Endpoint Protection

 View Only

  • 1.  Traffic between GUP and SEPM 12.1.4

    Posted Feb 24, 2015 01:10 PM

    Hello,

    My customer have one SEPM 12.1.4 (Windows 2008 R2 Virtual Server) with one local site (optic network or 8 Mo) and severals remote site with bandwiths (512 Ko--> 2Mo)

    There are one GUP (Windows 7 workstations with SEP 12.1.4) on every remote site to update definitions on computers clients.

    The SEPM server on local site is scheduled to update from Symantec Site (7 --> 10 PM every day)

    After every GUP receive update from SEPM. So far, no special problem, GUP receive their delta definition.

    The problem is during the next day, there is a big traffic and communication between all GUP and SEPM. After analyse with Wireshark, it was found that GUP download FULL definition (660 Mo)... while it remained power ON

    Is someone met this issue (slowed network) ? For information, number of content definition keep on SEPM : 12 revisions

    In a few day , i have to update SEPM and GUP to 12.1.5 version.

    Thank you for your help.

    Sébastien

     

     



  • 2.  RE: Traffic between GUP and SEPM 12.1.4

    Posted Feb 24, 2015 01:23 PM

    The GUP needs to download a full set of defs from the SEPM to hand out to clients who request it



  • 3.  RE: Traffic between GUP and SEPM 12.1.4
    Best Answer

    Posted Feb 24, 2015 06:05 PM

    Hmmm ... your SEPM is updated daily. But Symantec provides AV/AS content revisions three times a day. Is it possible that some clients are updating themselves via LiveUpdate during the day? Small delta files can only be created if the content version on the client matches a content version on the SEPM.

    Check the clients' system logs if they are downloading content from Symantec's LiveUpdate servers. You can prevent this in the LU policy for the clients.

    Another reason may be the GUP disk cache size. By default, it's on 500 MB, but obviously that's even too small for one single full definition (>600 MB). Change it to 2,000 MB or higher, if necessary. The setting is in the LU policy (Clients > YourGroup > Policies > LU policy > Server settings > GUP)
     



  • 4.  RE: Traffic between GUP and SEPM 12.1.4

    Posted Mar 27, 2015 11:38 AM

    Hello,

    I finally work with my customers about this issue.

    I have updated SEPM and all GUP to 12.1.5 version.

    I increased the number of revision kept on SEPM and configured Pull Mode for all remote site.

    In fact, a lot of computers are very often off during one or two weeks. And when they start, with only 12 revisions kept on SEPM, GUP download full revision because GUP itselp don't know calculate delta revision.

    Thank you for your support and ideas.