December 16 2008

Exchange 2003 cluster with Symantec Endpoint Protection (SEP)

After a reasonably painless recent rollout of SEP v11 to our fleet, we’ve come across some issues running it on a Windows 2003 Active-Passive Exchange 2003 cluster. Symptoms: nodes unresponsive, sometimes together, sometimes minutes after the other one – not even blue screened but completely unresponsive, nothing on the console.

Anyway the short of it was that we managed to get a memory dump and learned that system32driverswpsdrvnt.sys had been causing the issues. Doesn’t ring a bell? Well it’s the Sygate Personal Firewall which has now been rolled into Symantec Endpoint Protection, the network threat protection component.

We obviously didn’t want to completely remove AV from our email system if possible, so we modified the installation to only contain the core files plus AV protection (see below)

2 weeks running like this and the problem has not reoccurred.

I use a maximum of one Google Ad per post to help offset some of my blog hosting costs.


Tags: , , , ,

Posted December 16, 2008 by danovich in category "AntiVirus", "Exchange", "Windows

Leave a Reply