Rapid Release in LUA environment

As far as I am aware the rapid release defs are released to all sources at roughly the same time.

The only difference is probably the brightmail defs as it seems to get a lot of revisions.

The SEPM will push the defs out to the clients as soon as it is applied.

A GUP also needs to talk to its parent rather than just getting an intelligent update etc.

I believe Liveupdate needs to get a lot more than just the single jdb file.

You can also place the jdb manually on the SEP clients or use third party distribution tools.

Does that help?

Z

Many thanks for your response zer0.

Unfortunately, I was looking for a bit more than "As far as I am aware", "probably" and "I believe".

I understand the SEPM and GUP processes, including applying a rapid release through SEPM.

The fact that there is a documented process for applying a rapid release update through SEPM, instead of just manually forcing SEPM to LiveUpdate, suggests that they are not released at the same time.  The logical inference from this is that updates available to LiveUpdate Admin may also be behind an intelligent update that you may want to deploy quickly.

We are using exclusively LiveUpdate Admin for updates.

Sorry to appear ungrateful for your input, but I was hoping for a more authoritative response.

Rapid Release updates are not posted to LiveUpdate at this time.

If I may Peter, I'd like to share a little bit of advise.  Don't use RR definitions on a regular basis in a production environment.  They are not fully tested/vetted for general release at that stage in their development.  In a nutshell, RR are betas for regular definition releases.  They should only be used in a production network at the request of Symantec Support to deal with a specific outbreak.

I used to use them as regular definitions for several years myself.  Every once in awhile there would be some false positive that would cause issues.  One I remember, from 2005 I think, blocked access to excel spreadsheets for a few hours until the next definition release (with the fix) came out. 

Then came late September 2007.  A definition came out that completely locked SAV on all client systems.  I had to pull an all nighter to uninstall/reinstall SAV on every system.  A few days later the same thing happened again.  These were all due to using RR defs and would never have happened if I'd stuck with the regular defs. 

Once upon a time, a case could have been made for using RR, because regular defs weren't so quick to be updated, but now the regular defs are updated at least twice a day, which helps to mitigate the 0-day threats.

Many thanks - but to reassure you, I have no intention of using it as a regular method of updating, merely trying to replicate the means recommended under SEPM of deploying the RR in the case of emergency.  There seems to be a well-documented method nder SEPM, but not for LUA - that was the basis of my query.

Thanks for sharing your experience.  I have not had any problems with RR, which have always worked for me when I have had occasion to use them in the past, but I sympathise with you for that all-nighter you describe.