Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Set only liveupdate on remote client

Created: 13 Nov 2012 | 13 comments

Hello, I have a problem after upgrading from SEP12.0 to SEP12.1.

We have some remote managed PC, to avoid bandwidth problem on our SEPM they was configured to use LiveUpdate and not the ManagementServer:

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate\UseManagemetServer = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate\UseLiveUpdateServer = 1

After updating this key are automatically set to

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate\UseManagemetServer = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate\UseLiveUpdateServer = 1

after each system startup. As result the client download virus def from SEPM and not from liveupdate.

Is there any way to force the remote PC to use LiveUpdate and NOT SEPM?

Comments 13 CommentsJump to latest comment

.Brian's picture

In your LiveUpdate policy, check the option to "Use LiveUpdate server" and make sure "Use the default Symantec LiveUpdate server" radio button is checked and uncheck everything else.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

man101's picture

I have not a radio button "Use the default Symantec LiveUpdate server", our product is a small businnes edition

Rafeeq's picture

Follow these steps to enable LiveUpdate scheduling for client computers

1

In the console, click Policies.

2

Under Policies, click LiveUpdate.

3

Right-click the policy that you want and then click Edit.

4

Under Windows Settings, click Schedule.

5

Check Enable LiveUpdate Scheduling.

6

Specify the frequency and the retry window.

7

Click OK.

To disable LiveUpdate scheduling for client computers

1

In the console, click Policies.

2

Under Policies, click LiveUpdate.

3

Right-click the policy that you want, and then click Edit.

4

Under Windows Settings, click Schedule.

5

Uncheck Enable LiveUpdate Scheduling.

6

Click OK.

Configuring the LiveUpdate download schedule for

client computers

The LiveUpdate client schedule settings are defined in the LiveUpdate policy.

To save bandwidth, Symantec Endpoint Protection Small Business Edition clients

run scheduled LiveUpdates from the Symantec LiveUpdate server only if both of

the following conditions are met:

Virus and spyware definitions on a client computer are more than two days

old.

Aclient computer is disconnected from Symantec Endpoint Protection Manager

for more than eight hours.

To configure the schedule for LiveUpdate downloads to Windows client computers

1

Click Policies and then click LiveUpdate.

2

Right-click the LiveUpdate policy that you want, and then click Edit.

3

Under Windows Settings, click Schedule.

Configuring updates and updating client computer protection

Configuring the LiveUpdate download schedule for client computers

290

4

Check Enable LiveUpdate Scheduling.

5

Specify the frequency.

If you select

Daily, also set the time of day to run. If you select Weekly, also

set the time of day to run and the day of the week to run.

6

If you select any frequency other than Continuously, specify the Retry

Window

.

The

Retry Window is the number of hours or days that the client computer

tries to run LiveUpdate if the scheduled LiveUpdate fails for some reason.

7

Click OK.

Mohan Babu's picture

Step 1: Go to Client computer open the SEP client User Interface

Step 2: Go to Configure Settings-->Client Management-->Configre settings--> 

Step 3: Disable the Tamper protection

Step 4: Stop the smc services

Goto Run command-->smc -stop -->Ok

Step 5: Goto Services.msc  Stop the SEP services

Step 6: Go to Registry modify the changes to

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate\UseManagemetServer = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate\UseLiveUpdateServer = 1

Step 7 : Goto Services.msc  Start the SEP services

Step 8: Start the smc services 

Goto Run command-->smc -start -->Ok

Step 9: Enable the tamper protection

Thats it you are good to go.........

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

man101's picture

SEP restore the registry key to

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\LiveUpdate\UseManagemetServer = 1

and download from SEPM.

Any other suggestion?

man101's picture

I have clossed the port 8014 on my firevall for incoming VPN connection but now I have no status on SEPM for the remote PC.

Mohan Babu's picture
  • Move those clients on remote sites to a separate group 
  • Create a new liveupdate policy 
  • Check the second option USe external or internal liveupdate server
  • Uncheck the first option Use default management server
  • Assign the policy to the group 
  • Now it will work

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

man101's picture

I have not the options you dercribe. See attachement. We have a Symantec Endpoint Protection Small Businnes Edition Version 12.1.1101.401

SEPM.JPG
Mohan Babu's picture

On small business edition no option like tat as peer the screenshot.

You cannot configure only external liveupdate server for ur remote clients.

1st proirity for a managed client is to fetch updates from SEPM server and second priority to receive from Symantec Liveupdate server.

Content updates (such as Antivirus and Antispyware definitions) will be automatically and silently downloaded by the manager every 4 hours and distributed to the managed Symantec Endpoint Protection clients. Clients will conduct their own LiveUpdate based on schedule

This is product limitation.

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

man101's picture

Wrong, with version 12.0.1001.95 I was able to change the registry key as the original post (solution from Symantec).

Now SEP overwrite the registry key at system startup. How to disable this setting update?

Mohan Babu's picture

See if you are using a managed client managed by SEPM SBE.

Even after you change the registry value to get updates from Symantec server.

After the Heartbeat Interval by default 5 minutes

Client will start communicating to the SEPM and receive the policy

On SEPM the Liveupdate policy for clients is 1st proirity for a managed client is to fetch updates from SEPM server and second priority to receive from Symantec Liveupdate server.

So once the Client  start communicating to the SEPM policy is updated clients will revert the changes that you made.

This is what happening on your case.

If incase you modifing the registry on a unmanaged client it will work absolutely fine without issues.

Because those unmanaged client wont communicate to the SEPM and they never receive policy updates. So what ever the changes that you made to an unmanaged client it will work.

If you want test with a single PC. Convert it as unmanaged and change the registry settings and reboot the computer. It will not revert the changes.

Hope this will give you a better picture..

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

Mohan Babu's picture

How to convert Symantec Endpoint Protection (SEP) clients from managed to unmanaged without uninstalling and reinstalling

http://www.symantec.com/docs/TECH104010

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

man101's picture

The new release is not compliant with our needs! I will unistall the new release an install the old, and see if other product can manage remote client and allow download update directly from internet.