Hi All,

We're having an issue on the size of virus definition of SEP client. 1 of our server is having 2.40gb total folder size, and it fills up disk space. We raised this to Symantec Support, and Support mentioned that this is normal. Is there any article for the normal size of SEP Virus Definition? Thanks.

whats the version of SEP 11.x or 12.x?\

if its 12 follow this doucment and clear the space

http://www.symantec.com/business/support/index?page=content&id=HOWTO59193

For 11.x is here

http://www.symantec.com/business/support/index?page=content&id=TECH103176

Drive Space used by Virus Definitions Updates

http://www.symantec.com/docs/TECH141811

Check the article for low disk space

https://www-secure.symantec.com/connect/articles/issue-related-low-disk-space

By default, SEP 12.1 keeps 1 content revision while SEp 11.x keeps 3.

How many are showing for your client?

What SEP client version are you using? There is a known issue regarding the amount of AV defs kept on the SEP 12.1 on Server OS (SEP 12.1 versions affected prior to RU2):

Symantec Endpoint Protection (SEP) 12.1 client is maintaining multiple virus definitions versions on servers.

- you may want to try the workarounds from here or updating to RU2 - the fix to this was implemented in this version Please note the default amount of Virus defs kept on the SEP client in version 12.1 should be only 1.

What is your SEP Client Version?

Clean the definition, may be it corrupt.

How to clear out definitions for a Symantec Endpoint Protection 12.1 client manually

Hello,

First, determine whether the amount of space used is as designed, or whether the definitions are not working correctly.

• Symantec Endpoint Protection 12.1 will keep 1 definition set

Best Practices for configuring the number of content revisions to keep in Symantec Endpoint Protection Manager

http://www.symantec.com/docs/TECH92225

Examine the files and folders in the VirusDefs folder. You should see the following:

1. 2-3 numbered folders, approximately 430 - 470 MB each. On 3 January 2013 it was 454 MB for 64 bit 12.1.
   The numbered folders will have names that appear similar to the following: 20110408.002.
2. 1 folder named BinHub, approximately 250 - 470 MB depending on the age of the file. 
3. 1 folder named Incoming, which should be empty [this folder may not be present].
   The Incoming folder should only contain files while a virus definition update is in progress.
4. 1 folder named TextHub, approximately 1 KB
5. 1 file named definfo.dat, approximately 1 KB
6. 1 file named usage.dat, approximately 1 KB
7. 1 file named Cat.DB, approximately 650 KB
   The total size of all files and folders should be about 2 GB for SEP 11.0 and under 800 MB for 12.1.
8. If any of the following is true, the definitions may not be working correctly:
   • The Incoming folder never becomes empty.
   • Several .tmp folders or files exist in the VirusDefs folder.
   • The numbered folders are 800 MB or greater in size.

The files sizes listed are as of January 2013.  Definitions files are continually getting larger in size.

Drive Space used by Virus Definitions Updates

http://www.symantec.com/docs/TECH141811

Hope that helps!!

I agree with Brian, Sep 12.1 Keep only one revision, you can check how many def folder dispaly in your Server. If it reflect more than one revision then there some problem in definition. In that case clear the definition