Screencasts - Hilfsvideos
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

A Tool for Remote Deployment of AntiVirus/Antispyware, IPS and IDS Definitions

Created: 09 März 2011 • Aktualisiert: 15 März 2011 | 10 Kommentare
das Bild der Mithun Sanghavis
27 Zustimmen
1 Nicht zustimmen
+26 28 Stimmen
Bitte loggen Sie sich ein, um abzustimmen

Hello,

Sometimes many computers on the network are not updating AntiVirus / Antispyware, IPS and IDS Definitions, in these cases, it becomes difficult to go to each Machine and Either Run an Intelligent Updater OR Run a Rx4DefsSEP Utility locally on the machines to get the definitions updated.

We found that there is an Article TECH104779 in regards to "How to deploy the Symantec Endpoint Protection (SEP) client Release Update 5 or later with current virus definitions and intrusion prevention signatures", suggests long steps to perform to deploy the package with current virus definitions and intrusion prevention signatures.

I would suggest Symantec to create a Tool which could help deploy the AntiVirus / Antispyware, IPS and IDS Definitions remotely either via Symantec Endpoint Protection Manager server or from any computer.

1) Tool should not only Remote Install the Definitions but also Repair the Corrupt definitions, in case.

2) The Tool should also help a new User to Download the relevant .jdb file, and incase, if the new user does not know how to update the Symantec Endpoint Protection Manager should help with the same.

3) Tool can take all the relevant Data from Symantec Endpoint Protection Manager.

Kommentare KommentareZum neuesten Kommentar

das Bild der ed16s

I agree.  It's silly that we you create an install package today, it doesn't include the most recent defintions automatically.  Why wouldn't it?  Isn't this version 11 of the product?  You'd think it would be mature enough to start with the most recent definitions and continue to be able to update them remotely without issue.  Isn't that the bread and butter of an antivirus solution?

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der josh_symcs

You can include latest defs today, but is manual per the KB referenced. In 12.1 this is availble in the UI upon export of a client package. There is improved corrupt definition repair in 12.1 as well:

–Components unable to load their content can request content repair
–Content repair will attempt to reapply content either from SEPM or via LiveUpdate
–AV, BASH and CIDS plugins will request content repair if needed
–Occurs in the background without user interaction
-12.1 content is silo'd and not shared with other Symc prods
-more efficient LiveUpdate Engine, more efficient content updates, more reliable.
-add content upon package creation in UI
 
 
I highly suggest checking out the 12.1 beta as much of what is being asked here is in 12.1:
 
0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der shri1s

Yes, I agree what you are saying, there are so many thing they should considered.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Soi-Sois

I also agree to you Mr. Mithun. As per my experience, It is also additional points if you have a all-in-1 tools so that symantec will become more helpful and just like what peoples say "Users Friendly". Maybe In the near future this tool will be discover by them. It will make our work easy.

 Soi    Soi    Soi    Soi                &nbsp

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der roger2011s

iam experiencing the same issue as well, any update on this tool?

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der cus000s

Is this fixed in SEP 12.1?

Seems happening in RU6 MP2

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Elishas

This tool is not needed with SEP 12.1 since you can add the latest defintions to a package directly using the SEPM console.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der cus000s

Hi Elisha,

You mean we can remotely fix corrupt definition via console in 12.1 ?

Thanks.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Elishas

No, SEPM cannot remotely fix corrupt defs.  But SEPM can push packages with the latest defs so you don't need to update the packages manually.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Mick2009s

Good news for supporters of this proposed enhancement request!

SONAR and IPS Intelligent updater (IU) are now available on :

http://www.symantec.com/security_response/definitions.jsp

NOTE: These SONAR and IPS Intelligent updater are only for SEP 12.1 RU3.

For more infromation, please see Latest Symantec Endpoint Protection Released - SEP 12.1.RU3

With thanks and best regards,

Mick

0
Bitte loggen Sie sich ein, um abzustimmen