Clients receive very large updates after updating Symantec AntiVirus Corporate Edition clients and servers with Rapid Release definitions
|Article:TECH100809|||||Created: 2004-01-15|||||Updated: 2006-01-18|||||Article URL http://www.symantec.com/docs/TECH100809|
You apply Rapid Release virus definitions to a Symantec AntiVirus Corporate Edition parent server. The next time you apply virus definitions, instead of distributing a microdefinition update as expected, it distributes a full .vdb or .vnt file.
This problem is fixed in Symantec AntiVirus 10.1.5 and Symantec Client Security 3.1.5. For information about how to obtain the latest build of Symantec AntiVirus or Symantec Client Security, read Obtaining an upgrade or update for Symantec AntiVirus Corporate Edition or Symantec Client Security.
This problem is fixed in Symantec AntiVirus 9.0.5 and Symantec Client Security 2.0.6. For information about how to obtain the latest build of Symantec AntiVirus or Symantec Client Security, read Obtaining an upgrade or update for Symantec AntiVirus Corporate Edition or Symantec Client Security.
For help with using Rapid Release virus definitions, read the document for your version of Symantec AntiVirus:
- Using Rapid Release virus definitions to update Symantec AntiVirus 10.x or Symantec Client Security 3.0 clients and servers
- Using Rapid Release virus definitions to update Symantec AntiVirus 8.x and 9.x clients and servers
The following information applies only to the following versions of Symantec AntiVirus:
- Symantec AntiVirus 10.1.4.4000 and earlier
- All versions of Symantec AntiVirus 10.0.x
- Symantec AntiVirus 9.0.5.x and earlier
- All versions of Symantec AntiVirus 8.x
The .idb files that allow microdefinition updates can update only from certified virus definitions. This means that any time that Rapid Release (uncertified) definitions are applied, the next update after the Rapid Release definitions must use a full .vdb or .vnt file. Symantec recommends using certified definitions for normal production updates.
There are enough .idb files to update approximately 10 days of certified definitions. Clients with a set of definitions covered by the .idb files in the .xdb file will receive only the changes between the two sets of definitions.
If Rapid Release definitions are applied to a server on which the existing virus definitions that are more than one day old, the Rapid Release definitions will be distributed in a full .vdb or .vnt file.
To allow the server to push microdefinitions again, place a certified .xdb file on the server. This will push out a .vdb the first time and then push microdefinitions starting with the next set of certified definitions.
This situation can also arise when the .idb files on the receiving client are either corrupted or not implemented correctly. This occurs on a client-by-client basis, rather than being a network-wide problem as described above.
Article URL http://www.symantec.com/docs/TECH100809