Live update is not working on SEPM
Hi Team,
Live update is not working properly in my SEPM 12.1 server.Pls see the Live update status given below.
Current Virus version is showing as follows;
Windows Definitions
Latest from Symantec: 01/03/2013 r19
Latest on Manager: 12/09/2012 r6
January 4, 2013 1:59:00 PM IST: No updates found for SONAR Heuristics engine 12.1. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:59:00 PM IST: Symantec Endpoint Protection Manager could not update SONAR scan whitelist Win32 11.0. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:58:59 PM IST: Symantec Endpoint Protection Manager could not update TruScan proactive threat scan commercial application list Win64 11.0. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:58:59 PM IST: No updates found for SEPM LiveUpdate Database 12.1. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:58:59 PM IST: No updates found for SONAR scan commercial application engine 11.0. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:58:59 PM IST: No updates found for Extended File Attributes and Signatures 12.1 RU2. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:58:59 PM IST: Symantec Endpoint Protection Manager could not update Virus and Spyware definitions Win64 12.1. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:58:58 PM IST: No updates found for Symantec Endpoint Protection Manager Content Catalog 12.1. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:50:37 PM IST: LUALL.EXE has been launched. [Site: PINSAV02] [Server: PINSAV02]
January 4, 2013 1:50:36 PM IST: Download started. [Site: PINSAV02] [Server: PINSAV02]
Comments 4 Comments • Jump to latest comment
HI,
Can you pass log.liveupdate logs
The SEPM does not update virus definitions. Liveupdate not working on the Symantec Endpoint Protection Manager 12.1
https://www-secure.symantec.com/connect/articles/t...
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Hi,
Please check with below....
1) Please check disk space in your SEPM server, I mean free space should be available in which drive your SEPM installed.
2) Please reboot the system.
3) Uninstall your live update server and again install the same.
4) Run luall on the server.
and then let me know if it will help u.
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
Hello,
Are you using any proxy on your network??
Generally speaking, when the SEPM's LU encounters a problem, it will return some sort of error code. For it to produce "Return code = 0" seems to suggest that the SEPM thinks it ran correctly.
This is usually down to the SEPM using a proxy to access the Internet, and that proxy (e.g. ISA) is configured to cache web content. Does this apply to your environment by any chance? If so, you may want to get test by disabling caching (http://support.microsoft.com/kb/837352)
I would also suggest you to -
1) Restart the server and check if the updates are happening properly.
2) If already restarted, please Migrate the SEPM to the Latest version of SEP 12.1.2015 (RU2)
I am sure this would help you.
3) You could also try these steps in the Article below -
TECH171060 How to Uninstall and Reinstall LiveUpdate on SEPM 12.1 (Enterprise Edition or Small Business Edition)
TECH181305 Windows LiveUpdate Client for Use with Symantec Endpoint Protection Manager 12.1
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
I'd also like to add that to get an unmanaged SEP 12.1.2 client's LiveUpdate to work through our proxy server required a number of whitelist exceptions. You may only need the LU-related URLs but had my security guys put all the ones listed in the tech article, below, in addition to http://update.symantec.com where LU has been successfully downloading virus defs/content ever since.
http://www.symantec.com/business/support/index?page=content&id=TECH162286
Unlike SEP 11.x, it appears the 12.x client tries to get out to the Internet without passing any credentials to the proxy server so naturally it fails without these exclusions. The default in the client is to use IE's proxy settings but apparently this functionality doesn't work. A Symantec support engineer told me awhile ago that the resolution was to explicitly set the proxy credentials in the client which only makes sense if the user's password never expires and/or changes. I suppose you could use a shared account for the proxy credentials although this wouldn't fly with our security guys.
Clint
Would you like to reply?
Login or Register to post your comment.