How to apply Rapid Release Definitions to a Symantec Endpoint Protection (SEP) client.

Article:TECH104979  |  Created: 2008-01-21  |  Updated: 2014-10-10  |  Article URL http://www.symantec.com/docs/TECH104979
Article Type
Technical Solution


Environment

Issue



Is the process for applying Rapid Release definitions the same as in the SAV 10.x product?
How do I apply Rapid Release definitions to an unmanaged SEP client?
How do I apply Rapid Release definitions to the Endpoint Protection Manager (SEPM) so they will be distributed to all clients?
I have a new threat for which there are not yet Certified Definitions and I need to apply Rapid Release definitions in response.  
 


Cause



The primary focus of Rapid Release definitions is the rapid detection of emerging threats.  These definitions may be augmented later with more robust detection capabilities.

Rapid release definitions are not fully certified, therefore must be manually applied to clients or manually installed to their SEP  Manager server as they cannot be applied via LiveUpdate.


Solution



SEPM'ssp;

 

Rapid Release virus definitions come in two formats:

  1. Intelligent Updater executable files - can be used to update individual SEP Clients
  2. JDB Rapid Release definition files - can be used to update the SEPM, which in turn will distribute the definitions to all the associated SEP clients.

Note: Before applying Rapid Release JDB definitions to your SEPM, it is advisable to test.  Manually update some of your SEP clients with the Intelligent Updater executable to reduce the chance of false positives.

To manually update a SEP client

  1. Go to the Rapid Release virus definition web site
  2. Download the appropriate .exe file for your SEP version and Operating System
    • symrapidreleasedefsv5i32.exe for SEP installed on 32 bits OS
    • symrapidreleasedefsv5i64.exe for SEP installed on 64 bits OS
  3. Run the file on the clients you wish to update and follow the instructions on the screen.
  4. After a successful update you should see the following message:
    •  Intelligent Updater session complete. 
  5. Open the SEP client and verify that the definitions date for the AntiVirus and AntiSpyware protection has changed.

Note:

If the Intelligent Updater executable fails, you can locally update managed SEP clients (clients which are associated with a SEPM) with the option "Third third party content management" and a JDB file. Please consult the document "TECH104363 -  How to manually update definitions for a managed Symantec Endpoint Protection Client using the .JDB file" for more information

To update your Symantec Endpoint Protection Manager

1. Go to the Rapid Release virus definition web site
2. Download the JDB file
3. Follow the document "TECH102607 - How to update definitions for Symantec Endpoint Protection Manager using a JDB file" to update your SEPM using the Rapid Release JDB file.
4. The SEP clients that update from this SEPM should apply the Rapid Release definitions in accordance with the SEPM's LiveUpdate Policy configuration.


 




Legacy ID



2008052116163448


Article URL http://www.symantec.com/docs/TECH104979


Terms of use for this information are found in Legal Notices