Video Screencast Help

Current defintion size?

Created: 26 Sep 2012 • Updated: 07 Oct 2012 | 9 comments
This issue has been solved. See solution.

When any defintion has been download by SEPM Server, What the size of that definition?

Is it in KB/MB/GB?

Pls reply.

Comments 9 CommentsJump to latest comment

Mithun Sanghavi's picture

Hello,

What are the sizes of the various packages that are sent between the Symantec Endpoint Protection client and manager?

The following are estimates of the size of packages that are sent between the Symantec Endpoint Protection client and manager:

Heartbeat (with no updates to be exchanged) - When there is no traffic to be exchanged (i.e. no profile to download and no logs to update) then the heartbeat is between 2 KB/s and 3 KB/s.

Policies (i.e. AV/AS, Firewall, OS Protection, Host Integrity) - Typically varies between 20 KB and 80 KB, but can increase if detailed rules are included, or OS protection templates are used. Generally, after you set your policies to suit your network needs, you do not modify them on a regular basis.

IPS Signature Updates - Files range between 50 KB and 100 KB. Symantec supplies updates approximately every quarter unless a specific threat or vulnerability needs to be addressed.

AV Signatures - 50 KB to 100 KB daily for clients, if you assume that the signatures are updated successfully every day.
Logs - Logs are compressed at the client before they are uploaded to the Symantec Endpoint Protection Manager.

Approximately, 800 log entries take up 1KB of file space.

Reference: http://www.symantec.com/docs/TECH102211

https://www-secure.symantec.com/connect/forums/daily-definition-size

Secondly, The Virusdef folder for Symantec Endpoint v12.1 would be under following Locations: -

Win XP - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Definitions\VirusDefs

Win 7 - C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Definitions\VirusDefs

Server 2003 - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Definitions\VirusDefs

Server 2008/R2 - C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Definitions\VirusDefs

Secondly, In reference to the Question "approx. size for the Symantec Endpoint v12.1 Virus Defs folder", check this Article:

Drive Space used by Virus Definitions Updates

http://www.symantec.com/docs/TECH141811

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

visible_sol's picture

Is their any tool available which can able to monitoring the same. Actually I have set the defintion uploading at non peak hour. My boss required to confirm the actual size. As the above commented it not able to find easliy.

So request you pls send anyo the link or detail

 

Mithun Sanghavi's picture

Hello,

There is no tool which specifies te download of definitions on SEPM, however incase, you need to check the  GUP updates, then you check the SEP Content Distributor Monitor Tool - 

SEP Content Distribution Monitor / GUP monitoring tool. http://www.symantec.com/docs/TECH156558

and 

Incase you want to check the size of virus definition that user's computer update from SEPM ?

then check this Thread: 

http://community.spiceworks.com/topic/255289-how-to-check-the-size-of-virus-definition-daily

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

visible_sol's picture

Hi Mithun

I have read the attach link and as per your attched link defintion size is approx 80 MB

http://community.spiceworks.com/topic/255289-how-to-check-the-size-of-virus-definition-daily

So why manually patch(.jdb) size is approx 200 MB.

any idea..

Mithun Sanghavi's picture

Hello,

.JDB consists of Full Updates for the SEPM and SEP clients. This *.jdb file can be used to update the virus definitions for SEPM.

Please note that the .jdb file only contains antivirus/antispyware definitions and will not provide updated content for the firewall and other features for the Symantec Endpoint Protection (SEP) clients.

Use the .jdb certified definitions or the .jdb Rapid Release definitions to update SEPM content.

Once these updates are installed on the SEPM, it would then send down the delta's to it's SEP clients.

You could also check this Thread where Paul explains more on Delta definitions and Full Definitions: 

https://www-secure.symantec.com/connect/forums/endpoint-protection-11-definition-update-size

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
Ashish-Sharma's picture

you can enable the sylink log on client to know the size of definition downloaded.

Thanks In Advance

Ashish Sharma

 

 

Rafeeq's picture

There is no easy way to find out how much its downloading

coz everyday symantec would relase updates based on number of variants.

Here is the link to enable sylink

http://www.symantec.com/business/support/index?page=content&id=TECH104758