"Thumbs Up" to James above. The GUP cache moved around a bit in v12.1.
As far as your remote clients go, I'm afraid it's not quite that simple. The process of updating is all initiated by the SEP Client, rather than the GUP itself. What this means with your GUP -> SEPM traffic restrictions, is that:
- SEPM will update during the day as normal
- SEP Client will check in and be told to download a def
- SEP Client will ask GUP for it
- GUP Cannot download it, and will retry
- Out of hours, the GUP finally suceeds in downloading the earlier requested content
- Out of hours, the SEP Client that originally requested the content downloads from the GUP
The only real issue here is if the SEP Client (that originally requested the defs) will even be online out of hours. If not, then when it's switched on the next day, it will request a different set of defs as the SEPM will have updated again by then. This will also fail to get down to the client if it's off out of hours, and so on and so on.
Not to mention that such a traffic restriction also prevent the GUP itself from updating during office hours.
Have you ever considered using the bandwidth throttling options to allow the GUP to download and cache content during the day, but ensure it doesn't severely impact the line?
Another option would be to use the LUA to push to a Distribution Centre (DC) on that remote site out of hours, and point the clients in the remote site to the DC for updates. This should ensure they avoid the above described loop of never updating.