JAMF Casper and Symantec Endpoint Protection 12.1.... - Jamf Nation Community - 99947

Hello All,

We're new to the Casper world and working to get our clients all enrolled. We're running into an issue where after the QuickAdd package is installed, console on Mac is spitting out an error:

9/29/15 10:43:45.000 AM kernel[0]: Symantec Vulnerability Protection has found and blocked an ARP Cache Poison attempt (99990).

I must assume that this is Casper as it only happens after the QuickAdd package has been installed. Anyone been through this before and know how to add an exception in SEP to make Casper and Symantec play nice?

Thanks!

~Brayden

4 REPLIES 4

What exact version of SEP are you using? I've been deploying 12.1.6 without any problems. Symantec makes creating the package a cakewalk now. Maybe it's how the package was made.

My computer is currently on SEP 12.1.5337.5000

Just to clarify I am not trying to deploy Symantec with Casper. I am enrolling Macs into the JSS with a QuickAdd package, and getting console errors that Symantec is blocking an ARP Cache Poison attempt (which is suspect is actually Casper.)

I think I have to make an application exception in my SEP Admin console to tell it that anything to do with Casper is nice.

OH, well yea that is a SEP management preference. I'm sorry, I got confused. Btw, you should upgrade to 12.1.6. it fixes some errors.

Tim,

Can you point me in the right direction, for what to change on the server side?

C