First check if you SEPM manager is updated
go to admin-servers-click on local site at the bottom click on show downloads
make sure all the 32bit and 64 bit are upto date.
if  its updated means your clients are not taking it.
check that and let us know

Please check the communication first.

https://www-secure.symantec.com/connect/forums/clients-not-pulling-new-av-definitions-symantec-endpoint-protection-manager

Make sure you have the green dot on the clients.

Hi, yes, the SEPM manager is updated. It shows both the 32 and 64 bit are up to date. The server shows up to date on the front screen with all the clients on an old def from months ago. They were up to date a week ago and suddenly dropped to really old defs. I have tried to re-install a client install which works but then the defs go straight to the same old version.

There were several bugs and other problems with MR2. I would suggest you consider an upgrade to at least MR3 it has proved to be more stable, MR4 seems good also.

Is there any chance you are out of disk space for virus definitions?

this link might help you to go on the right direction

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/8903bc2367f16757882574c600633922?OpenDocument

I've got an MR4 systems that is doing exactly this too !

It installs the 32bit SEP client, green indicator, and then runs a scan and then shortly afterwards the definitions revert back to August 2008, grey indicator..????

The main server which is a 64bit SEP client seem to update itself OK though..only the 32bit machines are reverting back to August defs ??

Anyone know why it's doing this ?

Jim.

In the live update downloads folder it looks that it's only downloading for 64bit platform ???

Where are the settings that control this ?

I'm researching why I have clients, that have been installed for months now and regularly update just find, revert back to an August 19th virus defs and then loads the latest defs 10 second later. This happens in the middle of the night so I'm not sure what year but it's an interesting similarity to Jim's issue. I have a case opened with Symantec but if anyone else has seen this, let me know.

 I guess Aug 19 would be the defs that would have been loaded when SEP was installed.

Nope, it was installed in March 2009 not August

When the client installs it installs November defs, even though the x64 server is on Dec defs ?  then a few minutes later it posts and event in the event log on the PC saying that it's updating the defs and then they roll back to August 11th

Where can I start looking into this ?  I've removed and reinstalled the SEP client, makes no difference.

Don't really want to take it all off and reinstall again..

Will suggest you to remideate SEPM definitions and  upgrade SEPM and Clients to MR5 11.0.5002.333.

>>Will suggest you to remideate SEPM definitions

Please, what does this entail ?

As for upgrading can I just install over the top/upgrade ?

For upgrading yes..Just Install the Latest version over the top and it will upgrade but do remember to take a backup of the database before that.

For Re-Population SEPM definitions

 1. Stop SEPM server service.

2. Go to C:\program files\symantec\symantec endpoint protection manager\Inetpub\content\{C60DC234-65F9-4674-94AE-62158EFCA433}" folder and move all of the subfolders to another place, such as C:\Temp if you want a backup, otherwise delete the sub-folders.

Database cleanup for 32-bit SESC Virus Definitions:

3) Go to C:\Program Files\Common Files\Symantec Shared\SymcData\ and delete the following folders:
sesmipsdef32
sesmipsdef64
sesmvirdef32
sesmvirdef64

4)In the registry, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps.
Delete these keys
SymcData-sesmipsdef32
SymcData-sesmipsdef64
SymcData-sesmvirdef32
SymcData-sesmvirdef64

5). In the registry, navigate to and delete the following keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmipsdef32
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmipsdef64
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmvirdef32
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\SharedDefs\SymcData-sesmvirdef64

6). Start the SEPM service back up.

7). Run Live update from within the Symantec Endpoint Protection Management console.

This will re-populate the database which in turn will update the moniker folders.

 http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008041516215948

Downloading 11.0.5 right now...is this the same as 11.0 RU5/MR5 as you mention ?

I'll give your other instructionsa a go first before I upgrade anyway just to see if it works.

Many thanks Vikram

Migrating to Symantec Endpoint Protection 11.0 RU5 

Hi Z3rocool,

I am sure that the comments posted above must have helped you with the ssue you are facing. You can refer to the following article as well to troubleshoot liveupdate issues:

https://www-secure.symantec.com/connect/articles/t...

Aniket

I've download an upgraded the Symantec Protection Manager to 11.0.5 all went well..

How do I upgrade my SEP setup.exe deployment packages ?

They appear to still be 11.0.4 ?

When I run the Migration and Deployment wizard as I did in the initial install I don't seem to have an option to create new deployment packages ?

If I attempt to choose the existing Group name it just says that it already exists, do I have to create a new Group ?

Basically I want to update my SEP installation packages from 11.0.4 to the new 11.0.5

I've been into Symantec Protection Manager and have deleted the 11.0.4 32bit and 64bit packages and only have 11.0.5 32bit and 64bit packages in the list.

But it seems that I need to update the installation setup.exe packages as well somehow ?

Jim.

Well you can export setup.exe's for MR5 but no need
Just assign the Mr5 packages to the groups and it will automatically upgrade
Follow this article
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009090313483348 

Already followed that one, but I don't want the setup.exe SEP client installs which are in my deployment folder to stay as 11.0.4 ?

Are you saying that if I follow the article it will update these to 11.0.5 ?

I'm choosing to only install only the AntiVirus part and not the Proactive Threat Protection or Network Threat Protection.

How can I get new setup.exe files based on 11.0.5 with the same install options a I previously setup for 11.0.4 ?

I don't want to automatically update any installs, rather I want to go round to each machine in a controlled way and manually run the setup.exe from a network share.

I've currently manually uninstalled 11.0.4 from several client PC's as regards my initial problem.

So I just want to create some fresh 11.0.5 setup.exe's to install from with the options I specified,

Thanks

Jim.

 Check these two Link for how to export customized install package ( single setup.exe ) from SEPM
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007110513361348

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007111409432848

If you assign the package it will upgrade the existing clients to MR5 without doing anything and it will keep the existing feature sets that is it will not add NTP or PTP.

OK, that's getting there...can I only export and create a 32bit or 64bit installation package one at a time ?

During the original install it created both 32bit and 64bit together at the same time and created sepearte 32bit and 64bit subfolders for each..

I tried selecting both of them from the right hand window and it said only seelct one at a time, but it seem it doesn;t de=signate whether it 32bit when it creates the folder to put into.. ?

 Well..From Exporting package from SEPM if you follow the Links above.
At a time you can either export a 32 bit package or 64 bit package you cannot export both at the same time. Once 32bit MR5 package is exported you can export 64 bit Mr5 package.

So it seems I cannot exactly replicate the folder structure that the original installation sets up when initially running the Migration and Deployment wizard ?

I currently have:

E:\Program Files (x86)\Symantec\SEP Client Install Packages\TESTDOMAIN_32-bit

E:\Program Files (x86)\Symantec\SEP Client Install Packages\TESTDOMAIN_64-bit

And very much wanted to maintain this if possible.

Hmm..I just deleted the group and then ran the Migration and Deployment wizard again, that  seems to give me what I want.

Thnaks

Jim.