Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Setting Up Endpoint protection to Automatically Update.

Created: 07 Aug 2013 • Updated: 12 Aug 2013 | 15 comments
This issue has been solved. See solution.

Hello All,

I was wondering is it possible to set the Endpoint protection to automatically update the virus/threat definition without being connection to the Protection Manager?

What I am looking to do is enable our laptop the ability to automatically download the update without being connected to our network. Does anyone know if this can be done if so could you provide instruction on doing so?

Thanks,
Vinh

Operating Systems:

Comments 15 CommentsJump to latest comment

.Brian's picture

Yep. You can create a separate location for OFF network and you can assign a policy so that clients go out to Symantec liveupdate. Good example here:

Setting up Scenario Two location awareness conditions

Article:HOWTO80747  |  Created: 2012-10-24  |  Updated: 2013-06-06  |  Article URL http://www.symantec.com/docs/HOWTO80747

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Rafeeq's picture

Check this

How to configure mobile computers to automatically download virus definitions when disconnected from the Symantec Endpoint Protection Management console

http://www.symantec.com/docs/TECH104571

Mithun Sanghavi's picture

Hello,

What version of SEP are you running?

In case, of SEP 11.x, please check out the below link:

How to configure mobile computers to automatically download virus definitions when disconnected from the Symantec Endpoint Protection Management console

http://www.symantec.com/docs/TECH104571

In case, of SEP 12.1, please check out the below link:

Configuring mobile computers to automatically download definitions when disconnected from the Symantec Endpoint Protection 12.1 Management console

http://www.symantec.com/docs/TECH177361

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Vdang's picture

Hello Brian,

I have enable manage location for our laptop group and set the switch to "client computer does not connect to management server." However, it does not appear that our laptop are automatically updating the virus/threat definition off the network.

a screen shot below should allow you to see what kind of setting I have made.

 

Capture.JPG
.Brian's picture

Did you assign a new LiveUpdate policy and set a schedule?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Vdang's picture

I have not assign a new LiveUpdate Policy. I am actually using one that has been set by my system admin that has a schedule set.

The policy that is in place at the moment is exactly as mention in the previous post by Mithun for version 12.1. http://www.symantec.com/docs/TECH177361

I have test this setup on a laptop that we have and apply the new location policy update that I recently create. From there I left it disconnected from our network for a couple of days and hook it up to an external connection about a week later to see if it is able to update by itself, but it didnt seem to so.  

According to the documentation it appears that the endpoint protection does not update itself unless the virus/threat definition is about 2 days old.

Brian, do you know how long it usually takes the endpoint protection client to update itself?  

 

.Brian's picture

Do you have two locations created, one for ON and another for OFF, or something similar?

The ON network location will have a different policy than the OFF network location.

The OFF network policy should be to go out to connect to Symantec LiveUpdate.

Defs are released 3x a day Mon-Fri so if it hasn't been updated in awhile than the configuration is not correct.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Vdang's picture

I just check and it looks like we have two location policy. Aside from the one I create the other one did not have a switch condition; therefore, I ended up added one which was "switch to this location client computer connects to management server."

The currently setting for the liveupdate for the default location is as follows:

Capture.JPG Capture1.JPG
.Brian's picture

Did you confirm the client switched to the Off network location?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Vdang's picture

It appears to have taken switch to the off network location as shown below.

Capture.PNG
.Brian's picture

Than per your policy, it should check every 4 hours. Still not working?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Vdang's picture

It appear to be switching from the on and offsite location which is a very good start.

I will get back to you within about a day or so and let you know if our laptop were able to actually update dates offsite.

Hopefully this would work. Thanks for your help Brian as well as the other posters Rafeeq and Mithun.
 

.Brian's picture

Glad to help. Let us know how it goes.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Vdang's picture

Hello Brian,

I was finally able to test it out today and it appears to be working. I believe what happen was that I had only one location added which was for the offsite. By adding a second location one for the internal network appear to have resolve this issue.

Therefore, thanks for your support.

Sincerely,
Vinh Dang

.Brian's picture

Correct. By doing that, you can than apply a separate LiveUpdate policy to update clients while off the network.

Please don't forget to mark the post that helped the most as solved. This will benefit future users searching for a solution to the same problem.

Thanks and take care,
Brian

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION