Video Screencast Help
Give us your opinion and win with Symantec! Please help us by taking this survey to tell us about your experience with Symantec Connect, so that we can continue to grow and improve.  Take the survey.

SEPM Server is causing excessive Bandwidth utilization in one of my sites

Created: 12 Sep 2012 | 7 comments

It is again consuming all the bandwidth in one of my sites, it is using 75% for certain times of the day...The Main (SEPM) server is in New York, the site is in Virginia...the increase in bandwidth is causing network drops to other much needed resources. How can I control it so that SEPM does NOT monopolize the bandwidth?

Clients are Windows 7 64 Bit Systems, XP 32 Bit systems and 2003/2008 on the Server end.

There are GUP's in each site which clients receive the updates from...The same is true for this site, but the network bandwidth will spike and we have run charts that point to the SEPM server as the reason why.

Comments 7 CommentsJump to latest comment

Ashish-Sharma's picture

Minimizing network traffic from client-to-server communications in Symantec Endpoint Protection Manager 12.1

http://www.symantec.com/business/support/index?page=content&id=TECH164737

How To Optimize Endpoint Protection for Branch Offices using GUPs, Load Balancing, and Location Awareness

http://www.symantec.com/business/support/index?page=content&id=TECH94122

Check this thread

Symantec EndPoint Protection 11.x Clients Updates from Management Servers Outside their Managed Scope

https://www-secure.symantec.com/connect/forums/symantec-endpoint-protection-11x-clients-updates-management-servers-outside-their-managed-sco

Abnormal Network Bandwidth usage from SEPM Server to clients

https://www-secure.symantec.com/connect/forums/abnormal-network-bandwidth-usage-sepm-server-clients

Thanks In Advance

Ashish Sharma

Brɨan's picture

Have you run the GUP content monitor to ensure the GUP is activated and actually functioning as GUP?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

W007's picture

Hi,

You can use GUP Distribution Monitor

SEP Content Distribution Monitor (for GUP health-checking)

https://www-secure.symantec.com/connect/downloads/new-sep-content-distribution-monitor-gup-health-checking?page=2

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

pete_4u2002's picture

thats monitoringtool, which shows what all machines are GUP and status of their, i.e. up or down. very useful tool

Mithun Sanghavi's picture

Hello,

Similar Issue on this Thread: https://www-secure.symantec.com/connect/forums/high-bandwidth-usage-endpoint

GUP would download full defs when the client is out of date for a number days. However the traffic increases with each heartbeat interval when the GUP client fails to update itself. 

Check these Articles:

SEP clients download the same content repeatedly from the SEPM or GUP when they have low disk space 

http://www.symantec.com/docs/TECH93110

When will a client download a full definition set from a Symantec Endpoint Protection Manager or Group Update Provider?

http://www.symantec.com/docs/TECH131528

Symantec Endpoint Protection clients download full definitions from Group Update Provider or from Symantec Endpoint Protection Manager 

http://www.symantec.com/docs/TECH122612

With default LiveUpdate content revision settings configured within the Symantec Endpoint Protection Manager, clients are downloading full definition updates instead of delta updates

http://www.symantec.com/docs/TECH94916

There is a tool which you could use for GUP health-checking:

SEP Content Distribution Monitor

https://www-secure.symantec.com/connect/downloads/new-sep-content-distribution-monitor-gup-health-checking

VIDEO: https://www-secure.symantec.com/connect/videos/sep-content-distribution-monitor-introduction

Hope that helps!!

Mithun Sanghavi
Associate Security Architect

MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Chetan Savade's picture

Hello Bryan,

Make sure following changes are present under liveupdate policy.

Maximum time that clients try to download updates from a Group Update Provider trying the default management server - Set this option to Never

Limit the amount of bandwidth that the GUPs can use when it downloads content from the Symantec Endpoint Protection Manager (SEPM) from within the policy on the Symantec Endpoint Protection Manager.

Screenshot is attached to the reference.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

cus000's picture

Please check if there's any client having lack of disk space at c:/