Endpoint Protection

Hi All,

I've had a support call open for a few months now regarding an issue with one of our SEPM but have yet to find a solution.

One of our replication SEPM's is successfully downloading liveupdates but on the main page it is out of date.  It no longer replicates to another site either. 

I've tried reinstalling the software, uninstalling/reinstalling liveupdates, changing replication and liveupdate times and it still isn't working.

Can anyone help?

Thank you

What version of SEPM are you running?

can you post log.liveupdate?

Hello,

Could you please PM me your Case #?

Secondly, What version of SEPM's are you running on your environment?

Is the SEPM able to download the complete definitions?

What do you see under:

SEPM >> Admin >> Servers >> Highlight Local site >> Click on Show Liveupdate downloads

Could you check this Article: 

"Latest Manager Virus Definitions" on the SEPM Homepage are incorrect after replication

http://www.symantec.com/docs/TECH183671

Hope that helps!!

Hi There,  Thanks for such a quick response.

Version is 12.1.1 on both managers.  I have attached the log.liveupdate from the manager that is faulty.

The latest downloads via the show liveupdate downloads is the 25th July, this is when the manager was reinstalled and hasn't worked since then but when I run luall.exe it seems to download the content just doesn't seem to update the manager to say it's downloaded it. 

Attachment(s)

Log.LiveUpdate_21.txt   4.18 MB 1 version

Hello,

As per the Logs, we see errors as below:

21/08/2012, 08:03:53 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "http://liveupdate.symantecliveupdate.com/sesm$20antivirus$20client$20win64_12.1_english_livetri.zip", Estimated Size: 0, Destination Folder: "C:\ProgramData\Symantec\LiveUpdate\Downloads"
21/08/2012, 08:03:53 GMT -> HttpSendRequest (status 404): Request failed - File does not exist on the server.
21/08/2012, 08:03:53 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: - NOTE - URL: "http://liveupdate.symantecliveupdate.com/sesm$20antivirus$20client$20win64_12.1_english_livetri.zip", Full Download Path: 

What happens if you run the Liveupdate from SEPM?

Are you using any Proxy? If yes, please ensure the Proxy settings are set properly on the SEPM server- 

https://www-secure.symantec.com/connect/articles/how-configure-proxy-settings-symantec-endpoint-protection-manager-sepm-121

Also, make sure you have proper rule on the proxy to allow all this IP which may resolve the issue.

Secondly, 

Open IE--> tools--> Internet options --> security --> security level to this zone.

Changing the IE security option to middle or low can resolve  this issue.

Did you try updating the SEPM with the .jdb file and check if the SEPM gets updated?

How to update definitions for Symantec Endpoint Protection Manager (SEPM) using a .jdb file

http://www.symantec.com/docs/TECH102607

Hope that helps!!

Hi Mithun,

I don't think it is a proxy issue as it does appear to be downloading the updates and eventually says successful.  I've also ensured Windows firewall is turned off.

When I download the .jdb file it does appear to run then after a couple of minutes the file changes to say:

vd3a2a02.jdb.err

I'll try to find out where the error messages may be outputted to but thank you for your suggestions.