Hi,

.xdb was used by SAV and SEP does not use it, it uses .jdb

Note: .jdb file will only update the Antivirus and Antispyware definitions and not the PTP and NTP (IPS) definitions.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009072204590148

You can have one SEP.

Create two groups

Group1( default Symantec LiveUpdate server)
You can have sub group based on office or sections and assign a GUP(Which is equivalent to secondary servers in SAV) for updating client.
REF:
http://service1.symantec.com/SUPPORT/ent-security....

OR

Configure a nonshared liveupdate policy to point to symantec liveupdate site and schedule it whenever you want.

Group2( Internal Liveupdate server). 

You can use LUA and create a distribution center on remote site. You can distribute the liveupdate contect whenever you want.

Creat a liveupdate policy to point all the client to that distribution center. whenever LUA distributes updates to distribution center client will get updates... you will have control over the updation.
REF:
https://www-secure.symantec.com/connect/articles/i...
https://www-secure.symantec.com/connect/articles/c...

You can have GUP also.....

The option of a Live Update Administrator is Good as it will ensure Centralized Distribution of the virus definitions.
Check this link :-      http://service1.symantec.com/SUPPORT/ent-security....

I have installed and configured the LUA to work with my SEPM.  I have a new group in SEPM that only uses the LUA Distribution Center for its LiveUpdates.  But I am still confused on setting up my LUA Distribution. 

What I need is a Distribution target that points to one set of definitions that I receive from a company that controls and manages one set of workstations.  This definition package has been tested by them and need no testing from me or my LUA.  Both the LUA and the LiveUpdate on my SEPM side for this one group CANNOT pull updates from symantec.  The updates will only come from the file they send me.  I can't see the folder I am supposed to place this .zip file in and what to rename instead of .zip to allow the Distribution to notice this package as a definitions package. 

Here is an image of the files that were contained inside the zip file that I was sent.  This is the set of policies that they say they support for SEP 11.  Are these files compatible with SEP 11 or are they really still for SAV 10? 

I found a good article called "How to update definitions for Symantec Endpoint Protection Manager using a JDB file".  This explains how to download and place a JDB file in the \Symantec Endpoint Protection Manager\date\inbox\content\incoming  directory.  Once this is done, it seems that SEPM automatically applies this policy to all groups that are created in this SEPM. 

 I also found the article called "How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file".  This article shows how to do this on the client machine.  Is there a way to do this remotely one one group?  Or is the aforementioned technique going to only perform policy updates one the groups in which I have enabled the 3rd party content management?

Thanks for the help.

-Storm

If they are using a tested jdb file then you can update as mentioned in the above article...

Even SEP is having a option to lock the liveupdate content to one particular revision..
Its available under policies-->Liveupdate-->Liveupdate content policy....