Hi Folk,
I think that you are very worried about "a bad virus definition"! Why ?
They're all very tested inside symantec!
Do you know any incident related to this in Symantec ? I dont!
If you still worried about this, you can first create a new liveupdate policy for the bulk of your machines and then configure a different schedule for that policy as you wish. In this case you will be able to delay the update process in a group were you assign this policy. I'll suggest you to max delay just a day in this case.
since simantec delivers 3 deffinitions per day, you can schedule this at the policy and just update this machines once a day, or once a week as you wish!
Remenber: The best practice is to update every 4 hours!
Regards
Leon