Endpoint Protection

I have had SEP12.1 running for a few weeks no just fine then suddenly over the last couple of days all my clients have stopped receiving thier IPS and download protection updates?

I haven't changed any of the live update settings..

Do any of you have any sugestions as to how i can, (1) go about finding out what might be causing this issue. (2) how i can go about fixing it.

thanks in advance.

Can you  attach the screenshot of one of your  clients interface...? Not sure which protection updates are outdated....the  proactive  threat  protection does not get  updated everyday....as of now, the  latest for it is 23rd July 2011...same  applies to network threat  protection as well....even thoguh the latest  for  them, are 11th aug 2011 as of now, but they also don't get updated daily...

@vkalani

There seem to be a contradiction between the two... the client says its all A-OK, but the SEPM says otherwise... I have attached the screenshot for your reference.

IS there a log file i can check out which might give me some more info? i have been able to establsh that the SEPM can still communicate with the clients as other data can be sent down network without trouble.

All clients are WIN7 and WIN2k8 R2

Hi,  what build of SEP12.1 are you running?

Its worth checking 2 things to start of with:

1. Check on your Home Screen, do the SEPM defs match the latest Symantec Defs?

If not, it's possible that your SEPM has a corrupt update. I usually download the .jdb and manually update the SEPM. It then works 100%. Check the below link:

http://www.symantec.com/business/support/index?page=content&id=TECH102607

2. In the SEPM under the ADMiN tab, force an update and see if it shows any errors.

A screenshot would help though...

Cheers

Hi,

First check, wether SEPM is having latest IPS signature database or not.

If server is having latest IPS definition then check after reinstalling Liveupdate component in 1 or 2 machines also delete old definitions from computer before reinstalling LU component (As this may be due to corrupted definition).

Regds,

Mohit

@Mohit from my understanding i have no live update compenent to re-install as my policy tells clients to get defs from the management server. Unless i have misunderstood the way this piece of tech works.

@hans-05

I have attached a screenshot. The SEPM has the latest but the clients are on a older one... I tried your suggest workaround however when i place the .jdb file in the directory, it eventually turns into a .jdb.err file... which is raising alarm bells in my mind?

I have also sent a group content update command, which while the SEPM says they have received it under the monitors tab.. the home tab is saying the opposite still?

Brill, date format sorted it.

Thanks.