Docker Container–Windows 2016 Server–With SEP (Symantec Endpoint Protection)

Scenario – You have Windows Server 2016 machine and you have installed and configured Docker. After successful configuration, docker version command can give the information about the installed version.

image

You want to host IIS based website and so you have imported microsoft/iis image from docker secure registry successfully. You now wants to run the container using the command like –

docker run –d –name myFirstIISAap –p 80:80 microsoft/iis

You might get the below error message –

Error response from daemon: container c44wuweuwe323232xxxxx encountered an error during start: failure in a windows system call : This operation returned because the timeout period expired. (0x5b4)

image

Solution –

The following steps were taken:

  1. SEP V14mp1 (14.0.2332.0100) installed with all features – above issue present
  2. Remove SEP completely – no issues. Container created successfully.
  3. Re-install SEP with basic AV features only – no issues. Container created successfully.
  4. Modify SEP installation to include ADC feature – above issue present (at this stage advanced logging was enabled in SEP, error reproduced, and Symantec Diagnostic tool used to compile all logs for support purposes)
  5. Modify SEP installation to remove ADC feature and add IPS (NTP), SONAR (PTP) and Advanced Download Protection features – no issues. Container created successfully.- This could be the recommended solution.
Advertisements