Symantec Endpoint Protection clients download full definitions from Group Update Provider or from Symantec Endpoint Protection Manager

Article:TECH122612  |  Created: 2010-01-21  |  Updated: 2011-03-09  |  Article URL
Article Type
Technical Solution


You notice a large amount of bandwidth is consumed as Symantec Endpoint Protection clients are downloading full definitions from the Group Update Provider (GUP) or from the Symantec Endpoint Protection Manager (SEPM) . This issue was reported against Symantec Endpoint Protection 11.0.5002.333 (MR5).

0 kb dax files on the SEPM

Large number of groups on SEPM
Low resources and/or High CPU on SEPM


This is caused 0 byte deltas that are created before the can be extracted, thus causing the GUP or SEPM to distribute full definitions ( instead. In some instances, it takes longer then normal to extract the and when the clients check-in for content updates and before the extraction of the is completed, this causes the XDelta to generate 0 byte .dax files.

Example from scm-server log: 2010-01-19 04:14:12.562 SEVERE: DeltaContentTask.generateDeltaContent FAILED 4: 2010-01-19 04:14:12.562 SEVERE: CODE -1:

Example of issue:

See how the 0 byte .dax files are generated before the Full directory can be extracted:



This problem is fixed in Symantec Endpoint Protection 11.0.6100.645 (RU6MP1). For information on how to obtain the latest build of Symantec Endpoint Protection, read Obtaining an upgrade or update for Symantec Endpoint Protection


Supplemental Materials


Legacy ID


Article URL

Terms of use for this information are found in Legal Notices