Video Screencast Help

GUP Symantec endpoint protection

Created: 01 Jul 2013 • Updated: 02 Jul 2013 | 7 comments

Hello people, i have any question about GUP, someone could you help me?
 

What are the possible functionalities in a GUP?
 
In an environment with gup in the locality, where the average traffic from one station to the manager?
 
What are the prerequisites for a machine GUP?

Thanks 

Operating Systems:

Comments 7 CommentsJump to latest comment

.Brian's picture

The GUP will provide content updates for the clients.

If all clients are getting content updates from the GUP than clients will only check in to the SEPm to upload logs, update, policy etc. Traffic will be greatly reduced to the SEPM if using a GUP for content updates

Any machine with a SEP client can be a GUP.

 

Using Group Update Providers to distribute content to clients

Article:HOWTO80959  |  Created: 2012-10-24  |  Updated: 2013-06-06  |  Article URL http://www.symantec.com/docs/HOWTO80959

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

Have a look at some documentation:

Configuring the Group Update Provider (GUP) in Symantec Endpoint Protection 11.0 RU5 and later

Article:TECH96419  |  Created: 2009-01-28  |  Updated: 2012-04-23  |  Article URL http://www.symantec.com/docs/TECH96419

Best Practices and Troubleshooting for Group Update Providers

https://www-secure.symantec.com/connect/blogs/best...

 

To answer your questions:

- What are the possible functionalities in a GUP?
 
A: GUP provides SEP clients with content updates (definitions) - is recommended in low bandwith environments or environments split in several remotely located sites where direct clients connection to SEPM is either difficult or limited
 
- In an environment with gup in the locality, where the average traffic from one station to the manager?
 
A: Traffic to GUP from SEP clients occurs  in local subnet. Traffic going from GUP to SEPM (this is the way GUP receives updates to distribute them later on to clients) can be limited from Liveupdate policy assigned to GUP - depending on the needs (have a look at first of the above articles that describes how to set it up). With GUP in place the direct traffic from other clients going to SEPM is hugely limited - mostly policy updates and logs uploads, no content downloads.

- What are the prerequisites for a machine GUP?

A: GUP can be any SEP client that has a conneection to SEPM. Only pre-requirement will be some space on the drive to store the updates for distribution - the amnount of space reserved for that can be as well set in the Liveupdate Policy

AjinBabu's picture

HI, 

Group Update Provider

You use the Group Update Provider dialog box to configure the Group Update Provider settings.

The Group Update Provider gets content updates from the Symantec Endpoint Protection Manager and locally distributes the updates to groups of clients. For each LiveUpdate Settings policy, you can configure a single Group Update Provider or multiple Group Update Providers.

Note:

The Group Update Provider does not act as a proxy for operational states, events, commands, command status, or profiles between the server and the clients.

Table: Group Update Provider settings

Setting

Description

Single Group Update Provider IP address or host name

Check this option to configure a single Group Update Provider. The client computer that acts as the Group Update Provider can reside in any group.

Type the IP address or host name of the client computer.

Example IP address: 1.1.1.1

Example host name: mycompany

You can use the wild card asterisk (*) and question mark (?) characters in the host name.

Multiple Group Update Providers

Check this option to configure multiple Group Update Providers. Then clickConfigure Group Update Provider List.

Maximum time that clients try to download updates from a Group Update Provider before trying the default management server

This option lets clients bypass a Group Update Provider if they try and fail to connect to the Group Update Provider. You can specify a length of time after which clients can bypass the Group Update Provider. When clients bypass the Group Update Provider, they get content updates from the default server.

Select one of the following options:

  • Check Never if clients only get updates from the Group Update Provider and never from the server. For example, you might use this option if you do not want client traffic to run over a wide area connection to the server.

  • Check After to specify the time after which clients must bypass the Group Update Provider. Specify the time in minutes, hours, or days.

Default port

The TCP port that is used for client communications.

The default TCP port number is 2967. If the Group Update Provider receives IP addresses with DHCP, you should assign a static IP address to the computer or use the host name. If the Group Update Provider is at a remote location that uses network address translation (NAT), use the host name.

Note:

If the Group Update Provider runs a firewall, you might need to modify the Symantec firewall policy to permit the TCP port to receive server communications. This note applies to Windows firewall, legacy Symantec Client Firewall, and third-party firewalls. If the Group Update Provider runs the Symantec Endpoint Protection client firewall, the Symantec firewall policy is configured automatically.

Maximum disk cache size allowed for downloading updates (MB)

The maximum disk space to use on the Group Update Provider for storing content updates.

The unreserved disk space is kept to the limit as content updates are downloaded. Once the limit is reached, the Group Update Provider continues to serve the clients, but only for the existing content.

Delete content updates if unused (days)

Controls when the individual content updates that are downloaded to the Group Update Provider become eligible for deletion.

The content updates take up disk space on the Group Update Provider computer. You should configure this option to delete unused content updates. Content updates are considered unused if the clients have not requested the updates.

Maximum number of simultaneous downloads to clients

The maximum number of simultaneous downloads that the Group Update Provider distributes to clients.

This option concerns memory and CPU utilization on the Group Update Provider computer. The option controls how many threads are allocated to handle incoming requests. Memory utilization is associated with the threads, so more threads require more memory. Also, processing the incoming requests requires CPU cycles, so more threads require more CPU cycles.

You should tune the value to the limitations of the Group Update Provider computer. The goal is to download content updates to clients as quickly as possible, without overwhelming the Group Update Provider computer. Set the value high enough to get reasonable concurrency, but low enough to avoid overtaxing the Group Update Provider computer.

Maximum bandwidth allowed for Group Update Provider downloads from the management server

Controls the amount of bandwidth that the Group Update Provider uses to download content updates from the server.

Select one of the following options:

  • Check Unlimited to allow any amount of bandwidth.

  • Check Up to to limit the bandwidth to the amount that you specify.

Regards

Ajin

Ambesh_444's picture

Check this Article:

How to confirm if SEP Clients are receiving Live Update content from Group Update Providers (GUPs)

http://www.symantec.com/docs/TECH97190

I would also suggest you to check the Articles below which may interest you:

Troubleshooting the Group Update Provider (GUP) in Symantec Endpoint Protection (SEP)

http://www.symantec.com/docs/TECH104539

Group Update Provider(GUP): Sizing and Scaling Guidelines

http://www.symantec.com/business/support/index?page=content&id=TECH95353&locale=en_US

SEP Content Distribution Monitor / GUP monitoring tool

http://www.symantec.com/business/support/index?page=content&id=TECH156558

GUP content monitoring tool video

https://www-secure.symantec.com/connect/videos/sep-content-distribution-monitor-introduction

and 

Link to download the SEP Content Distribution Monitor Utility 

https://www-secure.symantec.com/connect/downloads/sep-content-distribution-monitor

 

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

Sachin Sawant's picture

When does a client download full.zip from SEPM/GUP?
http://www.symantec.com/business/support/index?pag...

SEP Content Distribution Monitor (for GUP health-checking)
http://www.symantec.com/connect/downloads/new-sep-...

How to search for the clients that act as Group Update Providers ?
http://www.symantec.com/business/support/index?pag...

Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)
http://www.symantec.com/business/support/index?pag...

Group Update Provider: Sizing and Scaling Guidelines
http://www.symantec.com/business/support/index?pag...

Troubleshooting the Group Update Provider (GUP) in Symantec Endpoint Protection (SEP)
http://www.symantec.com/business/support/index?pag...

Configuring Group Update Providers to distribute content
http://www.symantec.com/business/support/index?pag...

Ambesh_444's picture

Hello,

Please update the status. If u have received ur answer then mark as a solution above post which help you best..

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."