Endpoint Protection

 View Only

  • 1.  How Often Does SEP 12.1 Definitions Update?

    Posted Mar 22, 2013 04:13 PM

    We've noticed that the virus, IPS, and Download Protection definitions are updating each day.  However, our SONAR detections appear to be stuck on 3/1/2013 r11. 

    My question is does SONAR update with the other definition packages, or is 3/1/2013 r11 the most current SONAR defnition?

    Thanks,

    Nathan



  • 2.  RE: How Often Does SEP 12.1 Definitions Update?

    Posted Mar 22, 2013 04:21 PM

    AV will be updated every day and revisions ,Once in every 4 hours symantec

    you can check the latest defs here

    http://www.symantec.com/security_response/definitions.jsp

    latest i see here is 

     

    Behavior-Based Protection

     
     
    Definitions Released: 3/5/2013
    Extended Version: 3/1/2013 rev. 11

     



  • 3.  RE: How Often Does SEP 12.1 Definitions Update?

    Posted Mar 22, 2013 04:27 PM
    OK, thanks Rafeeq. Interesting that SONAR doesn't update more frequently. We submitted a SONAR false-positive exception request on 3/2/2013, and I'm wondering how long we'll have to wait until that exception takes place. With our existing SONAR definitions are the most current (3/1/2013 r11). We'll continue to monitor for a SONAR update. Thanks again.


  • 4.  RE: How Often Does SEP 12.1 Definitions Update?

    Posted Mar 22, 2013 04:32 PM

    Yes, that is the correct date for SONAR. It is not updated regularly like the others. More like every couple of weeks. The piece that updates is their internal whitelist.



  • 5.  RE: How Often Does SEP 12.1 Definitions Update?

    Posted Mar 22, 2013 04:33 PM

    Wait till you get a confirmation email from Symantec about your false positives.

    They would mention the Release date of the defs where its fixed in the email. once you get that, You can update the defs.

    Have  a good weekend..

     



  • 6.  RE: How Often Does SEP 12.1 Definitions Update?

    Trusted Advisor
    Posted Mar 22, 2013 05:27 PM

    Hello,

    File-based AV - Updated daily (with SEP's Multiple Daily Definitions, certified content is typically released three times a day Monday through Friday; one time per day on weekends).

    Network-Based Protection (IPS)- SEP Security Updates (SU) are generally updated on Weekdays (M-F - no releases scheduled for weekend or major holidays in the United States).

    Behavior-Based Protection / Proactive Threat Protection - There is no set schedule.  The article linked below contains additional information.

    Reputation-Based Protection (Insight) - Continually updated as it is a cloud based detection.

    For additional details please visit: http://www.symantec.com/security_response/definitions.jsp

    Reference: 

    How often are Endpoint Protection definitions for IPS, SONAR, and Download Protection released?

    http://www.symantec.com/docs/TECH178271

    Secondly, check this Thread : https://www-secure.symantec.com/connect/forums/live-update-23

    Hope that helps!!



  • 7.  RE: How Often Does SEP 12.1 Definitions Update?

    Broadcom Employee
    Posted Mar 23, 2013 07:12 AM

    Hi,

    One more helpful article

    Centralized Reputation Settings 12.1" appears not to update in Symantec Endpoint Protection Manager

    http://www.symantec.com/docs/TECH199619