Endpoint Protection

 View Only

  • 1.  SEPM -> Sym LiveUpdate FW rules

    Posted Feb 03, 2012 04:47 AM

    Hello everyone,

    We need to implement firewall rules in order to allow SEPM to connect to Symantec LiveUpdate servers. From the information that I have from this link http://www.symantec.com/business/support/index?page=content&id=TECH131843&key=55357&actp=LIST  it is written that LU connects over TCP ports 80 (HTTP), 21 (FTP) and 443 (HTTPS) and few domains are listed.

    Q1: Can we create FW rule only to allow connection over port 443 and not 80 and 21? Can SEPM downlaod content via HTTPS and are the domains the same?

    Q2: Is the FTP link that SEPM can use in case of FTP download the same - update.symantec.com/opt/content/onramp or it has been changed?

    Thanks



  • 2.  RE: SEPM -> Sym LiveUpdate FW rules

    Broadcom Employee
    Posted Feb 03, 2012 05:02 AM

    LiveUpdate connects via HTTP to the domains symantec.com, liveupdate.symantecliveupdate.com, and akamai.net.
    If a connection fails, LiveUpdate tries to connect to one of the other listed domains. The listed domains may change because of server maintenance.
    If LiveUpdate cannot make an HTTP connection, LiveUpdate connects via FTP to update.symantec.com



  • 3.  RE: SEPM -> Sym LiveUpdate FW rules

    Posted Feb 03, 2012 06:59 AM

    then in which case will HTTPS used, if HTTP and FTP are not available?



  • 4.  RE: SEPM -> Sym LiveUpdate FW rules

    Posted Feb 03, 2012 11:39 AM

    Hi,

    No, it does not work with HTTPS only, HTTP and FTP are required as well.

    www.symantec.com/docs/TECH139451



  • 5.  RE: SEPM -> Sym LiveUpdate FW rules
    Best Answer



  • 6.  RE: SEPM -> Sym LiveUpdate FW rules

    Posted Feb 03, 2012 11:52 AM

    thanks Giuseppe, that's very helpful