Endpoint Protection

 View Only

  • 1.  Disable Live Update or Schedule

    Posted Mar 19, 2013 02:57 AM

    I have some machines for a lab that have deepfreeze on them.  I looked at the document that shows how to force a deepfreeze symantec update during a maintence window but the policy still applies updates at different times.  Is there any way to either disable live updates from the policy and use a scheduled command to update the policy, or configure a policy to only update during the maintence window?


     

    Does the "Use the default Symantec LiveUpdate Server" setting set the clients to update from Symantec on the web and thus causeing extra traffic?  In Update scheduling it looks like a Default Management server can not be used for scheduling updates.



  • 2.  RE: Disable Live Update or Schedule

    Posted Mar 19, 2013 03:21 AM

    "Use the default Symantec LiveUpdate Server" - it is indeed setting for clients connection to Symantec web servers.

    There is no way to disable the Liveupdate policy. IF you have the Use a liveupdate option selected (as on the screenshot) - you can set a specific scheduled for these downloads to happen...this is exactly the update scheduling you mentioned but it applies only to teh downloads from symantec servers. Updates from management server cannot be scheduled and are happening either according to heartbeat (pull mode) or whenever available (push mode).



  • 3.  RE: Disable Live Update or Schedule
    Best Answer

    Posted Mar 19, 2013 05:05 AM

    Here's a brief review of the options you have selected there:

    Use the default management server:
    This tells the client to grab definitions from the SEPM itself, and is governed by the heartbeat interval.  You cannot schedule this, it just checks for new defs from the SEPM every time it checks in.  The randomisation options normally configured around heartbeats make this doubly hard to predict.

    Use a LiveUpdate Server:
    Pointing this at "Use the default Symantec LiveUpdate server" does mean it will grab definitions over the internet and will generate more traffic than updating via the SEPM.  But, what the LiveUpdate server option gives you, is the ability to set a schedule for this update attempt, allowing you to set it well out-of-hours and potentially avoid the increased traffic from interferring with production performance.

    The "Use a LiveUpdate Server" option also allows you to use the LUA, an internal repository of definitions if you so wanted.



  • 4.  RE: Disable Live Update or Schedule

    Posted Mar 19, 2013 05:10 AM

    oh yeah, here're a few articles on Heartbeats, Randomisation Windows and the LUA:

    http://www.symantec.com/docs/TECH191617
    http://www.symantec.com/docs/HOWTO80889
     

    http://www.symantec.com/docs/TECH93409