Endpoint Protection

Hello,
I have a sep11 management server running windows server 2003. Everything is working great however I was wondering what options I have to control the time that clients check in for updates. I see that you can set 'live update' servers out on the network to control where the clients get updates, however my sep server has always just been the machine that gives clients the updates. We have 4 seperate locations and the sep server sits at our main central site. My only problem is when I try and change live update policy for the clients checking in I am not able to change the option. I believe it is set to have clients check in every 4 hours or so. It would be great if I could have the clients only check in for definition updates at night. I have multiple locations so this can bog down the network at times when the some pc's that have been shutdown for a couple days are turned on and go right to the sep server for updates. Is it possible to change the time that clients check into the server for definition updates? If not, am i better off with having numerous live update servers at all the locations instead of one centralized sep server that handles all the stores definition updates?  Thanks in advance for the help.

By default the clients check in every 5 minutes and as soon as the sepm gets defs it will tell the clients to heartbeat in to get them. You can change the heartbeat interval in the communication settings for the client group. I suggest changing it to pull mode and there you can set your heartbeat for when they check in to whatever you would like.

What is the method you are using for updating your clients. Scheduling is possible if you are using liveupdate server only for the update. What is the exact problem you are facing? If you are concen about the bandwidth GUP will be the ideal solution for you.
For more info refer below doc
Symantec Endpoint Protection 11.0 Group Update Provider (GUP)
Group Update Provider: Sizing and Scaling Guidelines

You have two options to have a control over this manager - remote clients bandwith.

1. Group Update Provider.

Pros: No need to install any piece of software apart from the client itself. Simple policy setting.
Cons: No control over scheduling. GUP will check in at its hearbeat interval and move data from manager to itself.

2. LiveUpdate Server.

Pros: Can update any number of clients and even managers. Scheduling is possible for each and every group at preferred time. Multiple LUAs can serve as failover source for definitions.

Cons: Not recommended to have it in the same server which has SEPM, so have to install it on another server or a workstation. Configuring LUA (Relatively tougher than the GUP, simple though).


The choice is yours :)

Well it sounds like I should just go ahead and change to pull mode with a hearbeat of 8-9 hours or so. I just need to make sure that a large number of clients arent trying to get those updates at the same time during the day. So say I wanted them to check in at 10pm. Would I want to make that sever change at 10pm and set the interval to 12 hours? Right now its just set to push mode, so everything is done as soon as the update is available. Thanks again.

well all said the same,we cant have a schedule time for clients updates
they all get updated at once
take network bandwidth.
you can configure gup or else the current setting you have now with pull mode should be fine.
 

Please be aware that changing the heartbeat to 10 hours or more does not ensure any particular time window fo clients to check in.. It depends on the client's last check in time and may vary from client to client.... Supposing a computer is shutdown for days togeher and come back on one fine aftrnoon,. it will immediately contact SEPM andpull updates and the next update wil be scheduled 10 hours from then... So , It can be helpful, but not in all cases.... Again, the choice is yours:)

I agree with Rafeeq, A GUP would be a good idea to help with bandwidth issues. Create a GUP in each remote location will allow only one machine to get content from the manager from each site, instead of all clients.

I would still stick with pull mode so the manager doesn't keep a constant connection to all the machines in the environment.

Thanks again for the help. I will study up on the gup setup and go that route.