About submissions throttling

Article:HOWTO81189  |  Created: 2012-10-24  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO81189
Article Type
How To


Subject


About submissions throttling

Symantec Endpoint Protection throttles client computer submissions to minimize any effect on your network. Symantec Endpoint Protection throttles submissions in the following ways:

  • Client computers only send samples when the computer is idle. Idle submission helps randomize the submissions traffic across the network.

  • Client computers send samples for unique files only. If Symantec has already seen the file, the client computer does not send the information.

  • Symantec Endpoint Protection uses a Submission Control Data (SCD) file. Symantec publishes the SCD file and includes it as part of a LiveUpdate package. Each Symantec product has its own SCD file.

The SCD file controls the following settings:

  • How many submissions a client can submit in one day

  • How long to wait before the client software retries submissions

  • How many times to retry failed submissions

  • Which IP address of the Symantec Security Response server receives the submission

If the SCD file becomes out-of-date, then clients stop sending submissions. Symantec considers the SCD file out-of-date when a client computer has not retrieved LiveUpdate content in 7 days. The client stops sending submissions after 14 days.

If clients stop the transmission of the submissions, the client software does not collect the submission information and send it later. When clients start to transmit submissions again, they only send the information about the events that occur after the transmission restart.

See About submitting information about detections to Symantec Security Response


Legacy ID



v8721975_v81626096


Article URL http://www.symantec.com/docs/HOWTO81189


Terms of use for this information are found in Legal Notices