Hello,
This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM).
NOTE: This steps below are applicable to both SEP 11.x and SEP 12.1 products.
HEARTBEAT PROCESS
1. SEP client reads sylink.xml to determine first available SEPM according to priority. 2. SEP client connects to SEPM.
3. SEP client performs an HTTP GET of index.dat from the SEPM and compares it against the client copy for any deltas.
4. SEP client performs an HTTP GET request to obtain URLs to download files.
5. SEP client uploads log files to SEPM. 6. SEP client uploads LAN sensors and learned application logs to SEPM. 7. SEP client disconnects from SEPM.
HEARTBEAT SIZE
When there are no new client-side logs to upload to the management server, or policy or content to download from the server, the size of the Symantec Endpoint Protection client heartbeat is between 3KB and 5KB. When all client protection technologies are enabled and the maximum level of client logging is enabled (with the exception of packet-level firewall logging, which is not recommended in production environments), the size of a typical heartbeat is between 200 KB and 300 KB.
Nice and very informative..Thanks for sharing :)
Grt article sir...!!!
Nice One
Regards
Ajin
Users following this Article may also be interested in this Article:
About Accelerated Heartbeat in Symantec Endpoint Protection (SEP) Clients.
http://www.symantec.com/docs/TECH93724
Hope that helps!!
I would suggest you to check this Thread (which you have asked):
https://www-secure.symantec.com/connect/forums/how-set-client-communication-time#comment-7846031
How to ste the communication time?
Wonderful Article
Thanks for sharing