Updating virus definitions for Symantec AntiVirus Corporate Edition 10.x and Symantec Client Security 3.x

Article:TECH101198  |  Created: 2005-01-07  |  Updated: 2014-04-23  |  Article URL http://www.symantec.com/docs/TECH101198
Article Type
Technical Solution

Product(s)

Environment

Issue



You want to know how to update your virus definitions.


Solution



 


Before you begin: If you are using an earlier version of Symantec AntiVirus Corporate Edition, read the following document:

TECH100047 - How to update virus definitions for Symantec AntiVirus Corporate Edition 8.x and 9.x.



There are four methods for updating virus definitions:

  • The Virus Definition Transport Method (VDTM)
  • LiveUpdate
  • Copying an .xdb file
  • Intelligent Updater



Read the following descriptions, and choose a method or combination of methods that works best for your environment.

    The Virus Definitions Transport Method (VDTM)
      The VDTM is a fully automated solution for virus definitions distribution, and is enabled by default between servers and their managed clients. With the VDTM, it is only necessary to update one server in order to update all computers in the network. The server gets definitions updates using LiveUpdate or an .xdb file, and then automatically distributes the definitions to each of its clients on the network. Read the following document for an overview and instructions:

      TECH100102 - How to use the Virus Definitions Transport Method (VDTM) in Symantec AntiVirus Corporate Edition


    LiveUpdate
      LiveUpdate is a program that connects to a server, downloads the latest definitions, and applies the definitions to the computer on which it is running. You can run LiveUpdate from the Symantec System Center, or within Symantec AntiVirus. LiveUpdate can retrieve definitions files either from the Symantec server (which it does by default) or from an internal Web, FTP, or file server created with the LiveUpdate Administration Utility.

      To run LiveUpdate from the Symantec System Center Console
      1. Right-click the Primary Server, point to All Tasks > Symantec AntiVirus, and then click Virus Definition Manager.
      2. Click Configure.
      3. Click Update Now.
      4. LiveUpdate is now running silently in the background on the Primary Server. If the VDTM is enabled, it will distribute virus definitions to any secondary servers and clients when LiveUpdate completes.
      To run LiveUpdate from the Symantec AntiVirus Corporate Edition interface
      1. Open Symantec AntiVirus Corporate Edition.
      2. Click LiveUpdate.
      3. Follow the on-screen prompts to download the latest definitions. If the computer is a parent server and the VDTM is enabled, it will distribute virus definitions to any subordinate servers and clients when LiveUpdate completes.


      Scheduling LiveUpdate
      You can schedule LiveUpdate to run periodically, either from the Virus Definition Manager within the Symantec System Center, or by clicking File and then Schedule Updates from within Symantec AntiVirus.

      The LiveUpdate Administration Utility 1.x and LiveUpdate Administrator 2.x
      On very large or widely distributed networks, it may be desirable to create an internal server and have clients use LiveUpdate to retrieve updates from that server, rather than using the VDTM. Symantec offers two distinct products for downloading and distributing LiveUpdate content on an internal network.

      For information on determining whether the legacy LiveUpdate Administration Utility 1.x (LUAU 1.x) is necessary, and instructions for its implementation, read:

      TECH98930 - How to configure the LiveUpdate Administration Utility

      For information on the more recent release, LiveUpdate Administrator 2.x (LUA 2.x), please read:

      TECH102701 - Installing and configuring LiveUpdate Administrator 2.x


    Copying an .xdb file
        Note: This method does not apply for 64-bit versions of the client.
      You can update any Symantec AntiVirus server or client by downloading the .xdb file from Symantec. You can also copy an .xdb file from the VPHOME share on any Symantec AntiVirus server. The modified date of the .xdb file matches the date of the virus definitions. When using this method, RTVSCAN.EXE checks for new .xdb files, and then initiates the update process. RTVSCAN.EXE checks for new .xdb files about every 10 minutes by default. Restarting (stopping and then starting) the Symantec AntiVirus Server process can be used to manually initiate the update process if you do not want to wait.

      To download an .xdb file from Symantec
      1. Go to the "xdb folder" at the following Symantec FTP site:
        ftp://ftp.symantec.com/AVDEFS/norton_antivirus/xdb/

        Note: You can also find the file from the following location:
        "Symantec Security Response Virus Definitions Download Page.." at:
        http://securityresponse.symantec.com/avcenter/defs.download.html

      2. Click the .xdb file with the latest date, and select Save to disk from the dialog box.
      3. If the .xdb file downloads with a .zip extension, remove the .zip extension by renaming the file.
        The file name should be similar to the following:
        vd12bc02.xdb
      4. Copy the ".xdb" file to the correct location, depending on the type of installation:
        • For NetWare servers, the default location is SYS:SAV.
        • For Windows computers, the default location is C:\Program Files\SAV or C:\Program Files\SAV\Symantec AntiVirus.
          For help with this, read the "To find the Symantec AntiVirus program folder on a Symantec AntiVirus or Symantec Client Security server" section in the Technical Information section of this document.
        • For clients, the default location is C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\.
          The "Application Data" folder may be hidden. To show hidden and system folders, read the document:

          "How to make Windows show all files." at:
          http://service1.symantec.com/support/tsgeninfo.nsf/docid/2002092715262339
        Note: This method does not apply for 64-bit versions of the client.
      Automatically updating definitions using the .xdb file
        Symantec provides a batch file that you can schedule to update the definitions with the latest .xdb file. This batch file automatically downloads and extracts the latest .xdb file from a statically named executable (Navup8.exe), and copies the .xdb file to the appropriate location. For more information, read the document:

        TECH100730 - Updating Symantec AntiVirus Corporate Edition virus definitions without using LiveUpdate.

    Intelligent Updater
    The Intelligent Updater file is an executable file that you can use to update virus definitions on legacy (Norton AntiVirus Corporate Edition) servers.

      WARNING: If you are updating a Symantec AntiVirus server, then you must download the .xdb file from Symantec, as described in the "Copying an .xdb file" section in this document. If you apply the x86.exe or .vdb definition update then you may experience problems updating secondary servers and clients. Read the following document for more information:

      TECH100441 - Primary server does not update secondary servers or clients using the VDTM.




      To download and apply the Intelligent Updater
      1. Go to the "Symantec Security Response Virus Definitions Download Page." at:
        http://securityresponse.symantec.com/avcenter/defs.download.html
      2. Select the appropriate Language and Product (Symantec AntiVirus Corporate Edition), and then click Download Updates.
      3. Download and run the "yyyymmdd-version-x86.exe" file.
        Note: "yyyymmdd-version" indicates the date and version of the definition file.



Technical Information
To find the Symantec AntiVirus program folder on a Symantec AntiVirus or Symantec Client Security server

  1. On the Windows taskbar, click Start> Run.
  2. In the Run dialog box, type cmd
  3. Click OK.
  4. At the command prompt, type net share
  5. Under Share name, find the "VPHOME" listing.
    The folder listed in the Resource column is the Symantec AntiVirus program folder and contains the Grc.dat file.

 

 




Legacy ID



2005040711404048


Article URL http://www.symantec.com/docs/TECH101198


Terms of use for this information are found in Legal Notices