How to manually update IPS definition inside SEP 12.1 and 14.x install packages?
Article ID: 156066
Updated On:
Products
Issue/Introduction
SEP 12.1 and SEP 14.x.x now allows to export client install package with or without definitions. If definitions are exported with the package, it will then automatically include the latest revisions into the package reqiured by that package based on version and no action is needed, however some deployment packages that are 'Gold' or qualified and cannot have frequent binary updates may not have signatures included and you may be required to add them post export.
To include or update IPS signatures manually to a already exported client package see the steps below.
Resolution
OPTION-A
1) Open the pre-existing Client Package folder.
2) In the export folder, there is a list of files (zip, exe, ini, etc.) and folders (CommonAppData, Program Files, System32). Delete the file named IDSDefs.zip if it is present. If it is not skip step-2.
3) Go to the Symantec Endpoint Protection Manager, and depending on the VERSION of the Symantec Endpoint Protection CLIENT package you will need one of three FULL.ZIP files based on the client version of that install package.
%SEPM%\Inetpub\content\{55DE35DC-862A-44c9-8A2B-3EF451665D0A} is for SEPC CIDS Signatures for Symantec Endpoint Protection 14.0 clients ONLY. (build 14.0.1904.0000 - 14.0.3929.1200)
%SEPM%\Inetpub\content\{0D03AEA1-B630-43F8-828E-F10E80A68B99} is for SEPC CIDS Signatures for Symantec Endpoint Protection 14.2 clients ONLY. (build 14.2.758.0000 - 14.2.1034.0100)
%SEPM%\Inetpub\content\{02335EF8-ADE1-4DD8-9F0F-2A9662352E65} is for SEPC CIDS Signatures for Symantec Endpoint Protection 14.2 RU1 clients ONLY. (build 14.2.3332.1000+)
4) Go inside the proper Moniker folder for the version of client needed, go inside the numbered folder and find the file FULL.ZIP.
4) Copy Full.zip definition into exported package folder
5) Change Full.zip name into IDSDefs.zip
6) Install/deploy the client package
OPTION-B
1) Open the Symantec Endpoint Protection Manager, and go to Admin>Packages.
2) Select the SAME version client package as the already exported client package and select EXPORT.
3) In the Export options UNCHECK the option to export a package as a single file, then leave all other options at default. This will produce a exploded package you can harvest a update IDSDEFS.ZIP from.
4) Export the package.
5) Open the new exported client package folder and copy the IDSDEFS.ZIP to the client package you wish to update.
Applies To
SEP 12.1.x. 14.x 14.x.x
Feedback
