Endpoint Protection

 View Only

  • 1.  How to ensure immediate update of virus definitions on a particular client via SEPM?

    Posted Oct 13, 2014 06:34 AM

     

    How to ensure immediate update of virus definitions on a particular client via SEPM?

     

    There’s an important client machine with old definitions, as the machine was not connected to network. I am trying to update it via SEPM ‘update content’ command however, virus definition updates are not happening.

     

    How long does it usually take to update a client not updated sine last 5-6 weeks?

    And how to ensure swift update to particular clients?

     

     

     

     



  • 2.  RE: How to ensure immediate update of virus definitions on a particular client via SEPM?

    Posted Oct 13, 2014 06:51 AM

    The only way to ensure a machine nab defs as soon as they come out is to stick it in a group that either:

    • Has a LU policy that has LiveUpdate enabled, with a continuous schedule, or
    • in a group with the Communications Setting set to PUSH mode with "Download Randomisation" disabled and a LU policy that tells it to update from the Default Management Server

    In a "normal" setup (as I'm assuming your is), you'll typically need to wait for the client to next heartbeat (which Symantec best practices recommend at 1 hour intervals) into the SEPM, then allow for the randomisation window, before the client begins to download the 400MB file it'll need to update its defs (meaning you've got to consider the network load as well).

    Note that any commands you send to a client (inlcuding the "update content" one), rely on the client heartbeating into the SEPM to pick it up first.  Therefore, the "update content" command is rarely immediate.



  • 3.  RE: How to ensure immediate update of virus definitions on a particular client via SEPM?

    Posted Oct 13, 2014 07:23 AM

    The client will receive the command once it checks in. What is yoiur heartbeat set to?



  • 4.  RE: How to ensure immediate update of virus definitions on a particular client via SEPM?

    Posted Oct 13, 2014 07:32 AM

    heartbeat is 5 mins..

    what is download randomization's role here?

     



  • 5.  RE: How to ensure immediate update of virus definitions on a particular client via SEPM?

    Posted Oct 13, 2014 07:35 AM

    Then client will check in every 5 minutes, which should good for what you need.

    Go thru this:

    About randomization of simultaneous content downloads

    SMLatCST prtetty much hit it on the head for what you should do.



  • 6.  RE: How to ensure immediate update of virus definitions on a particular client via SEPM?

    Broadcom Employee
    Posted Oct 13, 2014 10:16 AM

    Hi,

    Thank you for posting in Symantec community.

    If it's the only affected client I would suggest to run intelligent updater.

    The Intelligent Updater .exe files are designed to update clients only. Intelligent Updater files do not contain the information that a Symantec Endpoint Protection Manager needs to update its managed clients.

    Using Intelligent Updater files to update content on Windows computers

    http://www.symantec.com/docs/HOWTO80903 



  • 7.  RE: How to ensure immediate update of virus definitions on a particular client via SEPM?

    Broadcom Employee
    Posted Oct 14, 2014 09:46 AM

    Hi,

    Is there any update?



  • 8.  RE: How to ensure immediate update of virus definitions on a particular client via SEPM?

    Posted Oct 15, 2014 06:49 AM

    Not yet.. as busy with tasks apart from Symantec.. Thanks