Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Security Community Blog

Configuring Modifying Changing Liveupdate on SEP 11.x

Created: 22 Aug 2012 • Updated: 18 Sep 2012 • 1 comment
ABN's picture
0 0 Votes
Login to vote

Hello Gents,

We normally do come across the scenario of Live update affecting our ususal work of, being a Symantec administrator. Scenarios like

  1. Clients do not have the ability to launch liveupate even though policy is been set to do so. Or vice versa.
  1. Low disk space causing SEP not to update on critical serves. Definition is stored only on the OS drive were space is a major concern.

 

By default the SEP definitions will be stored in the Operating System drive even if we install it in a different partition.

With the following process we can configure the Liveupdate settings, the number of revision that is kept on the SEP (client) and also change the location on where it is stored.

 

I )   To enable Liveupdate on the SEP.

    From SEPM:

    http://www.symantec.com/docs/TECH105653

 

     From Client computer:

     HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate

     To enable live update "AllowManualLiveUpdate" - Value 1 to enable 0 to disable.

     To enable Scheduling Liveupdate "AllowLocalScheduleChange" - Value 1 to enable 0 to disable.

 

II )   To reduce the number of revision stored:

      Modify the following registry to the desired value. The value should not be lower than 2. You can reduce ~600+MB there.

 

  • Go to the following Registry key. 
  • For 32 bit Operating system.

       HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint Protection\Content\{{C60DC234-65F9-4674-94AE-62158EFCA433} 

  • For 64 bit Operating system

        HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint Protection\Content\{1CD85198-26C6-4bac-8C72-5D34B025DE35}

 

  • Locate the CacheEntriesEx and double click on the key
  • Change the CacheEntriesEx key to the desired value (default is 3) .

 

III )     To modify the location where definitions are stored.

        Modify the following registry data value to the desired location.

 

  • For 32 bit Operating system:

         HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps\ AVENGEDEFS=”DATA”

         By default it will be “C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1”

  • For 64 bit Operating system:

         HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432\Symantec\InstalledApps\ AVENGEDEFS=”DATA”

         By default it will be “C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1”

 

** Note** The settings will take effect the next time update is initiated. For self-managed on the next  liveupdate schedule and for managed on the next content update.

 

Comments 1 CommentJump to latest comment

Srikanth_Subra's picture

Hi,

Can it be possibel to post the settings for SEP 12.x scenario?

Thanks & Regards,

 Srikanth.S

"Defeat the Defeat before the Defeat Defeats you"
(Swami Vivekananda)

+3
Login to vote