My apologies up front. I'm very frustrated. EndPoint 14.0.2332.0100 has been nothing but one frustration after another. One gotach after another.
Anyway, after reading multiple artlces on 14, ones I wish I'd read before leaving 12.1.7, it's really becoming clear Symantec doesn't release a stable version of EndPoint until a dozen or so builds later. Right now I'm ready to go back to 12.1.7166.6700 after the problems with 14.0.2332.0100. I think I'd spend less time reconfiguring 12.1.7 than trying to deal with 14. The latest problem is netstat.db-wal is making equipment unusable because Symantec doesn't appar to know how to stop it from consuming 100% of available disk space. https://support.symantec.com/en_US/article.TECH239793.html implies this should have been fixed by now with new defintions, the article is a week old so surely new defintions have been released by now, but clearly it hasn't given my latest server at 0 bytes free space. The article also only addresses an OLD version of 14, 14.0.1904.0000.105, NOT the current 14.0.2332.0100 so I guess those of us on MP1 are just out of luck for a new .dll.
A call to support got me a rep who told me 'uh, there's a known issue' and all he wanted to do was "consult" a senior tech. That's ridiculous. After 30 minutes I finally asked for a supervisor. If your front line reps have to consult with other reps, just escalte the call to that rep so there's no lost-in-translation and lengthy delay issues between one tech and the other. It's also a TOTAL waste of the customer's time to do this back-and-forth consulting. When customers have equipment becoming unresponsive and unusable becuase of your buggy product, at least show us the respect of getting people on the phone who know how to address the issue without telling us an escalation call back is at least 24 hours away.
Anyway, has anyone figured out a fix for this issue? smc -stop and smc -start do indeed reduce the file size, but then I get the error saying "Firewall is not functioning correctly. Your definitions damaged or your product installation may be corrupt." This time a reboot fixed it, but rebooting a production server is not always convieient and the two times before that a reboot didn't fix it, the only solution was to CleanWipe and reinstall.
So again, my apologies for being so frustrated, but this is just not acceptable code for Symantec's flagship "enterprise" security product.