Endpoint Protection

 View Only

  • 1.  Running SEP in a closed network.

    Posted Jun 22, 2009 08:41 AM
    How do I update Threat Protection in a closed network environment.? I have a medium large setup with about 100 clients and 200 servers in a closed network with no connection to the Internet.
    Is it possible to update Threat Protection without the system is connected to the Internet.?


  • 2.  RE: Running SEP in a closed network.

    Broadcom Employee
    Posted Jun 22, 2009 08:51 AM
    are these systems communicate to SEPM? Is the SEPM able to download and update the definition ( i.e. connected to internet)? if yes, then only client will be able to update.

    there is no way of manually updating the NTP or PTP defs.

    cheers
    Pete


  • 3.  RE: Running SEP in a closed network.

    Posted Jun 22, 2009 09:11 AM
    Thanks for the reply.

    Yes all hosts are managed by the SEPM – SEPM is not connected to the Internet.
    So I guess there is no way..



  • 4.  RE: Running SEP in a closed network.

    Posted Jun 22, 2009 09:24 AM
    There is a way You can try to configure the Liveupdate server & try to connect your SEPM to the LUA but for that you will need your LUA to be in network that has internet connectivity.
    & SEPM should be able to talk to LUA.


  • 5.  RE: Running SEP in a closed network.

    Posted Jun 22, 2009 09:47 AM
    Yes this could be the solution, having the LUA connected to the Internet and disconnected to the SEPM – When clients are updated the LUA is disconnected from the Internet and connected to the SEPM. Would this give any problems, beside the manual work..?


  • 6.  RE: Running SEP in a closed network.

    Posted Jun 22, 2009 10:25 AM
    If you have the capability of getting onto the Internet from a different machine, Dial-up, direct connection, etc. 
    You could always consider manually updating the SEPM server on a daily basis. 

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008030710560348

    This will allow you to download the necessary files for AV/AS etc. at your convenience and place them into the server whenever you are ready to do so.  It would save you the time of configuring a LUA server, the cost of the machine, etc.  As well as the leg work of; plugging it to the internet, downloading definitions, disconnecting from the Internet, connecting to the network, updating server, and than distributing the definitions. 

    You could possibly do this from home or any Internet connection. 

    Just my 2 cents.


  • 7.  RE: Running SEP in a closed network.

    Posted Jun 23, 2009 02:31 AM
    Hi,

    This kb will help....http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007100820002048

    Download the file daily and upload into your SEPM and it will push down to your clients in closed network.
    Follow the kb i give u. Its very details. However it only updates the AV/AS. The others are not updated.

    Hope it helps~