I understand that I can change the number of content revisions that I keep. It is currently at 10. I’ve heard from another Symantec tech in the past that the current recommendation for this is 42, which should cover 2 weeks, at 3 revs per day.
My question is, currently we have our main server connect to Symantec once per day for the antivirus updates. The other servers pull from that main server and do not go to Symantec. I believe that means that even if Symantec release 3 updates in a day, we only download 1 of them. (Correct me if I’m wrong.)
Does that mean that my content revisions settings at 10 is holding 10 days worth right now? Or is it holding approximately 3 1/3 days worth (assuming 3 revs per day…I understand that the revs per day is not a constant and 3 is just an average).
Basically, I’m asking if our server is holding 1 content rev per day, or more like 3 per day? We check every morning, so we might only be pushing the morning definitions out, but we do have some remote users that go directly to Symantec.com for their updates. I guess there is a chance that they could get a definition in the afternoon, resulting in a different definition that our main server has, resulting in our main server needing to account for that….which may mean that the server has to compute all of the revs for each day.