Symantec Endpoint Protection Upgrade 14.2 To 14.3

Important Pre-Checks:

• End of Life: SEP 14.2 is end-of-life. Upgrade is highly recommended.
• Supported Paths: Direct upgrade from 14.2 to any 14.3 build is supported.
• OS Support: Ensure your OS is still supported (e.g., Windows 7 SP1 is the minimum; Server 2008 R2 is the minimum). 14.3 drops support for older OSes like Windows XP/Vista/Server 2003.
• Database: Backup your Symantec Endpoint Protection Manager (SEPM) database before starting.

7. Potential Issues & Mitigations

| Issue | Likelihood | Mitigation | |-------|------------|-------------| | Database upgrade fails (SQL compatibility) | Medium | Ensure SQL is at least 2016, run DBCC CHECKDB pre-upgrade. | | Client communication breaks after SEPM upgrade | Low | Restart Symantec Management Service; check firewall port 8014. | | Custom policies lost or reset | Low | Export all policies before upgrade as XML backup. | | High memory usage post-upgrade (Java console) | Medium | Increase SEPM heap size (set SEPM_JVM_MAX_MEMORY). | | 14.3 client fails on Windows 7 / old OS | High | Do not upgrade – keep 14.2 client or retire the OS. | symantec endpoint protection upgrade 14.2 to 14.3

Why upgrade?

• Faster threat detection and improved performance across endpoints.
• Key bug fixes and stability improvements from 14.2.
• New management features and policy controls that simplify day-to-day administration.
• Compatibility updates for modern OSes and third-party integrations.

1. Executive Summary

| Item | Details | |------|---------| | Project | Upgrade Symantec Endpoint Protection (SEP) from version 14.2 to 14.3 | | Scope | SEP Manager (SEPM), SEP clients, and associated components (GUP, LiveUpdate, etc.) | | Target Version | 14.3 RU1 (or latest 14.3.x) | | Key Drivers | Security patches, OS compatibility (Windows 11, Server 2022), new features (e.g., enhanced EDR, memory exploit mitigation), bug fixes, and compliance requirements. | Important Pre-Checks:

Method B: Push Upgrade via SEPM (For LAN clients)

1. In SEPM: Clients > Client Install Packages > Upgrade > Symantec Endpoint Protection.
2. Select the 14.3 package.
3. Choose the target groups.
4. Set the schedule (e.g., "Upgrade after reboot" or "Immediate").
5. Warning: Push upgrades require admin credentials on the target endpoints and open file shares (Admin$). Network firewalls may block this.

Technical Write-Up: Symantec Endpoint Protection Upgrade (14.2 → 14.3)