Endpoint Protection

I have over 100 PCs with SEP client installed.  For the most part, probably 80% of the PCs, they update from the main (only) SEPM server.  I can't seem to get the other 20% to update automatically like the rest do.  I push the client out to the PCs from SEPM and it installs, but the client never goes out to retrieve its updated definitions.

Any help would be tremendously appreciated!

Frank

Hi can you try to view System Logs from the client PC under Client Management Logs?

Yes, I can view the Syslog.log file on the client.  This is what I see in the file repeatedly:

--- server address : depot Smc
0000007c 01c9c7b12a39f7cb 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7b12a3c5a25 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.
--- server address : depot Smc
0000007c 01c9c7b12ab5f213 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7b12ab5f213 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.
--- server address : depot Smc
0000007c 01c9c7b5f6e21007 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7b5f6e21007 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.
--- server address : depot Smc
0000007c 01c9c7b5f75ba7f5 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7b5f75ba7f5 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.
--- server address : depot Smc
0000007c 01c9c7bac37977cd 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7bac37977cd 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.
--- server address : depot Smc
0000007c 01c9c7bac3f30fbb 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7bac3f30fbb 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.
--- server address : depot Smc
0000007c 01c9c7bf8e5a2ee3 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7bf8e5a2ee3 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.
--- server address : depot Smc
0000007c 01c9c7bf8ed3c6d1 12070301 00000000 00000000 00000000 Connected to Symantec Endpoint Protection Manager depot Smc
00000099 01c9c7bf8ed3c6d1 12070304 00000000 00000000 00000000 Disconnected from Symantec Endpoint Protection Manager.

Hi,

Please check if those machines are connected to sepm. If you have installed SEPM with version MR3 or Higher, then

Please go to the Clients tab, highlight the group with all the clients

In the "View" drop down menu, choose, Protection Technology as the view type
The last column you see is the virus definitions
You can click on the column name and sort the clients according to theit definitions date

To check which clients dont have the latest policy,

In the "View" drop down menu, choose, Client Status as the view type
The last column you see is the Policy Serial Number
You can click on the column name and sort the clients according to theit definitions date

The last three digits must be the same on all the clients. You want to know the latest serial number, you can highlight the group and click on details. Check the last three digits in front of Policy Serial Number.

Hope this helps.

Regards,
Aniket Amdekar

What is liveupdate settings, ?

From the System Logs that you posted, I can't see the time when the sep client connected and disconnected. In my case usually, when a sep client connected, it will disconnect to sepm after 1 - 1.5 hours. In between are definitions are loaded.