Video Screencast Help

how to configure SAV For Linux v14 to report into the Windows SEPM for AV Definition date ?

Created: 11 Dec 2013 • Updated: 11 Dec 2013 | 6 comments
This issue has been solved. See solution.

Hi All,

I'm not sure if this is possible ?

How to configure SAV For Linux v14 (installed on Red hat Linux 5.4 and 6.0) to reports to the Windows SEPM 12.1.2 server for AV Definition date ?

At the moment the SAVFL is updated by using LUA v 2.3.2 installed on the same windows server.

Operating Systems:

Comments 6 CommentsJump to latest comment

.Brian's picture

This cannot be done. Per this article from Mick2009:

There are three ways:

  1. Internet LiveUpdate servers (The default.  Recommended if you have only a few SAVFL clients)
  2. Internal LiveUpdate Administrator 2.x server (Recommended if you have many SAVFL clients.)
  3. Intelligent Updater (Useful in certain circumstances, such as completely isolated computers.)

https://www-secure.symantec.com/connect/articles/s...

Only logs from SAVFL can be sent to the SEPM using SAVFL Reporter

https://www-secure.symantec.com/connect/articles/s...

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
John Santana's picture

Ah ok, so it is not yet available ?

I wonder how to make sure that we can monitor the status to see which client is not updating ?

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

.Brian's picture

SAVFL clients cannot be managed by the SEPM, they can only forward logs. If you look at the SAVFL Report link I posted from Mick2009, it does show definition dates so you may want to look into setting up the SAVFL Reporter. Mick's article shows you how to do so.

A snippet from Mick's article reads:

"Using various filters, it is possible to generate a list of all the Linux machines that are configured to report in to this SEPM, view their definitions date (as illustrated, above), see when they have been scanned, what threats were found, and so on. 

It's also possible to configure notifications which can be triggered by the incoming SAVFL Reporter data.  So if there's an outbreak on your Linux file server, the admin's smartphone can get a "Alert!!" email from the SEPM, enabling her to grab her cape, spring into action and save the day."

I think this will get you what you need.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

John Santana's picture

Thanks Brian, I'll try to follow that instructions.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

Chetan Savade's picture

Hi John,

Thank you for posting in Symantec community.

I think it's due for next release but can't assure at this point.

But yes, it's on the roadmap.

It's on the roadmap if we checked following two ideas:

https://www-secure.symantec.com/connect/idea/linux-unmanaged-client

https://www-secure.symantec.com/connect/ideas/managed-sep-client-linux

Currently linux client servers as a unmanaged clients only.

The SAVFL client cannot be managed by the SEPM, although it can report logs back to the SEPM by using SAV Reporter, which was released after SAVFL 1.0.10, but can be downloaded from the following KB article.

Few helpful KB's:

Symantec AntiVirus for Linux (SAVFL) Reporter 1.0.10 Release Notes 

http://www.symantec.com/docs/DOC3474

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

John Santana's picture

Cool, thanks for the clarification Chetan !

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.