Endpoint Protection

 View Only

  • 1.  verifying that a computer is serving as a GUP

    Posted Feb 11, 2010 01:45 PM
    Just wondering if anyone can shed some light on this.

    I have 5 computers serving as GUPS.  I am running version 11.0.5002.333 on the GUPS, but not all of the clients are running the latest version yet.  So I should be able to look at the properties of the computer and see that it is serving as a GUP. Of the 5 GUPS, only 1 shows in properties that it is a GUP.  Only 2 of the 5 actually have the SharedUpdates folder that a GUP is supposed to have in its directory structure.

    Of the 2 that have the SharedUpdates folder, all of the files inside the SharedUpdates folder on one of the GUPS have a date of 12/30/99.  The other GUP that has the SharedUpdates folder has files with 2/10/10 and 2/11/10 dates.

    How can I verify that the GUPS are actually being contacted and are providing definitions to the clients they are assigned to?


  • 2.  RE: verifying that a computer is serving as a GUP

    Posted Feb 11, 2010 02:25 PM
    You can see that in the regisrty and also in the Sylink log

    On the client, look in the registry under
    HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint
    Protection\LiveUpdate.
    Check the settings for the following keys:
    UseLiveUpdateServer
    If this key is set to 1, the client uses an internal LiveUpdate server or Symantec
    LiveUpdate directly.
    UseManagementServer
    If this key is set to 1, the client uses the management server.
    UseMasterClient
    If this key is set to 1, the client uses a group update provider


  • 3.  RE: verifying that a computer is serving as a GUP
    Best Answer

    Posted Feb 11, 2010 02:27 PM

    Title: 'How to confirm if Clients are receiving LiveUpdate content from Group Update Providers (GUPs)'
    Document ID: 2009110311145748
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009110311145748?Open&seg=ent


  • 4.  RE: verifying that a computer is serving as a GUP

    Posted Feb 11, 2010 02:29 PM
    What I do is  (search for the registry key smc_debuglog_on) change this value to 1.

    Then from the GUP do a smc -stop and an smc -start to get the app to reload.

    From there if you check the install directory for SEP there should be a log named debug.

    Take a look (typically toward the end of the log) and you can see if it (at that time) is serving updates.


  • 5.  RE: verifying that a computer is serving as a GUP

    Posted Feb 11, 2010 03:49 PM
    Thanks guys, I will take a look at all of your suggestions!