What is the processing order of an Explicit GUP list within version 12.1.2 of Symantec Endpoint Protection?
| Article:TECH196741 | | | Created: 2012-09-15 | | | Updated: 2012-10-25 | | | Article URL http://www.symantec.com/docs/TECH196741 |
Problem
Symantec Endpoint Protection 12.1.2 (SEP) introduced a new feature called the Explicit Group Update Provider list. This feature allows for more granular control over which GUPs that SEP client(s) use. What is the processing order in which the SEP client will attempt to contact GUPs in the Explicit GUP list?
The below Explicit GUP will be used as an example.
| Client Subnet | GUP Mapping Type | GUP Mapping Value | Port |
| 10.200.47.2 | IP Address | 10.200.46.219 | 2967 |
| 10.200.47.0 | IP Address | 10.200.46.220 | 2967 |
| 10.200.47.3 | Subnet | 10.200.69.122 | |
| 10.200.47.0 | Subnet | 10.200.48.0 |
Solution
The expectation may be that the SEP client will use the GUPs shown in the Explicit GUP List Example (shown above) in the following order: 10.200.46.219, 10.200.46.220, 10.200.46.122, 10.200.48.0. This is incorrect.
A SEP 12.1.2 client will first try mapped GUPs (starting from the top and moving down) whose "Client Subnet" field is configured by network address (i.e., 10.200.47.0). After this, the SEP client will try GUPs (starting from the top and moving down) whose "Client Subnet" is configured by IP address (i.e. 10.200.47.2 and 10.200.47.3). Thus, the actual order of processing for the Explicit GUP list example (shown above) will be as follows:
| Client Subnet | GUP Mapping Type | GUP Mapping Value | Port |
| 10.200.47.0 | IP Address | 10.200.46.220 | 2967 |
| 10.200.47.0 | Subnet | 10.200.48.0 | |
| 10.200.47.2 | IP Address | 10.200.46.219 | 2967 |
| 10.200.47.3 | Subnet | 10.200.69.122 |
|
|
| Source | ETrack |
| Value | 2924886 |
Article URL http://www.symantec.com/docs/TECH196741
Terms of use for this information are found in Legal Notices
Thank you.