Endpoint Protection

 View Only

  • 1.  SEPM 11.0.7 is up-to-date; most clients are not updated

    Posted Dec 16, 2011 03:46 AM

    SEPM: 11.0.7101.1056
    SEP clients: 11.0.7101.1056 / 11.0.6300.803

    SEPM downloads: up-to-date definitions (both 32 and 64 bit)

    A large number of clients don't have the latest definitions, most clients are missing up to 7 definition updates. In spite of not having the latest definitions, the client shows that there are no problems detected. When looking at SEP system log, I can see the event Definition File Loaded till december 8, after that, this event don't return. Also new installed clients won't update to the latest definitions.
    I tried to manually update a client, but the definitions are still stuck at december 7. The result of the manual update is as follows:
     

    Connecting to liveupdate.symantecliveupdate.com
    Downloading catalog file (1 of 3), product up-to-date
    Downloading catalog file (2 of 3), product up-to-date
    Downloading catalog file (3 of 3), product up-to-date
    All of the Symantec products installed on your computer are currently up-to-daate. Remember to check for new updates frequently.
    LiveUpdate session is complet    e

    I ran the Symantec Support Tool, but no errors are showed up. I uninstalled/reinstalled the client, even a complete new installation of W7 didn't update. I read some articles, but none helped me to solve this problem, anyone other suggestions?

    Kenneth



  • 2.  RE: SEPM 11.0.7 is up-to-date; most clients are not updated

    Broadcom Employee
    Posted Dec 16, 2011 04:24 AM

    post the log.liveupdate from one such system



  • 3.  RE: SEPM 11.0.7 is up-to-date; most clients are not updated

    Posted Dec 16, 2011 05:37 AM
      |   view attached

    I attached the logfile in txt format.

    Attachment(s)

    txt
    logliveupdate.txt   2.32 MB 1 version


  • 4.  RE: SEPM 11.0.7 is up-to-date; most clients are not updated

    Posted Dec 16, 2011 06:55 PM

    Of all the clients that are not updating, do they belong to a certain group or location in your SEPM? Are these clients able to communicate and receive policy updates from the SEPM?

    You might want to refer to these docs for communication troubleshooting:

    Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity
    http://www.symantec.com/docs/TECH105894

    Troubleshooting communication problems between the management server and the client http://www.symantec.com/docs/HOWTO26968

    Would it also be possible for you to post a SEP Support Tool from the SEPM? It would be interesting to see how the LiveUpdate policy is set up. Please also provide the name of the group and/or location where these clients seem to be failing.

    Also, are you using any GUPs or LiveUpdate Administrator to distribute content or just SEPM? Are you using any kind of a proxy in your environment?



  • 5.  RE: SEPM 11.0.7 is up-to-date; most clients are not updated

    Posted Jan 19, 2012 05:10 AM

    Of all the clients that are not updating, do they belong to a certain group or location in your SEPM? Are these clients able to communicate and receive policy updates from the SEPM?

    No they do not belong to a certain group, but to all groups. The few clients who are up to date (less than 10%) also do not belong to a certain group.

    Would it also be possible for you to post a SEP Support Tool from the SEPM?

    I included a print screen of the results of SEP Support Tool on the SEPM. There was one error, I do not know if this can be something.

    It would be interesting to see how the LiveUpdate policy is set up. Please also provide the name of the group and/or location where these clients seem to be failing.

    I included the print screens of the LiveUpdate policy. All clients in the groups which you can see in the print screen are failing. The clients which are not failing, are getting up-to-date.

    Are you using any GUPs or LiveUpdate Administrator to distribute content or just SEPM? Are you using any kind of a proxy in your environment?

    We do not use GUP or LiveUpdate Administrator for distribution, only SEPM. We use a proxy (TMG), but the SEPM do not use proxy, it has a direct connection to outside.

    Attachment(s)

    docx
    Error Support Tool.docx   40 KB 1 version
    docx
    LiveUpdate policy.docx   139 KB 1 version


  • 6.  RE: SEPM 11.0.7 is up-to-date; most clients are not updated



  • 7.  RE: SEPM 11.0.7 is up-to-date; most clients are not updated
    Best Answer

    Posted Feb 14, 2012 03:10 AM

    Well, I couldn't find a proper solution so I am convinced that the SEPM database is corrupt:

    I installed a new SEPM on a new server with the same specs (ip address, hostname). After I pushed the new sylink.xml to all clients, the clients connected correctly to the new SEPM.