Video Screencast Help

Getting a list of all machines attempting to download from SEPM

Created: 31 Jan 2014 • Updated: 31 Jan 2014 | 6 comments

Hello,

A while back, during a network latency outage,  we blocked any machine trying to download from sepm using the block all in httpd.conf .  Since then we have reorganized our SEPM into folders with its own GUPs and slowly added the GUP IP addresses in the apache httpd.conf via allow from IP addresses such as Allow from 10.1.10.x etc. each line for each gup, then the last line said block all.  We are at a point now where we want to remove this restriction completely in the apache config and go back to way things were. 

However, before this can happen, I would like to be certain that only machines marked as GUP are downloading from SEPM and nothing else.  Hence, Is there a way to pull a report of all machines attempting to download from SEPM?  I would like to export this in excel and confirm that these machines are valid and marked as GUPs

 

Thanks.

 

 

 

Operating Systems:

Comments 6 CommentsJump to latest comment

.Brian's picture

You should be able to do this using the advanced filtering options. See this article:

https://www-secure.symantec.com/connect/articles/s...

You should be able to use the keyword "SYLINK" to filter

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Adamster's picture

i am curious though, is there a way to say in the httpd.conf to only allow traffic if the machine is marked as a gup?

.Brian's picture

Not really sure as I don't edit it

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Adamster's picture

ok if I pull a report by Sylink, will it only show my GUP traffic or any machine that is trying to download from SEPM?

.Brian's picture

Any machine but you can filter for only your GUPs

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Tony K.'s picture

Here's the problem with that idea - The SEPM is not only responsible for clients' content...but their policies as well

 

If you restrict all machines from access of the SEPM except for GUPs - well the client machines will never know that new content is/will be available, they will never be able to receive their policy updates, nor will they be able to upload their logs. Simply tweaking and playing with the Apache config files are not the right option here.

 

If your SEPM and SEP clients are running version 12.1 RU2 or newer - then the answer is explicit group update providers is what you are looking for. Make sure that all of your clients are told under the GUP provider settings that if content fails to download from the GUP to the clients, that they will never go to the SEPM (you can use an alternative [such as a LiveUpdate Adminstrator -where you can limit the bandwidth and it can build micro-defs; or Symantec LU servers [if your external bandwidth is non-issue]. 

 

With the changes in 12.1 RU2 and overall improvements since then, all of your GUPs can be placed onto a single LU policy or over 2-3 policies and use location tagging to accomplish which LU policy to use (SEPM local, Remote Site, Off-site/Outside Network options are the three I use often)

 

How many clients are we working with, how many sites, approx how many clients at these sites, how many GUPs at each location, what other requirements are you holding, what are the communication settings for clients to the server? There might be a much more efficient way of doing all of this here