New features and functionality in Symantec Endpoint Protection Release Update 5 (SEP RU 5) Group Update Provider (GUP)

Article:TECH96417  |  Created: 2009-01-28  |  Updated: 2010-01-19  |  Article URL http://www.symantec.com/docs/TECH96417
Article Type
Technical Solution

Environment

Issue



What new features and functionality are provided in the RU 5 for GUPs?


Solution



New features and functionality in RU 5 GUPs:
  • Ability to limit the amount of bandwidth that the GUPs can use when it downloads content from the Symantec Endpoint Protection Manager (SEPM) from within the policy on the Symantec Endpoint Protection Manager, rather than modifying a registry key.
  • Ability to define GUPs by using rules and conditions, such as an IP address or host name, registry key or registry key value.
  • Ability to configure a single GUP in a single LiveUpdate Policy that applies across multiple groups for multiple clients, rather than needing a group for each GUP.
  • Clients will attempt to connect to a GUP in their local subnet by default.
  • Clients acting as GUPs are easily identifiable in the SEPM.








Setting
Description
Single Group Update Provider IP address or host nameCheck this option to configure a single Group Update Provider. The client computer that acts as the Group Update Provider can reside in any group.
Type the IP address or host name of the client computer.
Example IP address: 1.1.1.1
Example host name: mycompany
You can use the wild cards asterisk (*) and question mark (?) in the host name.
Multiple Group Update ProvidersCheck this option to configure multiple Group Update Providers. Then click Configure Group Update Provider List.
Maximum time that clients try to download updates from a Group Update Provider before trying the default management serverThis option lets clients bypass a Group Update Provider if they try and fail to connect to the Group Update Provider. You can specify a length of time after which clients can bypass the Group Update Provider. When clients bypass the Group Update Provider, they get content updates from the default server.

Select one of the following options:
  • Check Never if clients only get updates from the Group Update Provider and never from the server. For example, you might use this option if you do not want client traffic to run over a wide area connection to the server.
  • Check After to specify the time after which clients must bypass the Group Update Provider. Specify the time in minutes, hours, or days.
Default portThe TCP port that is used for client communications.
The default TCP port number is 2967. If the Group Update Provider receives IP addresses with DHCP, you should assign a static IP address to the computer or use the host name. If the Group Update Provider is at a remote location that uses network address translation (NAT), use the host name.

Note:If the Group Update Provider runs a firewall, you might need to modify the Symantec firewall policy to permit the TCP port to receive server communications. This note applies to Windows firewall, legacy Symantec Client Firewall, and third-party firewalls. If the Group Update Provider runs the Symantec Endpoint Protection client firewall, the Symantec firewall policy is configured automatically.
Maximum disk cache size allowed for downloading updatesThe maximum disk space to use on the Group Update Providers for storing content updates.
The unreserved disk space is kept to the limits as content updates are downloaded. Once the limit is reached, the Group Update Provider continues to serve the clients, but only for the existing content.
Delete content updates if unusedControls when the individual content updates that are downloaded to the Group Update Provider become eligible for deletion.
The content updates take up disk space on the Group Update Provider computer. You should configure the option to delete unused content updates. Content updates are considered unused if the clients have not requested the updates.
Maximum number of simultaneous downloads to clientsThe maximum number of simultaneous downloads that the Group Update Provider distributes to clients.
This option concerns memory and CPU utilization on the Group Update Provider computer. The option controls how many threads are allocated to handle incoming requests. Memory utilization is associated with the threads, so more threads require more memory. Also, processing the incoming requests requires CPU cycles, so more threads require more CPU cycles.
You should tune the value to the limitations of the Group Update Provider computer. The goal is to download content updates to clients as quickly as possible, without overwhelming the Group Update Provider computer. Set the value high enough to get reasonable concurrency, but low enough to avoid overtaxing the Group Update Provider computer.
Maximum bandwidth allowed for Group Update Provider downloads from the management serverControls the amount of bandwidth that the Group Update Provider uses to download content updates from the server.
Select one of the following options:
  • Check Unlimited to allow any amount of bandwidth.
  • Check Up to to limit the bandwidth to the amount that you specify.



For more information on configuring GUPs with RU 5, please refer to this document:

Title: 'Configuring Group Update Provider (GUP) in Symantec Endpoint Protection Release Update 5 (SEP RU5)'
Document ID: 2009092901593448
> Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009092901593448?Open&seg=ent



References

1) Release Notes for Symantec Endpoint Protection and Symantec Network Access Control, version 11, Release Update 5

ftp://ftp.symantec.com/public/english_us_canada/products/symantec_endpoint_protection/11.0/manuals/ru5/Release_Notes_for_Symantec_Endpoint_Protection_11_0_5.pdf

2) How to: Setup a Group Update Provider (GUP)

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/39e094426b9d082588257456006d4ac6?OpenDocument

3) Best practices for Group Update Provider (GUP)

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/230d1cf8e23d01e2882574a90062d485?OpenDocument




Legacy ID



2009092821543448


Article URL http://www.symantec.com/docs/TECH96417


Terms of use for this information are found in Legal Notices