Symantec EDR (Endpoint Detection & Response, Previously ATP – Advanced Threat Protection) exposes advanced attacks with precision
machine learning and global threat
false positives and helps ensure high levels of productivity
for security teams. Symantec EDR capabilities allow incident
responders to quickly search, identify and contain all impacted
endpoints while investigating threats using a choice of onpremises and cloud-based sandboxing. Also, Symantec EDR
enhances investigator productivity with automated investigation
playbooks and user behavior analytics that brings the skills and
best practices of the most experienced security analysts to any
organization, resulting in significantly lower costs.
Symantec EDR Software Update
To update the Symantec EDR software in the EDR appliance console
In the EDR appliance console, click > Appliances.
Click the option for the device that you want to update.The management platform must be updated first. Once it is updated, you can initiate updates for each of the network scanners from the EDR appliance console.An update can take some amount of time. The appliance automatically restarts when an update is completed. If an error occurs during the update process, you can use the update status command in the command line interface to find out more information about the status of the last performed update.
On the management platform or all-in-one appliance, run the update command with desired options.For example, to update to the latest version of Symantec EDR software, enter:update install
Notification: SEPM Unavailable
Symantec EDR lost the connection to SEPM. Troubleshooting from following steps:
1. check connectivity between EDR management appliance and SEPM
2. Verify SEPM has right credential for EDR to connect.