07-15-2020 10:00 AM
I inherited Cisco AMP after a couple of our team members left. It had not been monitored for quite some time and the computers were on connector 6.0.5 and 6.0.9 as well as Symantec Cloud. We are a hosting and professional services provider and we have two clients that are on AMP and wanted to get rid of Symantec due to the recent sale of the company and use AMP alone.
I proceeded to update the policy to enable TETRA and update some of the settings as well as adding exceptions and tested with a couple of computers before moving forward. Our process was to remove the old AMP connector, uninstall Symantec, reboot and install the latest AMP connector 7.2.7.11687. We were finishing up with the client computers when we noticed that the dashboard was showing 0% for all items. When I went into the overview screen it shows the 40 computes being continuously scanned but all are showing as unsupported.
Our second client's IT person followed the same process and his console is fine. All of their computers are supported and being monitored. I compared settings from both and they were basically the same, the bulk of the computers are Windows 10 with a few Windows 7. The second client just renewed their license and the client I am working with still has 4 months to go on their Essentials license.
If anyone can point me in a direction to look into this further, it would be greatly appreciated.
Thank You.
Joe Trainor
Sr. Cloud Services Engineer
Solved! Go to Solution.
07-15-2020 10:35 AM
Joe,
What version is the other client using? 7.2.7 was pulled due to bug CSCvu65043, which is likely why they are showing unsupported. The systems should still be protected but would be listed as unsupported since the 7.2.7 build was removed from production. I advise upgrading to 7.2.11 to avoid any issues with that bug.
Thanks,
Matt
07-15-2020 10:35 AM
Joe,
What version is the other client using? 7.2.7 was pulled due to bug CSCvu65043, which is likely why they are showing unsupported. The systems should still be protected but would be listed as unsupported since the 7.2.7 build was removed from production. I advise upgrading to 7.2.11 to avoid any issues with that bug.
Thanks,
Matt
07-15-2020 12:31 PM
07-15-2020 10:43 AM
Greetings Joe,
Where exactly are you seeing the 0% at? Can you provide a sanitize screenshot of the issue?
Also 7.2.7 was pulled from the dashboard as a downloadable version please see the announcement below:
Removed AMP for Endpoints Windows Connector v7.2.5 & v7.2.7:
AMP for Endpoints Windows Connector v7.2.5 & v7.2.7 have been removed from the AMP Console due to CSCvu65043 - ClamAV 0.102.1.76 log files filling up disk space
Policies that were configured to upgrade to v7.2.5 or v7.2.7 have been modified to prevent additional upgrades to these versions.
If you have already upgraded to v7.2.5 or v7.2.7 and are experiencing disk space issues, Cisco recommends upgrading to 7.2.11 version to address the issues.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: