Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Client behaviour if GUP on different subnet

Updated: 21 May 2010 | 2 comments
zer0's picture
zer0
0 0 Votes
Login to vote
This issue has been solved. See solution.

I have a massive SEP deployment that has just started and whilst I love the new GUP wildcard rules, however I need to understand what happens in the following scenario.

GUP1 - 10.0.0.1
GUP2 - 10.0.10.1

SEPClient1 - 10.0.0.5
SEPClient2 - 10.0.20.5

If SEPClient1 is configured to use a GUP it is supposed to check its subnet and then use GUP1
If it is moved to the 10.0.10.x subnet it would then use GUP2

But what happens with SEPClient2?
It is configured to use a GUP but when it checks the list it does not find a GUP on its own subnet.

Does it just randomly choose a GUP from the master list?
Does it try to find one close?
Does it default back to the SEPM?
Is there a way to force GUP choice based on anything but class C subnets?

I can use the setting that allows clients to go around the GUP but due to bandwidth reasons it is obviously better if you can ensure clients always connect to a GUP on their own network segments/site.

Any help appreciated...otherwise I am off to the test lab

Z

discussion Filed Under:
, , ,

Comments

zer0's picture
26
Nov
2009
0 Votes 0
Login to vote
zer0

The globallist.xml only reads

Think I just found the answer in - http://service1.symantec.com/support/ent-security....

The client applies a “Network Subnet Match” filter to the IP address information in the GUP list.
This filter is constructed using each of the clients network interfaces to compare subnet masks.
Any GUPs with a subnet mask matching the clients are placed in a new local GUP list created by the client.

Note: The local GUP list is in ascending order which means that a predefined GUP will always be last on the list, preventing unnecessary WAN traffic.

SOLUTION
Rafeeq's picture
26
Nov
2009
1 Vote +1
Login to vote
Rafeeq

Hi

There has been some changes with respect to Gup in MU5 and earlier versions.  These documents should answer your questions.

Symantec Endpoint Protection 11.0 Group Update Provider (GUP)

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007092720522748

Best practices for Group Update Provider (GUP) from Symantec Endpoint Protection MR3 or earlier builds

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/230d1cf8e23d01e2882574a90062d485?OpenDocument

How to locate the Group Update Provider (GUP) list in Symantec Endpoint Protection 11.0 RU5

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/e2a2e95e4701749f882576390060bd1c?OpenDocument

Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,830