What are my SEP Clients downloading from liveupdate.symantecliveupdate.com?
Created: 01 Feb 2013 | Updated: 05 Feb 2013 | 13 comments
This issue has been solved. See solution.
It was brought to my attention a short time back that several of our workstations are communicating directly with http://liveupdate.symantecliveupdate.com/ Per our LiveUpdate Policy configuration this should not occur. If a SEP client requires an update it will only attempt to connect to our GUP or the SEPMs. In reviewing our Web Filter logs I was able to identify what exactly they were requesting to download. My problem now is what are these items that some of these machines are attempting to download? Below is an example of one of the file paths I found. Note how ridiculously long the path is. Does anyone know what its doing?
Discussion Filed Under:
Comments 13 Comments • Jump to latest comment
In you LU policy, did you uncheck "Use a LiveUpdate server"?
SEP Knowledge Base
Endpoint SWAT
HI,
Did gup policy are applied ?
Check this thread also
https://www-secure.symantec.com/connect/forums/gup-not-providing-update-clients-clients-are-able
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
What version of SEP are you using? This has been known to happen on some of the older versions (i.e. use LiveUpdate even when it's not mean to):
http://www.symantec.com/docs/TECH95946
http://www.cstl.com/
After reviewing the link provided I believe this is exactly what I'm experiencing. It appears that since we're primarily running SEP 11 RU6 MP2 we're experiencing the bug associated with these previous versions. It sounds like once we move to 12.1 RU2 this will be eliminated.
Thank you for your help.
Brian -
"Use a LiveUpdate Server" is unchecked. The only fields checked are GUP and Use Default Management Server. And within the GUP settings only Use a Single GUP Provider is checked.
Aashish -
According to the SEPM and the SEP Client the machines in question do have the most up to date Policy applied to them. So they should not be making any attempts to LiveUpdate Servers.
SMLatCST -
We're currently running 12.1 RU2 on all SEPMs and GUPs. The machines currently exhibiting this issue are running primarily 11 RU6 MP2
It is down to the way the clients process the policy, so upgrading the client should (hopefully) do the trick! The version of the SEPM or GUP would have no bearing on how the v11 client chooses to (mis)behave
http://www.cstl.com/
Have you tried recreating the LU Policy for this client - looks like if it was corrupted somehow, or clients were not able to properly process it.
also check if there any location awareness set?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Roughly how many clients affected?
Your settings sounds good.... might be bug/issue with LU policy at client end...
Hi,
Kindly check the below step
http://www.symantec.com/business/support/index?pag...
Select one of the following options:
Regards
Sumit G.
Hi,
you might be used RU1 before RU2.Is that the problem was with RU1 also?
Because if you gone through all the above comments I dont think is there any setting issue with your case.
Try to recreate the package and reinstall.
otherwise it could be a bug.
Thanks,
Zafar
Thanks and Regards,
Mohammad zafar
Please Mark as solution if this comment solved your Issue....
Hi there,
That is anonymous telemetry data rather than a request for a file. These can safely be ignored. This article has some more information:
With thanks and best regards,
Mick
awesome for making this point, Mick :-). Thumbs up !
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Would you like to reply?
Login or Register to post your comment.