I am trying to find the best way to report on the Symantec Endpoint Definitions (SEP 11 & SEP 12) in Microsoft System Center Configuration Manager. I am also looking for the best way to remotely determine the definitions date for a SEP client by querying a remote PC directly.
I found this article, but it seems to apply to SEP 10, and the registry key specified doesn't exist on my SEP 11 nor SEP 12 clients.
I have written a VB.NET application that allows me to query a remote PC and examine the DEFINFO.DAT file (C:\Program Files\Common Files\Symantec Shared\VirusDefs\definfo.dat or C:\ProgramData\Symantec\Definitions\VirusDefs\definfo.dat), and then extract the DAT version from the CURDEFS= value. But I am hoping to find this information in WMI or the Windows Registry so that I can query it more efficiently. I am also querying the WMI Classes \root\SecurityCenter and root\SecurityCenter2 but have had no success determining the DAT signature from there.
Also, the ability to report on this information in ConfigMgr would be extremely beneficial and would supplement existing reporting from the SEP console. It would also have the added benefit of allowing me to run advertisements based on a collection of computers that have out of date virus definitions.