Client Installation Package Intrusion Prevention Signatures latest version of SEP
http://service1.symantec.com/SUPPORT/ent-security....
I followed the instructions to create a package with latest defs using the link above, however these just update the Antivirus and Antispyware Protection Defs and Network Threat Protection Defs, and NOT the Proactvie Threat Protection Defs. How do I also deploy a client install package with the Current Proactive Threat Protection Defs? Thanks.
Here is the info from the link above..
Question/Issue:
How can I deploy a client installation package with current definitions and intrusion prevention signatures?
Cause:
Client installation packages are created with the original known-good definition set.
Solution:
Export a client installation package from the Symantec Endpoint Protection Manager (SEPM) then modify the definition and intrusion prevention signatures included with that package.
Gather current virus definitions and intrusion prevention signatures
1. Navigate to the current virus definitions within the Endpoint Manager content folder. The default path is:
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{C60DC234-65F9-4674-94AE-62158EFCA433}
2. Within the "{C60DC234-65F9-4674-94AE-62158EFCA433}" folder there will be several numbered folders. Open the newest of these folders.
To determine the age of the folders click View, then click Details. The newest folder will have the most recent Date Modified value.
3. Copy the file labeled "full.zip" and paste it to the desktop.
On the desktop, rename the copy from "full.zip" to "vdefhub.zip"
4. Navigate to the current intrusion prevention signatures within the Endpoint Manager content folder. The default path is:
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{D3769926-05B7-4ad1-9DCF-23051EEE78E3}
5. Within the "{D3769926-05B7-4ad1-9DCF-23051EEE78E3}" folder there will be several numbered folders. Open the newest of these folders.
To determine the age of the folders click View, then click Details. The newest folder will have the most recent Date Modified value.
6. Copy the file labeled "full.zip" and paste it to the desktop.
On the desktop, rename the copy from "full.zip" to "IPSDef.zip"
Comments
Check if the manager has the defs
Check if the manager has the latest defs inside the content folder
what date do u see.
I would like to mention here is unlike Antivirus and Antispyware
Intrustion will not be of every day defs , they wont be updated everyday.
they are updated when new ones arrive.
hope this helps
Rafeeq
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Interesting
I noticed the kb article is now gone. I wonder what happened to it, and why was it deleted? I still am wondering how to include the PTP defs with the package.
To answer your questions:
Hi,
I would have answered sooner, but I wanted to make sure the info I found for you was accurate. To answer your questions:
-The document was removed because the steps it contains can cause issues if auto-upgrade is used to migrate the installed client to a later version of SEP, and
-The SEP client installer does not include PTP definitions, nor does it attempt to find any PTP definitions in the install files. It is not possible to update a client install package to install current PTP definitions. They must be downloaded post-install.
Thanks,
Sandra
Symantec Endpoint & Mobility Group / Information Development
Don't forget to mark your thread as 'solved' with the answer that best helped you!
Install package with current PTP defs
I hope a future SEP version will allow one to do this. Thanks so much for your reply Sandra!
help..
Hi...
The article is not available any more, do you have the complite information of how to create installation package with the last vius definitions???
Regards,
NTC
Would you like to reply?
Login or Register to post your comment.