Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Location and GUP Queries

Created: 28 Feb 2013 | 9 comments
EssKay's picture

We are deploying with the following locations:

  • Disconnected - Update from Symantec
  • Connected in a known Subnet - Update from an Explicit GUP's
  • Connected in an unknown Subnet - Update from a Single GUP

Is it possible to check which Location and GUP an endpoint is using from querying the SEP database and/or the console?

Operating Systems:

Comments 9 CommentsJump to latest comment

Ambesh_444's picture

Hi,

 

Check this Article:

How to confirm if SEP Clients are receiving LiveUpdate content from Group Update Providers (GUPs)

http://www.symantec.com/docs/TECH97190

I would also suggest you to check the Articles below which may interest you:

Troubleshooting the Group Update Provider (GUP) in Symantec Endpoint Protection (SEP)

http://www.symantec.com/docs/TECH104539

Group Update Provider(GUP): Sizing and Scaling Guidelines

http://www.symantec.com/business/support/index?page=content&id=TECH95353&locale=en_US

SEP Content Distribution Monitor / GUP monitoring tool

http://www.symantec.com/business/support/index?page=content&id=TECH156558

GUP content monitoring tool video

https://www-secure.symantec.com/connect/videos/sep-content-distribution-monitor-introduction

and 

Link to download the SEP Content Distribution Monitor Utility 

https://www-secure.symantec.com/connect/downloads/sep-content-distribution-monitor

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

Rafeeq's picture

 You can find events regarding updates from the GUP by going to Monitors > Logs > Log type: System > Log content: Client activity > View log

 

 

How to determine what content SEP 12.1 clients are downloading from a GUP?

https://www-secure.symantec.com/connect/articles/how-can-we-check-which-content-sep-121-clients-are-downloading-gup
pete_4u2002's picture

on the client check the location, the policy related to the location will be applied

SebastianZ's picture

Is it possible to check which Location and GUP an endpoint is using from querying the SEP database and/or the console?

You can check the policy number directly in SEP client GUI by going to Help - Troubleshooting - General -> here you will find the policy serial number

For the GUP check the System logs on the SEP client - there you will find entries specifying that the client has downloaded content from a GUP.

diabolicus23's picture

known subnet ---> related gup

unknown subnet ---> single gup

 

You make it from the same single liveupdate policy.

I don't think the best way is to use location.

EssKay's picture

What I need is to be able to look at this information in a centralised interface to ensure that the SEP agent is using the right GUP. Thus any suggestions about looking at each individual SEP agent is not answering the question.

Regards,

Dean

diabolicus23's picture

Monitor - Logs - Event Source :"SYLINK" could provide you every information about clients update you need.

Rafeeq's picture

You can check under the logs in SEPM

 

How to determine what content SEP 12.1 clients are downloading from a GUP?

 

http://www.symantec.com/business/support/index?pag...

 

EssKay's picture

Thanks all,

Whilst I can look for the GUP information from the SEPM, however it is nowhere near being as neat as I would have expected. Also the data interpretation does not appear to be easily automated.

Further, I see nothing about confirming that the location the agent thinks it is in being visible within the console.

Unfortunately this seems to confirm my suspicion that there is no way of going somewhere within the interface and finding this information.

Further, this means that it is unlikely that I can construct a monitoring/reporting format that identifies when an endpoint has calculated the wrong:

  • Location and thus has the incorrect update policy.
  • GUP to use, especially when using an Explicit GUP.

Thus we can not proactively manage the implications of this on the network infrastructrue, only manage retrospectively once an issue is highlighted.

Shame, as I would have thought that this kind of requirement would have been addressed within an enterprise product.

Looks like I will be putting in an enhancement request.

Regards,

Dean