Group Update Provider on an isolated network
I have a network of about 30 computers that for security reasons is completely isolated from the Internet and the rest of my network. We would like to install SEP on all the workstations and use one of the workstations as a Group Update Provider. We would like to manually install updates to this computer and have the Group Update Provider distribute the updates to the other workstations.
My question is how do I build the name or IP address of the Group Update Provider into the install package? These workstations will never talk to the SEPM server so even if I placed them in a group that had the Group Update Provider assigned to it that information could never be communicated to the workstation. It all must be built into the install package.
I understand that there is little threat of problems on an isolated network. SEP is just a precaution.
Comments
The GUP takes the update from
The GUP takes the update from SEPM. If there is no SEPM in the network then there is no GUP.
We cannot add settings in the package for the GUP.
Also if the Client will not talk to SEPM how will it get the policy to take the update from GUP.
The best in this case would be to use a Internal Liveupdate sever or LUA
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
Group update provider cannot
Group update provider cannot distribute client updates ( install packages)
both these dieas already in -review you can vote them so that they get reviewed faster.
https://www-secure.symantec.com/connect/idea/allow-product-updates-be-distributed-group-update-provider
https://www-secure.symantec.com/connect/idea/if-gup-could-handle-product-updates-aswell
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
I don't need to install from
I don't need to install from the GUP I would install the client manually. My hope is the GUP could distribute updates if the updates were loaded manually onto the GUP.
My question is could I build an install package on the SEPM that I would manually install on the clients that would include information about the GUP (on the server list?). Then the clients would check the GUP for updates especially if they can't reach the SEPM.
Yes , that is possible. We
Yes , that is possible. We can first create the policy accordingly, then craete a package for the group for which we have the Policy configured.
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
Why not install SEPM on one
Why not install SEPM on one of the clients so you can manually update the definitions on the SEPM (and point all of your clients to the SEPM)? This would also give you more control over the policies set for the clients.
Would you need an additional
Would you need an additional license to install another instance of SEPM?
No, you don't need addtional
No, you don't need addtional license to install a new SEPM
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
I believe their licensing is
I believe their licensing is per seat (client) and not per server.
Thanks great help
Thanks great help
Would you like to reply?
Login or Register to post your comment.