Symantec Endpoint Protection 12.1 RU1 and AppV 4.6 2 Comments

Another moment of pure fun with Symantec Endpoint Protection... I liked the version 11 so much and I was missing mysterious Symantec issue so much I decided to update the anti-virus software to 12 on all my customer XenDesktop virtual machines... The version we chose to deploy was Symantec Endpoint Protection 12.1 RU1 (version given by the security administration team), the update went fine, no BSOD, no weirdness and that was weird actually, I was prepare and ready for so much trouble, nothing happened ! the vDisk was updated and the only change this time was SEP, so I pushed the next vDisk into production. Few hours and next day, users were complaining about App-V applications launch issues, that was a known issue because the App-V infrastructure is a bit old (v4.5 on the server-side) and begin to have some weirdness after the weekly reboot (services started but no stream.., next blog post I guess) So we checked everything out around the App-V servers and App-V client (4.6 SP2) and the only things we saw was error in event log but nothing to really think App-V was the root of these issue. Some streamed applications were working some other not.   After searching again and again, I just roll back one vDisk to use the earlier version to check if everything was ok with the earlier version and yes, everything was working fine with App-V applications. So i went to check Symantec knowledge base and I found these two articles : Application Error when launching an App-V virtualized application on a computer with SEP 12.1 client installed. New fixes and enhancements in Symantec Endpoint Protection 12.1 Release Update 2 So you guessed it right, the update to Symantec Endpoint Protection 12.1 RU2 is fixing App-V 4.6 compatibility issues... App-V virtualized applications cannot load with Proactive Threat Protection installed Fix ID: 2689005 Symptom: App-V virtualized applications cannot load with Proactive Threat Protection installed. Solution: Changed Application Control and User Mode Hooking to allow NTDLL image validation. So, one more time thank you Symantec to waste our time and make our life much more complicated !

After many years going from a customer to another, speaking with people all around the world, I wanted to share my experience regarding application integration. This is not a new topic but there are so many way to deliver applications today it can become very messy very fast. In a lot of companies I worked with, I had to face many different situations with different technologies and solutions. What I explain in this blog is just one way to get things done, maybe not the best one but I think this is the most efficient way to leverage Citrix / Microsoft solutions when it's about application delivery. I made a simple diagram to materialize my though when I plan to integrate or migrate new application into a VDI environment. When I write VDI, I mean : VDI = Virtual Desktops + Shared (Virtual) Desktops (SBC) For example, when I need to free a XenDesktop golden image from all the applications installed over the years, I need to understand : Is this application still in use ? Who need this application ? Why they need it ? How they use it ? How many users need this application ? Is there enough license for this application ? What is the update cycle of this application ? What are the prerequisite of this application ? Etc etc... Then I need to to know if I want or need to "virtualize" this application or not : First thing first : is this application working on a regular OS with a "normal" installation process ? Do you need to virtualize this application ? time & cost vs deployment & number of users What are the prerequisite for this application ? (XenApp silo needed or not, specific Streaming profile / AppV) Is this application need to be use offline, ie roaming users ? What is the application size (Mb, Gb) once it's installed ? Is this application supported on a 64bit Operating System ? All these point are what I'm asking myself before doing anything. There are a lot more question you need to ask yourself, it depend of each customer's environment and technologies in use. The more I look this diagram the more I find some other step to add, this is like a never-ending construction and a new puzzle at each customer's place. We could continue this schema with application compatibility between each…