1. LiveUpdate for Certified definitions.

To schedule LiveUpdate to retrieve Certified virus definitions:

a. Open the SMSMSE console, and navigate to Admin -> LiveUpdate/RapidRelease schedule.
b. Ensure Enable automatic virus definition updates is checked and Use Certified LiveUpdate definitions is selected.
c. Under Schedule, set the schedule on which you would like LiveUpdate to run. Be aware only one set of certified definitions is available per day, so it is recommended to schedule only one update per day.

2. RapidRelease updates.

To configure RapidRelease updates:

a. Open SMSMSE console and navigate o Admin -> LiveUpdate/RapidRelease Schedule.
b. Check the box for Enable Automatic virus definition updates, and check the radio box for Use Rapid Release definitions
c. Under Schedule, set the schedule on which you would like RapidRelease to run. Multiple updates are available per day, so you may want to set it to check every X hours. Rapid Release uses
port 21 to download definitions, bypassing the need for port 80 access. Be aware that Rapid Release definitions are not tested as thoroughly as certified definition sets, but are updated more frequently.

3. Share definitions from Symantec AntiVirus (SAV) or Symantec Endpoint Protection (SEP).

If SEP 12.0 or lower is installed there are certain conditions under which virus definitions can be shared. If the system is a 32 bit system, SMSMSE will share definitions with SAV/SEP. If the system is a 64 bit system, SMSMSE can share definitions with SAV/SEP in certain conditions. Additional steps must be taken in order to share successfully. See the following document for details: 'How to Share Virus Definitions Between Symantec Endpoint Protection (SEP) and Symantec Mail Security for Microsoft Exchange (SMSMSE) 6 on a 64 bit Operating System'.

4. Schedule the intelligent updater using the steps provided in this document: 'Scheduling virus definition updates for Symantec Mail Security for Microsoft Exchange using the Intelligent Updater.'

5. Use an internal LiveUpdate Server.

Configure an Internal LiveUpdate server (LiveUpdate Administrator). Symantec Mail Security can be set to retrieve definition sets from an internal server via LiveUpdate. To configure an internal LiveUpdate server and point SMSMSE to retrieve updates from that server, follow the steps provided in this document: Distributing Virus definitions for Symantec Mail Security for Microsoft Exchange via LiveUpdate Administrator.

Each of these methods can have advantages or disadvantages relative to one another, depending on the environment. Here are some factors to consider when deciding which method is correct for your environment:

1. LiveUpdate for Certified definitions: This is the default update method for SMSMSE virus definitions, and is turned on by default. This method has the advantage of being very simple to set up and maintain, but has two potential drawbacks. It requires access to the internet on port 80, and will use WAN bandwidth rather than LAN bandwidth as some other methods.
2. RapidRelease Updates: This method is also very simple, and only requires configuration through the SMSMSE console. Multiple sets of rapid release definitions are available each day, meaning you will always have the latest definitions known to Symantec if you choose this method. However, these definitions are not tested as thoroughly as Certified definitions, and thus run a higher risk of catching false positives. This method requires internet access for the Exchange server on port 21.
3. Sharing Definitions with SAV/SEP: This method requires the least bandwidth to accomplish and does not require direct internet access on the Exchange server, as SMSMSE will be absorbing definitions that have been downloaded to a single server and distributed out to the clients. However this method requires some set-up initially to function correctly with current versions of SMSMSE, and also requires that SAV/SEP be installed on the Exchange server.
4. Scheduled intelligent updater: This method requires internet access on port 21 for the Exchange server, and functions similarly to RapidRelease updates scheduled in the SMSMSE console, but applies certified definition sets instead of RapidRelease sets. This method is only recommended if none of the other methods are feasible for your network.
5. Internal LiveUpdate server: This method requires only the use of internal network connections download definitions to the Exchange server, making it ideal for Exchange servers that have no internet access and do not have SAV/SEP installed making sharing unfeasible. However, this method requires you to have another machine to act as the internal LiveUpdate server, and this machine must have internet access on port 80. This method also requires some significant configuration up front, but once it is configured it does not require additional actions to be taken for definitions to stay up to date.

Technical Information

This section provides information on where SMSMSE stores virus definitions on various operating system versions: