SEPM GUP ENV (LU SCHEDULE LU CANCEL LU MONTH DAT LU CANCEL REP BW
WE ARE RUNNING SYMANTEC ENDPOINT PROTECTION MANAGER 11.0.7200.1147 with updated client version 11.0.7200.1147
We have difference remote location to which we made GUP on each location of download update from server
As I read some of the technical document we cannot run LIVE-UPDATE adminsitrator with GUP senerious
so
1)- I want to schedule the client live without selection of option <USE internal live update server/symantec lu server> etc
2)- In live update schudule content download daily/continously/weekly No monthly option and day of the week of option
in live update schedule there must be download content monthly option if required
in live update schedule there must be day of the week and date option
3)- while reducing bandwith lower from 32kbps of GUPs cause's CPU 100% usage?
often symantec client mainly gup smc etc goes 100% CPU usage no solution tell yet ?
4)- there must be a admintrative options/commands to cancel download from the time period/day/day/hours etc
command/admin option/tool to cancle downloaded for a time period/day/week etc
5)- GUP download liveupdate if link is drop start from zero there must a routine/update that GUP should resume its last download which was aborted by link drop etc
GUP start download from zero while link chowk/drop etc of remote site...GUP must resume download as seen hudge download traffic and there must be PUASE /RESUME/stop all option command for live update download to specifice network/group/clients
6)- we have some of bigger location for which kept SEPM server with replication and due to replication in night hudge amount of data transfer b/w SEPM server so
SEPM replications controlled with bandwidth we can specify bandwith limited for replication and there should be PAUSE /resume option in replication
there must be option of bandwith while replicaiton
i am waiting for update acknowledgment of propper solution
Thanks
Haroon
92-333-3670519
Comments 6 Comments • Jump to latest comment
GUPs are "dumb slaves" of SEPMs to help distributing content. It's only possible to schedule client downloads from internal or external LiveUpdate servers. The content download from SEPMs (and GUPs) is controlled by the client heartbeat and the communication mode.
Keep in mind that SEP clients with a month old content are nearly useless. Tons of malware are created every day. In my opinion, clients should be updated daily -- at least!
If your main issue is a very slow content download from SEPM to GUPs, it's possible that your GUPs have to download the full content very often (~180 MB). To prevent this, check the number of content revisions the SEPM saves. The more revisions the SEPM holds, the higher is the probability it is able to create "delta files", small incremental content files which are often not bigger than 500 KB or even less (on regularly used PCs).
Symantec publishes about three new content versions per day. If the SEPM downloads every 4 hours (default), it will get these three content revisions. To cover a time range of a week you have to save 21 content revisions (~ 24GB on hard disk). That means that every client with content not older than one week will get delta files. The traffic between SEPM and GUPs should decrease dramatically.
The number of content revisions the SEPM saves can be configured here:
Admin > Servers > Local Site > Edit Site Properties > LiveUpdate > Disk Space Management for Downloads
Have a look at these documents:
Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)
http://www.symantec.com/docs/TECH93813
Group Update Provider(GUP): Sizing and Scaling Guidelines
http://www.symantec.com/business/support/index?page=content&id=TECH95353&locale=en_US
GUP Videos (excellent!)
https://www-secure.symantec.com/connect/videos/group-update-providers-part-1
https://www-secure.symantec.com/connect/videos/group-update-providers-part-2
Most of your points have already been answered by Greg. I would just add you might not need to use LiveUpdate Administrator or replication, based on your architecture:
http://www.symantec.com/docs/TECH92051
If you have any enhancement request you would like to bring to the attention of development team/product managers, please use proper section of Symantec Connect (https://www-secure.symantec.com/connect/security/ideas).
Please remember to mark the proper comment as SOLUTION:
- to identify threads that do not require further assistance
- to let other visitors know how to fix such issue
i increase number of content keep by sepm liveupdate...
but
i need solution for
1)- GUP/Client lu /update download ....control through command/admin option ...so administrators can pause/resume/stop/start live update of a network/group/users etc
2)- GUP client lu content etc download aborted over WAN start from zero again ...they must resume from last position ...as seen more extra traffic
3)- SMC etc EXE file taking 100% of CPU usage have seen ...what the exact reason ..because this seen to GUP only if bandwith reduce from 32kpbs ..but now upgrade to 11.0.7... seen to many of the remote location ...why this happen
4)- SEPM server replication occupy remote location full bandwidth ...there must be bandwith speed limitation option
5)- SEPM server replication stop/start option but no PAUSE/RESUMRE option
AND
6)- Client/GUP download content shedule option not available we have to select internet live update server option then shedule enable there must be shedule option without selection internal live update server and there should be option for stop/pause/start/resume these cotent
As I told you previously, if you want to ask for a new feature to be implemented in newer release, please use the right section of this website (https://www-secure.symantec.com/connect/security/ideas) => to answer your questions 1, 2, 4, 5, 6.
I also want to repeat what i said before: if you configure your environment properly (see my links and the ones from Greg), you should not need such new configuration features (they also sound to me difficult to implement as it would mean completely change the communication process between clients and SEPM).
Finally, regarding your question 3, keep in mind bandwidth throttling may have a negative impact on you client updates. An example:
- one client requires a Full.zip file (Full definition set) - about 190 MB
- if you have 32kbps bandwidth limit, client or GUP will need 13 hours (!) to download the file
- it is most likely that new definition would be received on SEPM side in the meantime, therefore client/GUP would required another file just after
Bandwidth Throttling can then impact performances if many clients are asking many Full.zip, which are taking hours to download. Moreover, keep in mind Symantec recommends to use Server machines as GUP for better performance and no connection limit.
If you have any advanced technical question about the configuration, I would suggest you to open a ticket with Symantec Support (http://www.symantec.com/support/contact_techsupp_static.jsp).
If you want to discuss in details about your architecture and Best Practices/configuration for you, I would suggest you to rather contact Symantec consulting services (http://www.symantec.com/it-consulting-services).
Please remember to mark the proper comment as SOLUTION:
- to identify threads that do not require further assistance
- to let other visitors know how to fix such issue
we cannot schedule to download live update content ...without selection option of internal live update server
It is important to understand how the update process is working:
- LiveUpdate is only used to download content from Internet or internal LiveUpdate Administrator server. It is following LiveUpdate schedule, which may be configured either in SEP client interface or in LiveUpdate policy
- Clients are using classic HTTP connection when they update from SEPM or GUP. The update frequency is based on communication settings (PUSH/PULL mode, heartbeat - http://www.symantec.com/docs/TECH94711), on SEPM side
There is no priority between updates from SEPM and updates from LiveUpdate, as they both use separate methods and schedules (they will work in parallel). The first one that will have access to a newest definition will download it.
Please remember to mark the proper comment as SOLUTION:
- to identify threads that do not require further assistance
- to let other visitors know how to fix such issue
Would you like to reply?
Login or Register to post your comment.