Endpoint Protection

 View Only

  • 1.  Question on expected behavior on SEP-11&12 Virus Definitions

    Posted Jul 21, 2011 09:34 AM

         What is the expected behavior on how SEP-11 & 12 handles all the Virus Definitions that it downloads to a local client? Does it only keep only the latest definition files plus the last two versions? Will it store more then 3 sets of definition files? Is there a way to have it prune away the older versions so only the latest definition is present? If so what is the procedure for doing this?



  • 2.  RE: Question on expected behavior on SEP-11&12 Virus Definitions

    Trusted Advisor
    Posted Jul 21, 2011 09:57 AM

    Hello,

    Here is an Article which will answer your questions along with the following Questions:

    ● How to ensure that the content downloads on the Symantec Endpoint Protection Manager server are limited by days

    ● How to control database growth

    ● How to control the amount of disk space Symantec uses on the Symantec Endpoint Protection Manager server

    ● Is there a recommended disk space management configuration for virus definition downloads and database for the Symantec Endpoint Protection Manager?

    ● How to reduce the amount of disk space used by the Symantec Endpoint Protection Manager for content revisions and the database
     
     
    Disk Space Management procedures for the Symantec Endpoint Protection Manager
     
     
    Best Practices for configuring the number of content revisions to keep in Symantec Endpoint Protection Manager
     


  • 3.  RE: Question on expected behavior on SEP-11&12 Virus Definitions

    Posted Jul 21, 2011 10:16 AM

    I knew about those settings within the SEPM, I would like to know the expected default behaviors on how the SEP clients maintains new & older versions of definition files. For my Win7 desktop, I see that SEP stores the definition files under C:\ProgramData\Symantec\Definitions. I see the latest definition files plus two older versions.

    Is there a SEP client setting that I missed within those SEPM lionks mentioned above? Will I always expect to see only three definition folders on the local client? Is there some policy somewhere so I can command the SEP client to delete the older definition files and only maintain the latest definitions? Does SEP-12 handle the management of client side defintiions any differently?



  • 4.  RE: Question on expected behavior on SEP-11&12 Virus Definitions

    Posted Jul 22, 2011 07:29 AM

    Can anyone in the Symantec community with any insights on this topic that can help me out?



  • 5.  RE: Question on expected behavior on SEP-11&12 Virus Definitions

    Posted Jul 22, 2011 07:47 AM

    With SEP 11, the client would (generally) maintain 3 sets of definitions.  This can go up or down by one depending on where the client is during installation of new defs or remediation of bad defs, but generally speaking, it keeps 3.

    SEP 12 keeps only one.

    This isn't configurable for either product.



  • 6.  RE: Question on expected behavior on SEP-11&12 Virus Definitions

    Posted Jul 22, 2011 08:42 AM

    Thank you Chris!