Symantec/Broadcom EndPoint Protection Upgrade to Version 14.3 MP1

P_Featherstonha
New Contributor III

Hi all,

Just wanting to vent and see if anyone else is in the same boat with the latest SEP client when deploying it from the SEPM Server to Mac's running macOS Catalina.

Just a quick overview - Our current Mac Fleet is managed by our on-premises JAMF management solution. In JAMF we now have the new Broadcom Kernel Extensions installed for auto-approval under MacOS Cataling 10.15.x. When we image a Mac from JAMF and install the latest 14.3 MP1 SEP client all is working fine with all required kernel extensions (KEXT) and system extensions (SEXTS) for the SEP client being applied and approved successfully as set up in our JAMF system.

Previously, auto-deploying the latest SEP client for an upgrade from the SEPM to our Mac fleet (managed by JAMF) has worked fine. The last deployment was for version SEP 14.2 RU2 MP1. The auto-upgrade process to upgrade the SEP client on Mac's went through fine with no issues - even under MacOS Catalina. The success of this can be directly attributed to the usual smooth process of an upgrade from the SEPM server as well as all KEXTS and SEXTS already being Approved in the JAMF system for the Mac end-point.

The issues now - Since Broadcom have obviously changed the installation process of the latest SEP version 14.3 MP1 from the normal smooth process I have come to expect from Symantec, the end-user on a Mac now has a number of "technical" hurdles to jump over when the upgrade of the SEP client hits their Mac from the SEPM server. To clarify, where before the end-user saw a pop-up message to restart at the end of the "silent" upgrade process - we now see multiple messages displayed to the client before, during, and after as the SEP client is deployed from the SEPM server. I would have attached a document of the displayed messages but there is no facility for this in the Forum.

I have raised a Support Case with Broadcom to comment and/or fix this behaviour as it is causing so many issues. At this stage, I am not deploying the upgrade to our Mac Fleet from the SEPM server due to these issues. This now causes protection issues with the Mac Fleet as they are not running the latest version of the SEP client.

FYI - once the end-user clicks all the messages and restarts the Mac, JAMF reapplies the KEXTS and SEXTS for MacOS Approvals, and the SEP client works as expected with all MacOS extension approvals being sorted by JAMF. So there are no issues with the end upgraded result, just a MASSIVE issue with how the upgrade from the SEPM server deploys to a Mac.

So, just wondering if there are others in this situation as Broadcom has now butchered a very seamless upgrade process.

Cheers - Paul

2 REPLIES 2

taz231190
New Contributor III

We used JAMF to update SEP to 14.3 (besides SEP crashing our macs all the time but not due to the upgrade) no issue and no pop ups.

jared_f
Valued Contributor

I can second your frustration of deploying Symantec. It is a nightmare. When I did it at my college for ~70 machines it was a nightmare. I deployed via patch management, everything was approved with KEXT and SEXTS, but the upgrade required the computers be rebooted. I noticed that protection wasn't working from the Symantec icon and it required a second reboot on all machines to begin communicating again with the Symantec server.

We also had Cylance Protect and Optics on our machines along with Symantec - that was a breeze to deploy & no reboots were required.

If it were me I would look into moving to Cylance, but I have also had positive experiences with BitDefender and Malwarebytes too.