Video Screencast Help


Created: 16 Jul 2012 | 4 comments

Hi all,

How will I know which client is going to consume heavy updates from Antivirus server.

Do Antivirus server Management console has such features which will list real time virus definition update’s communication between client and Server.

My version for SEPM is MR4

Comments 4 CommentsJump to latest comment

Leo Young's picture

as i know, you can only see from the logs to view clients activitis, and which aren't the real time view.

pete_4u2002's picture

check the iis logs

it will look something like this, whether delta or full and client IP

2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110213003/ 200 90702117
2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110214002/ 200 69206309
2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110213003/ 200 84279589
2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/ 200 94896421
2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/ 200 62849317
2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/ 200 71696677
2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/ 200 49414437

Chetan Savade's picture

Hi Anil,

SEPM is management console but information which you are looking for will be available through network monitoring tools like Whats up gold, Solar wind Orion etc.

SEPM console won't be able to provide information about bandwidth utilization.

As you stated it's MR4 I would suggest it's a time to upgrade to latest version.

Check till date SEP releases

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Mithun Sanghavi's picture


To answer your Question above, it is important to understand HOW are virus definitions distributed from the Symantec Endpoint Protection Manager? Check this Article:

Check these Articles below which would assist you on HOW to prevent the clients to download the Full definitions set from SEPM and limit Bandwidth usability - 

Preventing Symantec Endpoint Protection (SEP) Clients from receiving FULL Antivirus/Antispyware definition packages from a patched Symantec Endpoint Protection Manager (SEPM)

With default LiveUpdate content revision settings configured within the Symantec Endpoint Protection Manager, clients are downloading full definition updates instead of delta updates

SEPM & SEP Client bandwidth troubleshooting

Hope that helps!!

Mithun Sanghavi
Associate Security Architect


Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.