Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP clients always download definitions from SEPM, bug?

Created: 07 Mar 2013 | 9 comments

Hi,

I have a policy for Live Update sin SEPM v11, now in SEPM v12 I have a problem where all clients download the virus definition form the SEPM and not from Symantec LiveUpdate servers.

Is this a bug? How do I prevent this from happening?
I want the clients to download content or virus definition only from Symantec Public LIve Update servers.

Many thanks
Oliver

Operating Systems:

Comments 9 CommentsJump to latest comment

.Brian's picture

In the LU policy, did you uncheck "Use default management server" on the Server Settings tab?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

You have two SEPMs? 11.x and 12.1? Or did you migrated from 11.x to 12.1? Try to recreated the LU policy on the new SEPM and assign to client - making sure that only the user the Liveupdate Servers option is selected.

W007's picture

Can you post your live update policy setting 

Uncheck the "Use default management server" from the Liveupdate Policy.

and check this Article:

Symantec Endpoint Protection Manager 12.1 - LiveUpdate - Policies explained

http://www.symantec.com/docs/TECH178257

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Rafeeq's picture

How do you check to see if its getting updates from SEPM? any network traffic log or SEPM logs?

oliversl's picture

Hi all,
here are the answers:
- I always had and have "uncheck: Use default management server"
- I migrated from v11.x to v12.x
- I have only 1 SEPM
- I have high traffic on VPN, I shutdown SEPM and the traffice stops
- I did not re-create the policy, will try this a report.

Regards,
Oliver

http://tinymailto.com/oliversl <-- my email after a captcha

Rafeeq's picture

Monitor -Logs - client server activity check where the clients are downloading updates from

I guess the vpn clients are reporting to different groups where LU is configured to get from SEPM

or a location specific policy defined for vpn

oliversl's picture

The traffic is not the issue, I know that the SEP clients are using the SEPM as live update, thanks to traffic sniffing, etc. There is no Internet conection problem whatsoever. Its pure SEPM or SEP related.
 

Give a couple of hours and I will recreate the policy. It should be a bug after migration.

http://tinymailto.com/oliversl <-- my email after a captcha