About the types of Group Update Providers
|Article:HOWTO80957|||||Created: 2012-10-24|||||Updated: 2014-09-21|||||Article URL http://www.symantec.com/docs/HOWTO80957|
You can configure several different types of Group Update Providers in the LiveUpdate Settings policy: a single Group Update Provider, an explicit list of Group Update Providers, and multiple Group Update Providers. The types of Group Update Provider are not mutually exclusive. You can configure one or more type of Group Update Provider per policy.
Single Group Update Provider
A single Group Update Provider is a dedicated client computer that provides content for one or more groups of clients. A single Group Update Provider can be a client computer in any group. To configure a single Group Update Provider, you specify the IP address or host name of the client computer that you want to designate as the Group Update Provider. A single Group Update Provider is a static Group Update Provider.
Configuring a single Group Update Provider turns a single client into a Group Update Provider.
Explicit Group Update Providers list
You can configure an explicit list of Group Update Providers that clients can use to connect to Group Update Providers that are on subnets other than the client's subnet. Clients that change location frequently can then roam to the closest Group Update Provider on the list.
An explicit Group Update Providers list does not turn clients into Group Update Providers. You use an explicit Group Update Provider list to map the client subnet network addresses to the Group Update Providers. You identify the Group Update Providers by any of following means:
Explicit Group Update Providers can be static or dynamic, depending on how you configure them. If you use an IP address or a host name to configure an explicit Group Update Provider, then it is a static Group Update Provider. This difference affects how Group Update Providers act in networks that mix legacy version clients and managers with clients and managers from the current release.
If you use a subnet to designate a Group Update Provider, it is dynamic, as clients search for a Group Update Provider on that subnet.
This subnet is the Group Update Provider subnet network address, which is sometimes also referred to as the network prefix or network ID.
Multiple Group Update Providers list
Multiple Group Update Providers use a set of rules, or criteria, to elect themselves to serve groups of clients in their own subnets. To configure multiple Group Update Providers, you specify the criteria that client computers must meet to qualify as a Group Update Provider. You can use a host name or IP address, registry keys, or operating system as criteria. If a client computer meets the criteria, the Symantec Endpoint Protection Manager adds the client to a global list of Group Update Providers. Symantec Endpoint Protection Manager then makes the global list available to all the clients in the network. Clients check the list and choose the Group Update Providers that are located in their own subnet. Multiple Group Update Providers are dynamic Group Update Providers.
Configuring multiple Group Update Providers turns multiple clients into Group Update Providers.
You cannot use multiple Group Update Providers with the legacy clients that run versions of Symantec Endpoint Protection earlier than version 11.0.5 (RU5).
Configuring single or multiple Group Update Providers in a LiveUpdate Settings policy performs the following functions:
It specifies which clients with this policy are to act as Group Update Providers.
It specifies which Group Update Provider or Providers the clients with this policy should use for content updates.
Configuring an Explicit Group Update Provider list performs only one function:
It specifies which Providers the clients with this policy should use for content updates. It maps Group Update Providers on subnets for use by clients on different subnets.
It does not specify any clients as Group Update Providers.
Although it does not turn clients into Group Update Providers, you can still configure and apply a policy that contains only an explicit provider list. However, you must then have a single Group Update Provider or multiple Group Update Providers configured in another policy in the Symantec Endpoint Protection Manager. Or, you can have both types configured in other policies.
Because Symantec Endpoint Protection Manager constructs a global list, all of the Group Update Providers that are configured in any of the policies on a Symantec Endpoint Protection Manager are potentially available for clients' use. Clients on a different subnet can end up using a Group Update Provider that you configured as a single static provider if the configured subnet mapping in an explicit list in another policy matches it.
If a client cannot obtain its update through any of the Group Update Providers, it can then optionally try to update from the Symantec Endpoint Protection Manager.
Table: How the explicit type of Group Update Provider can be used based on the software versions in the network
The types of Group Update Providers that you configure depend on how your network is set up and whether your network includes legacy clients.
A legacy client is considered a computer that runs a version of Symantec Endpoint Protection that is earlier than 11.0.5.
Table: When to use particular types of Group Update Provider
Article URL http://www.symantec.com/docs/HOWTO80957