Go to \Program Files\Symantec\Symantec Endpoint Protection
Manager\Inetpub\Contents\

Here you will see a folder which starts with
{C60 go inside that folder and find out the directory with latest modified date and copy full.zip file in the new package
you are created.Remove vdefhub.zip from that folder and rename this full.zip as
vdefhub.zip.Now you will get a package with latest update(AV/AS).

this is manual task...

is there any automate process where installation packages will get updated automatically when there is any new definitions

This idea is in development stage you can also vote for that

Ref: https://www-secure.symantec.com/connect/idea/inclu...

Greetings,

Generating packages in this fashion is not really necessary. The new RU5 release doesn't even have definitions included in the package. As soon as you deploy and install the client it will immediately contact the Endpoint Manager and check for a virus definition update whether you did the above process or not.

You may save on some bandwidth by doing this, though if bandwidth is a concern you probably should be looking at GUP's or something similar.

Only MR5 packages pushed from the SEPM do not include any defs.
The deployed package uses the definitions that it finds on the client while it waits for the new definitions.

Clients with no antivirus on are in trouble anyway, and a few minutes extra while they wait for definitions is not going to change anything.
You would naturally want to deploy your GUP's first, give them a chance to update, and then start deploying clients.

You can however create packages that contain the latest definitions and then deploy them through different methods according to your requirements. Bear in mind, you're looking at +- 50 MB per client X x-amount of clients over a WAN and you could be saving GIG's of bandwidth

Obviously installing directly from the CD installs with the creation date definitions.

Hi Standaround. I disagree with you on waiting a few minutes for new defs to arrive.
Depending on how old the defs are on the system, you can be in a world of hurt when there are no defs present. There is plenty of malware around that will find and infect a system that has no protection.
That is also one of the reasons new PC's are not put on our network before all patches and virdefs are up to date.

isn't that what I just stated? Installing a client, including the latest virdefs/content, is better than installing a client without virdef/content and wait for the client to update?

Hi JohnSN

I must admit, that when I first heard about it I hyperventilated a little... and then I gave it some thought.

If your clients deffs are outdated... You're already in pain, and should probably be focusing on sorting the definitions out, rather than upgrading. Depending on the type of infection/pain, your installation exe's could well get infected. If your machine is infected, it should also be taken off the network, cleaned, and then have an AV installed/repaired.

If you're installing SEP off the network, then you're not deploying from the SEPM, therefore, you're able to create packages with the latest deffs, or use the intelligent updater. Remember, it's only when deploying from the SEPM that the package goes out without deffs, and it will use whatever deffs are there.

Feel free to message me if you would like to discuss this further...