You can see that in the regisrty and also in the Sylink log
On the client, look in the registry under
HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint
Protection\LiveUpdate.
Check the settings for the following keys:
■ UseLiveUpdateServer
If this key is set to 1, the client uses an internal LiveUpdate server or Symantec
LiveUpdate directly.
■ UseManagementServer
If this key is set to 1, the client uses the management server.
■ UseMasterClient
If this key is set to 1, the client uses a group update provider