JDB File Should update All components

People really want IPS defs for thier closed network..

It is a good idea. I would like to see this idea implemented as soon as possible.

..but there are no currently plans to implement this.

For closed networks, LUA 2.x or LUAU 1.x is the recommended method to download content and transfer it to those networks.

For other environments, the use of GUPs is recommended and where that doesn't suit, the IPS content is not updated as frequently as AV/AS content and IPS updates tend to be < 200k so are relatively small. PTP content updates are even smaller.

So the main concern around bandwidth usage is AV/AS content and for this reason the JDB exists as an alternative method of distribution.

All that said, lets see what the customer community think and how they vote on this idea. That will of course influence our future decisions on this topic.

We desperately need a method of acquiring definitions for PTP! NTP definition updates would be helpful too but at least there I can opt to use the Windows Firewall instead.

I've begun rolling out SEP 11 to replace our SAVCE infrastructure that's been in place for over a decade. Since first installing SAVCE with a strict security policy our networks have never had a successful virus infection of any kind. I decided to upgrade to SEP to take advantage of the additional features and supported platforms.

After the first installation attempt of SEPM corrupted our WSUS IIS site using the "default" web site option I was a bit frustrated. Taking a chance on the "custom web site" install, I found that the Install Guide lied about disabling the default web site (containing WSUS services). The rest of the SEP 11 install was painless. The pushed client installs went quickly and flawlessly too. I was fully expecting to have a completely working SEP service after updating the VDB definitions. I naively assumed that threat protection updates would be complete with the new JDB definitions file.

The networks I manage are all isolated from any outside networks, including the Internet. Consequently, I've had to develop an update process using a Linux external server connected to the Internet upon which we maintain mirrors of Linux, Solaris, MS Windows (in MS WinSvr virtual machine), and other software updates. A script synchronizes these updates with a large USB drive for scanning and transfer to the internal network where automated updates are accomplished through local update servers.

Symantec threat protection is a vital part of our Information Assurance management infrastructure. Maintaining this infrastructure takes a large amount of time and effort as it is. Having to maintain yet another software package (LUA) only adds to the overhead burden. Copying a single file containing the combined definitions, or even a small set of definition files, seems much simpler than maintaining and training for LUA.

That's my $0.02 worth...

...If not within the JDB itself, then perhaps separate downloads to update these components in a closed environment.

sandra

Defintely for a manual download of PTP and NP defs.  At this time we don't even enable NP or PTP because it's too painful to update the definitions.  I certainly vote for either rolling it into .jdb or creating sep downloads for those defs. 

I strongly agree with that idea. There should be a possibility to update all components when the machine is offline.