Endpoint Protection

Hi 

I have a customer that wants to run SEP in a closed network, there is no internet connection even for the SEPM. They have suggested they want to manually collect signature updates and manually load on to the SEPM for distriubtion to clients, there is network connectivity between SEPM and clients.

Is anyone able to advise if this manual process is possibe?

Best,

Simon

Yes you can update virus defination manually

Use Intelligent Updater to update definitions for Endpoint Protection

https://support.symantec.com/en_US/article.TECH102606.html

https://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

yes,

the SEPM can be updated using JDB file and the client would be able to update the AV definition.

https://support.symantec.com/en_US/article.TECH102607.html

There are 2 options.

1) Settng up LUA (LiveUpdate Administrator) as mentioned in the below link. This involves a lot of data (in GB). This can be useful in a network where you have Windows as well as MAC. Also this will update all the definition (Not just AV, SONAR and IPS).

http://www.symantec.com/docs/TECH106254

2) Updating the SEPM using JDB files. Currently Symantec provides (3 seperate) JDB files to update the AV, SONAR and IPS components. This will only update machines with Windows OS. The size of the JDB files would be as follows:

AV : ~640 MB.
SONAR : ~ 4 MB
IPS : ~5 MB

SEP clients on MAC can be updated using the file at the following location (~1350 MB):

http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=nmc

If you don't setup a LUA, which will have Internet access then the only other way is to manually drop the JDB file.

Thanks for the feed back. My options are clear from having read the documents and comments/

Please mark the comments that answered your questions as solution.