It is very hard to under stand what excatly you are trying say. Howevery if wnat to know how to setup GUP then follow the below mention document.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008052712534748

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008081810593048

I agree with Happytohelp that it is not clear what you have in mind but I try to clarify something.

1) There is no sense to install the SEP Manager in a laptop unless it is just for a test

2) there is no sense to set a Manager as GUP. The Manager is already a point of content deployment. A GUP should be set to help the Manager in the content deployment load not to duplicate the same job in the same machine.

3) It is not possible to push the content to the clients. You have to set your SEP architecture and be sure that the content is downloaded and the rest will happen automatically unless you missconfigure the product.

Regards,

Hi,

Bascially my client has uploaded the latest virus definition to the SEP MAnager on the laptop.

He wish to push the latest definition to the SEP Management Server on the isolated network.

My question is can I set the GUP IP address such that it is a SEP Management Server.

Can you please explain in more detail what exactly are you trying to do?

A Manager cannot be a GUP, and a Manager cannot take definitions from a GUP.
If you want to update your SEP Manager in the isolated network (I guess without Internet) you have three option:
1) set up the two managers as replication partners
2) install LiveUpdate Administrator (CD2) in the laptop (or in a better place like a server), and set your SEP Manager A to take the definitions from LUA (LUA takes definitions from Internet)
3) Manually download the definitions and move them in the SEP Manager A (every day... or at your convenience)

Regards,

If I am getting your question right then you want that A GUP should update definition on SEPM  that is in a isolated network...
But it is not possible.
Options available for you is either set up replication between both SEPMs the one with and without internet.
Install a LUA and SEPM will retreive defs from LUA.

My objective is to temporary let the laptop join the network.

When the definition is pushed down to the Management Server which is added as a GUP.

The laptop will be removed from the network.

The management server which is a GUP client, received the updated definition will be distributing it to the rest of the client

You can acheive this but it will be a bit difficult.

What you can do is the Laptop will be the gup client on both the SEPMs.
But when you join it to the network which has internet you will have to replace the sylink.xml of that SEPM
Then once you bring it back to Domain without internet you will again have to replace the sylink.xml the one for the SEPM wihtout the internet.

Or may be you can try to add another location on both the SEPM & then try to use location specific settings. & set a conditions depending on the IP address of both the Settings.

If you just want to update the client in the isolated network then try updating the manager A with JDB.. Instead of connecting the laptop then disconnecting agin i thing JDB would be right option,.. Check the below document about JDB..

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007100820002048

Hi,

Is live update admin the same as the live update server?

You cannot do it as you are imagining it:
to do it you should create a group B where your laptop is the GUP and the SEPM A is the client. Then you need a group A where your SEP client in  the Management Server A is the GUP and the rest are the clients.
As you see the SEP client of Server A shoud belong in two groups and it is not possible.
In my opinion the best solution should be to allow the SEPM to take the definitions from Internet, with the firewall you can be sure that this connection is used only for LiveUpdate connections.

Regards,

Let me get this straight. 2 servers, 1 is a laptop with updated definitions and the other is an isolated network which I assume has no internet connection.
I've asked this a while ago about servers sharing updates. The answer I got was to do the update manually by downloading the latest definitions and applying them to the isolated network.

Hi,

So is it possible to configure the laptop as a Live Update Server by installing LiveUpdate Administrator.

This laptop will be connected to the isolated once in a while to let the Management Server grab the updated settings then push it down to the rest of the clients. Is it possible?

By the way, I have tried the JDB file for isolated network. It only updates the virus definition and not the others.

For Liveupdate Administrator, does it update the others as well? Like Intrusion Signitures?

I think the best thing you can do is to build two SEPM server one for the non isolated network then second is for isolated one, make sure both has an internet access to the download updates.

:-)

There are lots of ways to achieve what you would like to do...personally I would do this:

Just install SEPM on your laptop and join it to your site.
Setup a group policy for clients to use the laptop as their SEPM and export and apply this sylink.xml to your isolated SEP clients
You will need to ensure the SEP clients have the correct digital certificate as well, so it might even be better to do a full SEP package export.

Clients in the isolated network will try to heartbeat to this SEPM all the time but the laptop wont be present so they will just time out.
When you place the laptop into the isolated network they will all connect and update and upload their logs etc.

Check your heartbeat configuration to ensure they connect in a timely manner.
Make sure the laptop SEPM is fully updated before moving it to the isolated network.

Dont configure your other SEP clients to connect to the laptop SEPM :)

Z

I suggest you reconfigure the laptop to be a LiveUpdate server like Vikram said.

Hi zer0,

did you select the right solution for you? if yes, mark the proper post as solution.

regards