Endpoint Protection

 View Only

  • 1.  Questions about Endpoint Protection / Group Update provider and VPN connections

    Posted Aug 28, 2009 03:41 PM
    We're looking at moving from using sites at our branch offices to just having the server there be the group update provider. Each site has a t1 connection, and is connected to the main office's firewall over it's t1via vpn. This t1 provides the vpn and internet for the main office. I have a few questions to make sure we're making optimal use of our limited bandwidth.

    1) How much bandwidth is used in the GUP configuration over the VPN, verses the sites using their own internet connection to download liveupdates?

    2) How big are the definition files? I think I remember speaking with tech support at one point and they mentioned that it's a "delta file transfer", meaning they should be small, but 5mb? 10mb?

    3) How often does the replication take place with the "main" server?

    4) Can these updates be configured to run only during off-peak hours?

    5) What happens if the VPN connection goes down, does that remote site end up being stuck at whatever definitions it had until the connection is re-established?

    Thanks in advance!


  • 2.  RE: Questions about Endpoint Protection / Group Update provider and VPN connections

    Posted Aug 28, 2009 03:58 PM
    1) How much bandwidth is used in the GUP configuration over the VPN, verses the sites using their own internet connection to download liveupdates?
    In case of GUP only the GUP will come to the server to take the update and inturn update the client. So if you have 100 Clients ay each site and if you configure a  GUP the traffic will reduce to 1/100 times of the original wher all 100 clients where going to SEPM to take updates
     
    2) How big are the definition files? I think I remember speaking with tech support at one point and they mentioned that it's a "delta file transfer", meaning they should be small, but 5mb? 10mb?
    The delta is about 200 -300 Kb
    3) How often does the replication take place with the "main" server?
    You can set the replication frequency as per your requirement
    4) Can these updates be configured to run only during off-peak hours?
    Yes
    5) What happens if the VPN connection goes down, does that remote site end up being stuck at whatever definitions it had until the connection is re-established?
    No if the Client do no get definition from GUP they will come to SEPM and if they are not able to contact SEPM they will go to the internet. But this needs to be configured in the LU policy


  • 3.  RE: Questions about Endpoint Protection / Group Update provider and VPN connections

    Posted Aug 28, 2009 04:00 PM

    Title: 'Group Update Provider: Sizing and Scaling Guidelines'

    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009080400343648?Open&seg=ent


    Title: 'How to configure GUP bandwidth throttling in Symantec Endpoint Protection 11.0 MR4?'

    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008121722041748?Open&seg=ent

    Also SEP MR5 will be released next month , it will have more functionality added to GUP 


  • 4.  RE: Questions about Endpoint Protection / Group Update provider and VPN connections

    Posted Aug 28, 2009 04:25 PM
    Thanks for the information, I'll check out these links.


  • 5.  RE: Questions about Endpoint Protection / Group Update provider and VPN connections

    Posted Aug 29, 2009 03:58 AM
    Mr.Prachanchand can u tell me how we can configure GUP to download updates in off-peek hours? I am not able to find such an option I am using SEP 11 MR4


  • 6.  RE: Questions about Endpoint Protection / Group Update provider and VPN connections

    Posted Aug 29, 2009 06:19 AM
    Aravind, the GUP takes update from the SEPM. So the policy that holds for the Client also holds true for the GUP. Go to the Policy  and Select the Liveupdate Policy

    1. Click on "Server Settings" menu.

    2. Check the box for "Use a LiveUpdate server" option.

    3. Keep the checked on box for "Use the default Symantec LiveUpdate server" option.

    4. On Group Update Provider and check the box for "Use the Group Update Provider as the default LiveUpdate server".

    5. Click on "Group Update Provider" button and insert the Host or IP Address that the machine you want to choose like a GUP

    7. Click on Schedule menu.

    8. Configure the schedule that is appropriate for your environment.