A *.jdb file can be used to update the virus definitions for SEPM.
Please note that the .jdb file only contains antivirus/antispyware definitions and will not provide updated content for the firewall and other features for the Symantec Endpoint Protection (SEP) clients.
Use the .jdb certified definitions or the .jdb Rapid Release definitions to update SEPM content. Please note that the consistent use of the Rapid Release definitions is not encouraged by Symantec and the use of the Rapid Release definitions is intended to be used on a case by case basis to mitigate a possible virus outbreak. Under normal conditions, Symantec strongly encourages customers to use the Daily Certified definitions for routine use.
If you are unsure as to which definitions set you should use, please contact Symantec Support for guidance.
To download the .jdb certified definitions:
- In a browser, go to the "Symantec Endpoint Protection / Symantec Antivirus Corporate Edition" website at the following URL:http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=savce
- There are multiple headings/product categories presented. Be aware that there is only one .jdb in the list that will need to be downloaded. This is sufficient in updating both 32 and 64 bit definitions on the SEPM.
To download the .jdb Rapid Release definitions:
- In a browser, go to the "Rapid Release Virus Definitions" website at the following URL:http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr
- Download the available .jdb file and save the file to the Windows desktop.
To use the .jdb file to update definitions for SEPM:
- After downloading, you may need to rename the file extension from ".zip" to ".jdb". (Most browsers detect the file type and automatically change the extension. This must be changed back to .jdb for use in the SEPM.)
- Copy the .jdb file to "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming" for 32 bit operating systems and to "C:\Program Files(x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming" for 64 bit operating systems. The location listed in this line is the default installation location and is presented as an example only.
- The .jdb file will be processed, usually within one minute. As the .jdb file is processed, all files and subfolders are removed from the "Incoming" folder.
Verify that the SEPM content is updated:
- To verify that the SEPM content has been updated, look in the following folders
- For SEP 11.0 - Check the following locations:
32 bit definitions: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{C60DC234-65F9-4674-94AE-62158EFCA433}"
64 bit definitions: "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{1CD85198-26C6-4bac-8C72-5D34B025DE35}"
- For SEP 12.1 - Check for the following locations:
32 bit Definitions : "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{535CB6A4-441F-4e8a-AB97-804CD859100E}"
64 bit Definitions : "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{07B590B3-9282-482f-BBAA-6D515D3855E2}"
- Typically, there will be three or more numbered folders present. The folder naming convention is "yymmddxxx". For example "100602034". This is the date and build (revision) number of the definition set installed. Please note that the definition set installed may have been published the previous day and a set for the current day may not yet be available.
- Looking inside the folder that matches the set downloaded and installed, there should be a folder named "Full" and a zip file named "Full.zip".
- Looking inside the "Full" folder, there should be the files typically associated with a virus definition set.
Important Notes:
- The Intelligent Updater file names for Symantec AntiVirus (SAV) clients end with "i32.exe" or "i64.exe" (32 and 64 bit respectively).
- The Intelligent Updater file names for SEP clients end with "v5i32.exe" or "v5i64.exe" (32 and 64 bit respectively).
- The Intelligent Updater file name that ends in "x86.exe" is only for specifically listed products and should only be used with those products.
- The SEPM updater file has a ".jdb" extension. There should only be one .jdb listed at any time and will update content for both 32 and 64 bit systems.
- The SAV Parent Server updater file has a ".xdb" extension and only updates 32-bit virus definitions; SAV parent servers do not serve 64 bit definitions. 64 bit systems cannot be SAV parent servers.
Additional Clarification:
The Intelligent Updater .exe files are designed to update client installs for SEP or SAV only. These files do not contain the required files needed by a SEPM or SAV Parent to additionally update any clients attached.
How to manage the number of definitions maintained by the SEPM, see the following knowledge base document:
Title: 'How to change the number of downloaded content revisions that are kept in 11.0.2000 (MR2) or later.'