is now correctly updated,Thanks!

Jun 23, 2015 12:51 PM

RU6 is supported in Windows 10. I tested it and is fine.

Jun 23, 2015 07:23 AM

@Chetan Symantec says Windows 10 is supported under New Features:

Supported OS Systems

Symantec Endpoint Protection now supports Windows embedded systems above Windows XP embedded SP3, including Windows 10.



Jun 16, 2015 08:15 AM

It seems client only patches are not available yet, I shall update you once they made available.

Jun 14, 2015 01:17 AM

Uhhh, where are the client side patches to bring them up to RU6?

Jun 12, 2015 07:28 AM

Clients are showing online in the console?

Jun 12, 2015 07:20 AM

Hi Chetan,

Thanks for sharing the details but unfortunately not found any private key folder at this location.Any other way to recover the file.

<Install drive>\<Install folder>\Server Private Key Backup



Jun 12, 2015 02:30 AM

Upgrade from 12.1 ru1 to ru6 is possible.

Server private key is not available? Are the clients online? If yes, follow this article to take necessary backup prior to start upgrade:


Jun 12, 2015 02:25 AM

Hello Chetan
Is it possible to upgrade 12.1 ru1 to ru6 ??
Also I am not having server private key .So how to regenerate the key .Any clue please.

Jun 08, 2015 02:22 AM

Windows 10 not supported :(

Jun 01, 2015 08:44 AM

We are having issues with the 12.1.6168.6000 Client for Mac.  It sends our Yosemite (10.10.3) clients into a constant reboot.  We had to roll them back to 12.1.5337.5000.



Jun 01, 2015 07:43 AM

Thanks for the update & happy to help.

Jun 01, 2015 02:01 AM

Hi All,

We just upgrade our Server from RU5 to RU6 12.1.6 (12.1 RU6) build 6168 (12.1.6168.6000)  no problem/Errors while Upgrdading.

Currently All the clients are being updated, it will take some time hope it will done before EOD.

Suggest you to take Server Private Key Back-up & also take DATABASE backup before upgrading for safer side.

Thanks Chetan :)

Thanks & Regards,

Shiju Chacko

May 30, 2015 05:52 AM

I tried to upgrade the SEPM from 12.1 RU5 to RU6 but getting the ACL error. Don't know what is the issue got the error first time.



May 29, 2015 07:43 AM


SBE 12.1. RU5 login page will be as per below, with that also you can easily identify.

SBE 1.1.jpg



May 29, 2015 07:23 AM


Currently i am using 12.1 (RU5) and want to upgrade to the latest one as mentioned below.

But i am dont which one is our license is it "Small Business Edition"  or "Enterprise. How can i check the same and we dont want to go "cloud-based Symantec Endpoint Protection".

How can i check the same.

Awaitng for your reply.

Thanks & Regards,

Shiju Chacko

May 28, 2015 12:16 PM

@Chetan Savade, when will this page here be updated with the new SEP 12.1.6 data sheet (It stills says "Symantec Endpoint Protection 12.1.5 brings unrivaled security, blazing performance, and smarter management across both physical and virtual environments.")


May 28, 2015 11:50 AM

Windows 10 is not supported by SEP Latest release as well i.e. 12.1 RU6.

May 28, 2015 11:25 AM

My experience thus far is good with 12.1RU6, except...

-Firewall module caused me to have to rebuild my WIN10 (Build 10122) test machine, so that isn't working

-Caused my test Apple Workstation to go into an endless reboot until I uninstalled the client completely in safe mode

May 28, 2015 10:50 AM

Chetan, thanks for this update,

SEP Admins ! Any issue reported yet on this version? pls do update if so ,

May 27, 2015 07:49 AM

Thanks for your note, I have made the correction.

May 26, 2015 02:25 PM

Hello Chetan, you said Windows 10 is supported.

But there is nothing in the release notes about Windows 10 support. Besides there are still known issues.

Thanks to confirm.


May 26, 2015 06:57 AM

Has anyone installed RU6 yet ..any issues ? I know its still early days..as reading the release notes/fixes, RU5 was a total bust.

May 25, 2015 11:05 AM


May 22, 2015 07:44 AM

Ty so much for notify Chetan.

Related Entries and Links

No Related Resource entered.