hi guys,
I got 2 main SEPM in 2 different site. one of the SEPM the summary of Intrusion Prevention Distribution is like this:
Site A
And another site look like this:
Site B
Why SEPM in site A have a huge number in "all others"?
Thanks
Those clients have not yet been updated to the latest revision.
You can run a computer status report to check what version they're on.
How do your clients get updates, from a GUP?
hi Brian,
Im aware of that, but its there any cause that make this to happen?
Are the clients connecting to the SEPM?
How are your clients configured to get updates? SEPM? GUPs? Some other method?
What happens if you run LiveUpdate manually on one affected client? Does the IPS content update?
And you've confirmed those GUPs are online and supplying content to the clients?
How to confirm if SEP Clients are receiving LiveUpdate content from Group Update Providers (GUPs)
all the client connected to SEPM
some of our site we set a GUP server for each region
Is there a replication between Site A and site B? If tyes then , check the replication frequency, it should show up correct status after some time
All the GUP clients are updated?
port 2967 is open between clients and GUP bidirection?
yeap. all GUPs are up and running
Yes, both site is replicate.
how to check the replication frequency?
Hi,
what do u mean all the GUP clients are updated?
all port are open for SEPM services
Can you check the replication-0.log: to see if replication was successful between site a and site b
Hi
If replication is set can you change the frequency to Auto and check
Regards
where to find the log?
btw, why is replication frequncy affected intrusion distribution to clients?
why is replication frequency affected intrusion distribution to clients?
It likely won't.
meaning the frequency doesnt affect the Intrusion distribution?
what is the cause of this issue?