Video Screencast Help

How to allow External Live Update Server when users are out of corporate network

Created: 11 Apr 2013 • Updated: 11 Apr 2013 | 4 comments


I have the following setup for one of my customer.

There are 7 sites which are connected to Datacenter and the SEPM is installed in here.

There is a seperate group created in SEPM for each site and a seperate Live Update Policy applied to enable all the clients to take updates from a local available GUP.

Everything works fine.

Now i am concerned with the roaming users, lets say user1 from site1 where there is a GUP policy goes out of the network and works over internet.

How will this user get Virus Defintion Updates? because as per the Live Update Policy the client check for the update from the GUP if it doesnt find the GUP does it go to Internet Directly?


Please suggest.

Operating Systems:

Comments 4 CommentsJump to latest comment

W007's picture


IF you have selected gup and bypass gup and go to sepm,

there is no way the clients go to internet.

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

mm5677's picture


Can you please check the setting which i have in the update policy and suggest? if this fulfills the requirement.



W007's picture


As per attached screen shot you have selected

Use the default Management Server

Use a liveupdate server

Group provider.

As per setting sep client not updating GUP.

You can test GUP client showing false

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SMLatCST's picture

What you have enalbed there will allow the clients to contact Symantec LiveUpdate for definitions, but not necessarily tell it to do so.

Generally speaking, teh Symantec best practice is to enable location awareness to detect if a client is internal or external to your company.

  • If internal, then assign a policy to go to the SEPM and GUPs.
  • If external, then assign a policy to go directly to Symantec LiveUpdate as per the below article:

More info on managing remote clients and Liveupdate below: