Video Screencast Help

Confusion between "Last content download date" and "Virus Definitions date" ?

Created: 09 Jul 2012 | 3 comments

As I login console in SEPM 12.1, I find the date of "Last content download" that is as same as today. However, when I click on "Clients" to view the status of the clients, the date of virus definitions is the old date (1 or 2 days before). I wonder if anything is wrong. Searching around. Finally, find that there are different date for different definitions in Symantec website. 

Q1 : The main point is that I cannot realize if the displayed date of virus definitions is up-today or not.

Q2 : In the "Clients" view / panel, we never know what is the date of current virus definitions. In 10.x version, it is easy to view the virus definition version in parent and in client so that it is also easy to realize all client get the last version of virus defintion.

Comments 3 CommentsJump to latest comment

Mithun Sanghavi's picture

Hello,

Q1 : The main point is that I cannot realize if the displayed date of virus definitions is up-today or not.

In your case, since all the clients are Managed clients, these clients take updates from the SEPM.

Check the SEPM, if the downloads are up to date by following steps 

1) SEPM >> HOME>> Windows Definitions dates shows >> "Latest from Symantec" and "Latest on manager"... these both dates have to be the same.

If they are same, then your SEPM is updated.

2) Check the SEPM Liveupdate Downloads

SEPM >> Admin >> System >> Highlight server and click on "Show Liveupdate Downloads"

3) Check this Symantec Website to verify if the updates are Latest:

http://www.symantec.com/security_response/definitions.jsp

Q2 : In the "Clients" view / panel, we never know what is the date of current virus definitions. In 10.x version, it is easy to view the virus definition version in parent and in client so that it is also easy to realize all client get the last version of virus defintion.

As an Administrator, you may check the Graphical Endpoint Protection status on the Home page, and if you see any "out-of-date" clients simply click on it and it would provide you the report with the list of clients.

Whereas, in the clients view panel, change the View to "Protection Technology" and you would see the Virus definitions dates of each component.

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Dickson's picture

Thanks for your help.

Let me show the virus definition / download time in my SEPM first. I use "PUSH" mode to deliver contents.

1) SEPM >> HOME>> Windows Definitions dates shows

Windows Definitions  
Latest from Symantec: 17/07/2012 r18
Latest on Manager: 17/07/2012 r4

   The "Windows Definition" in Endpoint Status view is the same date with different release that is ok. And no any out-of-date.  All clients are in Up-to-date with Green color.

 

2) SEPM >> client>> click on my group to show the client status

Name                                              Virus Definitions

serv 1 Online Administrator 18 July 2012 10:06 07/16/2012 r2 xxxx-07/06/2012 08:58:19 765 18 July 2012 01:40 Enabled Not Installed No  
serv 2 Online Administrator 18 July 2012 10:02 07/16/2012 r2 xxxx-07/06/2012 08:58:19 765 18 July 2012 01:19 Enabled Not Installed No  

 

3) SEPM >> Admin >> Local Site >> Highlight server and click on "Show Liveupdate Downloads"

TruScan proactive threat scan commercial application list Win32 11.0 07/17/2012 r2 18 July 2012 00:40:14 CST
TruScan proactive threat scan commercial application list Win64 11.0 07/17/2012 r2 18 July 2012 00:40:02 CST
Virus and Spyware definitions Win32 12.1 07/17/2012 r4 18 July 2012 08:45:09 CST
Virus and Spyware definitions Win64 12.1 07/17/2012 r4 18 July 2012 08:43:09 CST

 

From the point 2 and point 3, the time of "virus definition" are different but Endpoint status and client table view show that they are OK . That causes me to wonder if the virus definition is not up-to-date. The mis-matched definition make me worry about it.

Chetan Savade's picture

Hi Dickson,

As per given information we can see 1 day definitions difference between manager and clients.

SEPM 12.1 comes with pre-defined notifications.

Virus definitions out of date condition is set to " 3 computers with virus definitions older than 7 days". That's the reason you have been not notified.

If you wish you can configure notification as per business requirement.

I hope it helps.

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<