Endpoint Security Complete

 View Only
  • 1.  SES Live Shell connect issue - Unable to authenticate user credential

    Posted 5 days ago
    Hi Team,

    We are encountering following error while trying to connect to Live Shell from SES.

    Below prerequisite are set,

    - Logged in as Super Administrator in SES
    - Live Shell functionality is turned on in the EDR Policy
    - PowerShell is available  on Client machine
    - Tried Logging with Windows credentials of the device as well as AD domain credential
    - URLs are whitelisted
    https://ws.securitycloud.symantec.com
    https://bds.securitycloud.symantec.com



    Kindly advise.

    BR,
    AK


  • 2.  RE: SES Live Shell connect issue - Unable to authenticate user credential

    Posted 4 days ago
    Hi AK,

    I'm also a customer of SES complete, and would like to know where you found the prerequisite documentation for Live shell. The documentation I found for SES complete does not speak about URL's that need to be whitelisted for Live Shell, or is that part of the initial setup of SES and just wanted to mention it? I believe also, you need to be either, domain admin, or local admin on the device to be able to have a live shell (PowerShell Remote) to the device.

    I would like more information from Broadcom regarding live shell capabilities, as I haven't been successful in using it either.

    Thank you,






  • 3.  RE: SES Live Shell connect issue - Unable to authenticate user credential

    Posted 9 hours ago
    Hi Samim,

    For more information from Broadcom regarding live shell capabilities and configuration prerequisite, please find below Broadcom technical documents easy reference,

    https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Endpoint-Detection-and-Response/EDR-Actions/Live-Shell-Connect-for-Windows.html

    https://knowledge.broadcom.com/external/article/234037/unable-to-run-smc-command-in-live-shell.html

    https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Troubleshooting/urls-to-whitelist-for-v129099891-d4155e9710.html

    Hope it helps.

    Best Regards,
    AK