Video Screencast Help

How often does a new definition file come out?

Created: 13 Dec 2012 | 6 comments

I use the Intelligent Updater (manual) definition file for SEP 12, from here http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=savce  

 

How often is a new definition file released?  Weekly, daily or several times a day?  And how often would you suggest a company downloads and deploys?

 

Thanks

 

 

Comments 6 CommentsJump to latest comment

Rafeeq's picture

Intelligent updater will be released when there is a immediate requirement for virus remediation.

I would suggest to check once in every 4 hours.

pete_4u2002's picture

certified definitions are released 3 times a weekday & 1 during weekend. you can set LIveupdate to check every 4 hours which default.  

Chetan Savade's picture

Hi,

File-based AV - Updated daily (typically three times a day Monday through Friday; one time a day on weekends).

Network-Based Protection (IPS)- Updated on Weekdays (M-F - no releases scheduled for weekend or major holidays in the United States).

Behavior-Based Protection / Proactive Threat Protection - There is no set schedule.

Reputation-Based Protection (Insight) - Continually updated as it is a cloud based detection.

Reference:http://www.symantec.com/docs/TECH178271

We will always suggest to use most latest definitions however in manual update it would be difficult to implement. I would suggest to update once in a day. if there is any alert about new threat from Symantec then need to update definitions immediately.

 

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Cameron_W's picture

You may consider updating through the Internet occasionally is possible as well since the intelligent updater will not update IPS definitions.

If I was able to help resolve your issue please mark my post as solution.

Chetan Savade's picture

Hi,

Could you please update this thread?

If issue is resolved then don't forget to mark your thread as 'SOLVED' with the answer that best helps you.

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Mick2009's picture

Hi jonnyguitar,

Is there any reason why you are using IU every day?  Updating via LiveUpdate from the Interent or from an internal LiveUpdate Administrator 2.x server (if the SEP clients on your network cannot access the Internet) is a better solution. 

Followers of this thread may wish to lend your support (vote) for these Ideas (proposed enhancement requests) to get PTP, IPS, etc definitions added to IU:

https://www-secure.symantec.com/connect/idea/network-and-proactive-threat-protection-definition-updates

https://www-secure.symantec.com/connect/ideas/tool-remote-deployment-antivirusantispyware-ips-and-ids-definitions

With thanks and best regards,

Mick