Good Day,

I have never used Location Awareness before, but I went through an article from Symantec with the steps on  How to configure mobile computers to automatically download virus definitions when disconnected from the Symantec Endpoint Protection Management console.

This is exaclty what I want to do for Laptops,problem is where or how do I point these machines to update from LiveUpdate automatically. I've selected the criteria but how do the machines know what to do.

1. When these machines are connected to the network, I want them to dowload updates from GUP and bypass GUP after 3 days and point to SEPM. This is already configured and Im happy with it.

2 .When they are disconnected from the network I want them to download updates from LiveUpdate which is the internet.

How do I point them to LiveUpdate using Location Awareness or this is not possible?

Thank you

you need to create LU policy and apply for the location when out of network.

The LU policy will get the updates from Symantec LU.

How to configure mobile computers to automatically download virus definitions when disconnected from the SEPM

http://www.symantec.com/business/support/index?page=content&id=TECH104571&locale=en_US

Possible. You just need to create location specific policy as per the document you mentioned above

once that done

create a new Liveupdate policy, uncheck Management server and use symantec liveupdate server, put a schedule and assign this policy to your new location what you created. 

Your old LU policy will be the way it was, new will go out to internet for defs.

How to configure mobile computers to automatically download virus definitions when disconnected from the Symantec Endpoint Protection Management console

http://www.symantec.com/business/support/index?page=content&id=TECH104571

How to assign your custom LiveUpdate policy to this location:

1. In the "Location-specific Policies" section for your new location, click the Tasks link for the "LiveUpdate Settings Policy", and then click Replace Policy.
2. Select the desired new policy from the drop down menu.
3. Click OK to complete the process. Your new policy appears under "Location-specific Policies."

Hi,

Yes it is very much possible. Two things you have to do.

1.       Create two location aka ,  Office and roaming, along with the switching condition to switch .

2.       Create a live update policy to update from Symantec live update server , apply this policy on clients where ever the location is created.

Test it and rolled it out

Regards

Ajin

Thank you guys for all your prompt responses.

Following your instructions I was able to assgn the Live Update Policy to the new location. Now my second questions is.

How often will the SEP client check if the condition has been met?

How will it know if the condition has been met?

• For example with GUP you specify how many times the sep client should contact a GUP before it can bypass it.

Now with Location Awareness where do you configure this or How does it work.

Hope I am making sense?

Thank you 

Hi,

Thank you for posting in Symantec community & your question is a valid question.

Q. How often will the SEP client check if the condition has been met?

--> It should not take more than 10 seconds to switch the locations when the condition is met.

I am not able to find where it's written how much does it take to switch the location however following articles are very helpful to understand how it works.

Location Awareness Logic

http://www.symantec.com/business/support/index?page=content&id=TECH97097

Best Practices for Symantec Endpoint Protection Location Awareness

http://www.symantec.com/business/support/index?page=content&id=TECH98211

Q. Now with Location Awareness where do you configure this or How does it work.

--> When you configure Location Awareness then you do configure conditions as well, as soon as condition is met it will switch the location.

Above attached articles can help you to clear this doubt.

Client will communciate with SEPM using heart beat intervals. Push mode or pull mode. Since you have created a location policy stating " cannot connect to manager" , if your heartbeat interval is 10mins, it will try to contact SEPM every 10mins, if it does not connect. it will switch the location. It will continue to be in this location until its able to connect to sepm again.

Location awareness logic document explains it all

Hello,

In your case, you may like to check these Articles:

Configuring mobile computers to automatically download definitions when disconnected from the Symantec Endpoint Protection 12.1 Management console

http://www.symantec.com/docs/TECH177361

Location Awareness Logic

http://www.symantec.com/business/support/index?page=content&id=TECH97097

Best Practices for Symantec Endpoint Protection Location Awareness

http://www.symantec.com/business/support/index?page=content&id=TECH98211

More about Location Awareness in Symantec Endpoint Protection (SEP)

http://www.symantec.com/docs/TECH97369

Location Awareness using Multiple Management Server Lists

https://www-secure.symantec.com/connect/articles/location-awareness-using-multiple-management-server-lists

How To Optimize Endpoint Protection for Branch Offices using GUPs, Load Balancing, and Location Awareness

http://www.symantec.com/docs/TECH94122

Hope that helps!!