Endpoint Protection

 View Only
  • 1.  What does the R mean after the definition date mean?

    Posted Jun 03, 2014 07:28 AM

    We currently user Symantec Endpoint Protection 12.1.

    When checking that our definitions are up to date on our managed clients, we have noticed that even though the dates are the same i.e 2nd June 2014, some say R32 and some R49. Please can someone explain what that means? We are trying to ensure that all of our computers are completely up to date for the recent Trojan.Cryptolocker.F  & Trojan.Zbot issues in the press in the last day.

    We also have an issue where on the home page of the Symantec Endpoint Protection Manager it states 0 endpoints are out of date, however if you then go into the clients they are out of date - any ideas on this?

    Many thanks



  • 2.  RE: What does the R mean after the definition date mean?

    Posted Jun 03, 2014 07:30 AM
    Revision. Its just to keep track of the sequence of each new set.


  • 3.  RE: What does the R mean after the definition date mean?

    Posted Jun 03, 2014 07:57 AM

    R for Revision

    The SEPM checks for new definitions from a Symantec LiveUpdate Server by default every 4 hours.  Symantec typically releases 1 to 3 sets of Virus and Spyware definitions a day ( these are mentioned as Revisions within a single set of defs)



  • 4.  RE: What does the R mean after the definition date mean?

    Posted Jun 03, 2014 08:05 AM

    Thumbs Up to _Brian yes

    Symantec have been known to release about 3 Certified Definitions everyday (all with the same date).  The revision numbers are used to help keep track of them.

    Regarding what you're seeing on the Home Screen, are you talking about the Pie chart or the Security Status (Green tick / Red Cross) at the top?  These only include online clients in the "Up-to-date" slice (so anything offline will not be marked as out-of-date).  Also, the Security Status and Pie chart has some customisable thresholds to allow you to choose what you consider to be out-of-date.  This is set to 10 days by default:

    http://www.symantec.com/docs/TECH175236



  • 5.  RE: What does the R mean after the definition date mean?
    Best Answer

    Posted Jun 03, 2014 10:50 AM

    Hi Kevin,

    "Thumbs up" to the info above.  Here's a page with details on the Multiple Daily Definitions.  http://www.symantec.com/security_response/definitions/multipledaily/

     

    We are trying to ensure that all of our computers are completely up to date for the recent Trojan.Cryptolocker.F  & Trojan.Zbot issues in the press in the last day.

    This post from Symantec Security Response may be of interest:

    International Takedown Wounds Gameover Zeus Cybercrime Network

    https://www-secure.symantec.com/connect/blogs/international-takedown-wounds-gameover-zeus-cybercrime-network

     

    Hope this helps!  Please do remember to mark the thread solved if the answer to your question has been provided.

    Mick



  • 6.  RE: What does the R mean after the definition date mean?

    Posted Jun 03, 2014 11:02 AM

    Many thanks for all of your replies, they have all helped with getting the answers we needed