Download .jdb files to update definitions for managed Endpoint Protection clients

Article:TECH104363  |  Created: 2008-01-07  |  Updated: 2014-11-20  |  Article URL
Article Type
Technical Solution


This article describes how to download and update definitions for Symantec Endpoint Protection (SEP) clients using .jdb files.

In a managed environment, the Daily Certified or Rapid Release .jdb file can be used to update virus definitions for the SEP client. SEP clients will need to have third-party content management enabled before a .jdb can be applied.


  • The antivirus .jdb file contains only antivirus/antispyware definitions and will not provide updated content for the firewall, IPS, SONAR and other features for the Symantec Endpoint Protection (SEP) clients.  
  • For SEP 12.1 RU2 and earlier, only virus definitions can be updated by downloading a standalone file such as a .jdb file or an IU. All other content types must be downloaded using LiveUpdate.
  • For SEP 12.1 RU3 and later, .jdb and .exe standalone updaters are available for SONAR ("Behavior-Based Protection") and IPS ("Network-Based Protection") definitions. These are now available from Security Response's Virus Definitions & Security Updates page.


To update a managed client with a .jdb file:
  1. In the Symantec Endpoint Protection Manager (SEPM), go to Clients.
  2. Select the group in which the client or clients can be found that need to be updated manually.
  3. Edit the LiveUpdate Settings Policy.
  4. In the LiveUpdate Policy, choose Server Settings in the left pane.
  5. In the right pane, under Third Party Management, enable the option "Enable third party content management".
  6. On the SEP client, make sure that the client received the policy change by checking for the existence of the 'inbox' directory as following paths:

    SEP 12.1.x:
    %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\CurrentVersion\inbox

    Note: On SEP 12.1.x clients, the \inbox directory is always present. Please check the Policy serial number to ensure it is matching the serial number published by SEPM.

    SEP 11.x:
    %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\inbox

  7. Download the .jdb file from the Symantec Security Response Website:

  8. For each SEP client that needs to be updated, copy the .jdb file into the folder noted in #6 above.
  9. After a few minutes the .jdb file will be automatically processed. When complete, the client should reflect new antivirus definitions.


If a third-party management update fails, the content copied to the inbox will be moved to a folder called "invalid". Possible reasons for failure include:

  • Third-party management has not been enabled.
  • The file type is not supported.
  • The file structure is incorrect.
  • The content being installed via third-party management is already installed or is older than what is installed.

For more details on third-party managementand updates regarding SEP 12.1 clients, see Using third-party distribution tools to update client computers.

Legacy ID


Article URL

Terms of use for this information are found in Legal Notices