Video Screencast Help

client not receiving virus definition

Created: 03 Jul 2013 • Updated: 22 Oct 2013 | 13 comments
This issue has been solved. See solution.

I am using SEP 11.0 and the virus definition isnt updating. The clients would not inherite the policies I set up from the SEPM. If I want to update a client, I have to do it manually.  Please advise on how I can resolve this issue so all the client would inherit the live update policies. Thanks in advance.

Operating Systems:

Comments 13 CommentsJump to latest comment

.Brian's picture

Have you tried running a repair on the client? if it will not take the latest policy than perhaps it may be corrupted.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Sumit G's picture

How many clients have not updated with definition?

Regards

Sumit G.

khoagk's picture

about 50+ client  have not updated with definition. when send out update command. only a certain amount clients receive the updates and the rest would still have the old definition.

.Brian's picture

Are you sure the policy has been applied to the group correctly?

You can enable sylink logging to see what is going on

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Sumit G's picture

Client definition may be corrupted. Try to clear the definition of one client.

How to clear out definitions for a Symantec Endpoint Protection 12.1 client manually

 

Article:HOWTO59193  |  Created: 2011-09-08  |  Updated: 2013-06-24  |  Article URL http://www.symantec.com/docs/HOWTO59193

 

How to determine if virus definitions of Symantec Endpoint Protection client (SEP) 11 or 12 Small Business Edition, are corrupted
Article:TECH97677  |  Created: 2009-01-23  |  Updated: 2012-07-02  |  Article URL http://www.symantec.com/docs/TECH97677
 
 
 
Edit###
Fir 11.x client follow the below article
How to clear out corrupted definitions for a Symantec Endpoint Protection client manually
Article:TECH103176  |  Created: 2007-01-31  |  Updated: 2012-03-29  |  Article URL http://www.symantec.com/docs/TECH103176

 Blog

https://www-secure.symantec.com/connect/blogs/troubleshooting-articles-repairing-corrupted-definition

Regards

Sumit G.

AjinBabu's picture

HI, 

Agree with Sumit comments.

The virus definitions may be got corrupted that may the reason for not updating and also check the disk space for updating the virus definitions.

Hope that communication between SEPM and client is perfect.

Note: Since you are using the older versions of SEP it is highly recommended to upgrade to newer versions.

Regards

Ajin

Chetan Savade's picture

Hi,

Thank you for posting in Symantec community.

I would be glad to answer your query.

Try the following steps:

1) Make sure inheritence is check marked.

2) Create a new policy and assign it to the group and compare policy serial number

3) How to clear corrupt Virus Definitions from SEPM: https://www-secure.symantec.com/connect/articles/how-clear-corrupt-virus-definitions-sepm

4) Troubleshooting Symantec Protection Center communication problems

http://www.symantec.com/docs/TECH95789

http://www.symantec.com/docs/TECH92268

 

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

SameerU's picture

Hi

Please check the following

1. Telnet the port 80 / 8014 the communication port.

2. If GUP configured check port 2967 is opened bi-directionally

3. Check the space at the clients

4. Try repairing of the clients

Regards

 

Mithun Sanghavi's picture

Hello,

What version of SEP 11.0 are you running?

Make sure you are running the Latest version of SEP 11.0.7300

Are all the client communicating to the SEP Manager?? 

Make sure these clients have good Disk space.

If these client are communicating, you could collect the sylink.log from any random client machine which is not updating the policies and upload it to us. The Sylink.log would provide us the root cause of the issue. Check the article below on how to collect the sylink.log -

How to enable Sylink debugging for the Symantec Endpoint Protection 11.x and 12.1 client in the Windows Registry

http://www.symantec.com/docs/TECH104758

Here are few Troubleshooting Articles which may assist you with SEP 11.x

1) Symantec Endpoint Protection Manager 11.x Communication Troubleshooting

http://www.symantec.com/docs/TECH102681

2) Symantec Endpoint Protection: LiveUpdate Troubleshooting Flowchart

http://www.symantec.com/docs/TECH95790

3) Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity

http://www.symantec.com/docs/TECH105894

4) LiveUpdate and content troubleshooting for the Symantec Endpoint Protection Manager

http://www.symantec.com/docs/TECH105924

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
AjinBabu's picture

Hi, 

is client is able to communicate with SEPM ?

And what is the disk space available on the systems?

Have you tried to repair the SEP client?

Regards

Ajin

khoagk's picture

Thanks for the help guys. SEPM was able to update the definition after I delete the old policy and deploy a new policy. everything is up to date. Once again, thanks for your help. much appriciated.

SameerU's picture

Hi

Please mark as a solution which ever you think is right

Regards