Troubleshooting LiveUpdate Issues with Symantec Endpoint protection
Question/Issue: Troubleshooting liveupdate issues
Symptoms: Virus Definitions not updating
This document will help you to understand in which direction you need to troubleshoot.
You can refer to the flowchart below to isolate the issue you are facing. There are explanatory points at the bottom of the document to elaborate a bit more on that subject.
Troubleshoot Communication issue:
1. Make sure that you are able to browse to the websites below:
2. Make sure that the perimeter firewall has exceptions for the websites above
3. Run a packet capture and contact support for analysis
Check Connectivity between SEP & SEPM:
1. Do a Secars test to Test Connectivity between SEP and SEPM
Testing Communication from an Endpoint Protection client to the Endpoint Protection Manager
[ http://service1.symantec.com/support/ent-security.... ]
2. Get the sylinkmonitor logs to check the communication for any errors
SylinkWatcher and SylinkMonitor - tools for real-time debugging of SPA 5.x and SEP 11.x
Remove corrupt definitions
1. How to clear out corrupted definitions for a Symantec Endpoint Protection Client [ http://service1.symantec.com/support/ent-security.... ]
Check if SEPM has Latest Definitions:
1. Open SEPM->Admin->Servers->Local Site
2. Show Liveupdate Downloads
3. Make sure that the date for 32 bit and 64 Definitions for ‘Virus & Spyware Definitions’ is up-to-date.