Endpoint Protection

Some of my clients are connecting to liveupdate.symantecliveupdate.com instead of connecting to my manager to get updates.
My Live update settings is set as follows:
Checked - use the default management server (recommended)
Checked - Use a LiveUpdate server
selected - Use the default Symantec LiveUpdate server.
See screenshot attached.


The manager has been online the whole time however it looks like some of my clients are connecting to liveupdate.symantecliveupdate.com instead of the manager.

Any thoughts?

The LU policy that you ,have  shows that if the Cleint doesnot take update from the SEPM, there may be diffrent reasons for that , it will take the update from the Symantec server.

uncheck the option that says Use the default Symantec LU server

Hi,

       You have selected both the options the default managemeent server as well as the Symantec default live update server. In this scenario  if a client is not able to communicate with the SEPM server it will fetch its updates from the Symantec default live update server

Correct me if I'm wrong.  If you have both options enabled (default management server and live update server), clients will try both servers to get updates and not going to the default management server first.  The following is from the help file:

If both options are enabled, clients try to retrieve updates from both sources. Typically, do not enable both options unless you have a specific reason. If the management server provides named update versions to clients, and the clients have previously downloaded the latest updates from a LiveUpdate server, the clients do not download and install the named (previous) versions.

 If you have both checked as per default schedule the client will try connecting to internet every 4 hrs.

You are right Rick

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008032011064948

We have a number of mobile computers that are connected part of the time to our hard-wired internal network, at other times to our network via VPN, and at other times to the Internet via various ISPs.  I am looking for the best way to configure updates so these computers get updated regardless of connection mode.

We are currently running SAV version 10.1.x, which allows to configure LiveUpdate to connect to the default server whenever the definitions are more than a few days old.  Under this arrangement, most clients update every day from their parent servers; but if a mobile computer is away from the network for a while, LiveUpdate kicks in to download updates.

Since SEP does not allow this option, I need to find another way to configure updates for computers that are on our internal network only part of the time.  What would be the preferred way to keep definitions current on these machines?

Use a location based policy that will check to see if it cannot connect to a SEPM server, it will connect to a live update server:

Thanks!  I was thinking a location-based policy might help, but I wasn't aware of the "cannot connect to Management Server" condition.  That's just what I need.

Since right ow you are on default location and using default location.So Liveupdate button is disabled..
This button is only enabled when Use Liveupdate server ( 2nd option ) is checked and in advanced setting Allow clients to launch liveupdate is enabled. 

Problem: The option to run live update on the client is now disabled.
Please see screenshots attached.
Unchecked use live update server to prevent clients from connecting to liveupdate.symantec.com (default policy).

Does not  help.

 This cannot happen.
The Liveupdate botton is for downloading definitions from internet or Liveupdate adminitrator not SEPM.

So since your default policy says definitions will be downloaded from SEPM so liveupdate button is not enabled..
However when your clients switch location where SEPM is not there and second policy is applied that button will be enabled.