Endpoint Protection

 View Only

  • 1.  JDB not Uploading from Incoming folder

    Posted May 05, 2015 10:15 AM

    Hello

    I operate a LAN and manually update the enterprise signatures by downloading the JDB executable, unzipping the executable to expose the JDB file and then manually dragging and dropping the JDB into the directory: c:/programs (x86)/Symantec Endpoint Protection Manager/data/inbox/content/incoming.

    I successfully perform the procedure but the JDB file just sits in this folder without be automatically ingested.

    Obviously, I'm looking for the solution.

    Questions I have:
    What service runs this ingest process?
    Could this be a permissions issue?

    Thank you!



  • 2.  RE: JDB not Uploading from Incoming folder

    Posted May 05, 2015 10:17 AM
    Is there an error file being generated?


  • 3.  RE: JDB not Uploading from Incoming folder

    Posted May 05, 2015 10:29 AM

    I'm opening the LiveUpdate Log now.

    I see two errors repeating for the same Site and Server (the only Site and Server we have besides the SQL site/instance. 1) The administrator's user name and pw is incorrect. Type a valid user name or pw. and 2) You cannot access this server from this IP address.

    The detail for the above errors read out a stack with all the errors/exceptions starting with com.sygate.scm.server...



  • 4.  RE: JDB not Uploading from Incoming folder

    Posted May 05, 2015 10:47 AM

    check this location c:/programs (x86)/Symantec Endpoint Protection Manager/data/inbox/content/incoming 

     and  any error file like  .jdb.err file is there if it is there delete that file adownload new .jdb file and drop agin that location.

     

     



  • 5.  RE: JDB not Uploading from Incoming folder

    Posted May 05, 2015 11:12 AM

    try restarting the Symantec endpoint manager service,

    Please post the sesmlu.log

    Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs\SesmLu.log



  • 6.  RE: JDB not Uploading from Incoming folder

    Posted May 05, 2015 12:38 PM

    I operate a LAN and manually update the enterprise signatures by downloading the JDB executable, unzipping the executable to expose the JDB file

    JDB files may not be unzipped. It's possible that your browser changed the file extension from "jdb" to "zip" (as it is in fact a zip file). In this case you have to restore the jdb extension, but don't unzip the file.

    Furthermore, there is no "JDB executable" that you can use to update the SEPM. .exe files can only be used to update clients.

    And (of course) after downloading the JDB file you should test its integrity against the published MD5 hash.



  • 7.  RE: JDB not Uploading from Incoming folder

    Posted May 05, 2015 01:42 PM

    Thank you for all the feedback.

    Rafeeq: Successfully restarted the manager. The file remains in the 'incoming' dir. The Machines showed offline and are slowing returning. About 55% of the machines show "Up-to-date" however their Antivirust Content is listed as "04/27/2015 r39".

    I cannot post the sesmu log. Is there something in particular that I should look for and report?

    greg12: The "jdb executible" I'm using is the "CM-197415-savupjdb.exe" -- the 4 May Symantec Endpoint Protection signature. This looks like an exetuable although I agree it is a compressed file. My understanding is that this needs to be unwrapped and the output, a .jdb file is dragged and dropped into the incoming folder. I have used the SEPM.exe (CM-197415-20150504-003-v5i64) to update client standalone machines. The .jdb should be installed on our Symantec Manager (central server) which then feeds out the signature to enterprise clients.

    Please let me know if I'm mistaken. I'm going to take the unwrapped 'jdb/exe' and install in the incoming folder.



  • 8.  RE: JDB not Uploading from Incoming folder

    Posted May 05, 2015 04:16 PM

    Everyone  - Thank you all for your help. Looks like we partitioned our drives with the service pointing to the incoming folder that sits off of the sql site.



  • 9.  RE: JDB not Uploading from Incoming folder

    Posted May 06, 2015 05:11 AM

    greg12: The "jdb executible" I'm using is the "CM-197415-savupjdb.exe" -- the 4 May Symantec Endpoint Protection signature. This looks like an exetuable although I agree it is a compressed file. My understanding is that this needs to be unwrapped and the output, a .jdb file is dragged and dropped into the incoming folder. I have used the SEPM.exe (CM-197415-20150504-003-v5i64) to update client standalone machines. The .jdb should be installed on our Symantec Manager (central server) which then feeds out the signature to enterprise clients.

    I've never seen this name pattern ("CM-19...") for jdb files. JDB files are just downloaded and moved into the Incoming folder. No unwrapping or unzipping. It's only important that the file extension is ".jdb".

    Antivirus/Antispyware jdb files are here: 

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

    And here is the overview of all kinds of content (for AV/AS, SONAR and PTP jdb files are available):

    http://www.symantec.com/security_response/definitions.jsp

    Comprehensive article about jdb files:

    Download .jdb files to update definitions for Endpoint Protection Manager