I have recently installed SEP 12.1.5 for Linux on some Red Hat servers, and are currently being managed by the SEPM. I have not been able to get definition updates to the servers yet. I've pointed the servers to my (internal) LiveUpdate Administrator (LUA), but the servers are not getting any definition updates from the LUA. Do I need to identify specific Linux definitions content (besides SEP) on the LUA? If so, what? I see a choice for Symantec Antivirus for Linux 1.0.5 - is that what's needed on my LUA (I was looking for SEP for Linux defs.)? Or something else? Thank you!

The latest for Linux is SEP for Linux 12.1.5 but if there is no other option those should be it.

How long has it been?

There is a setting for Linux clients, see here:

Setting up an internal LiveUpdate server for Symantec Endpoint Protection clients

Configuring LiveUpdate Administrator 2.x to Download and Distribute Symantec Antivirus for Linux Contents

You should download the catalog 

About Updating the Symantec Product Catalog in LiveUpdate Administrator 2.x

http://www.symantec.com/business/support/index?page=content&id=TECH201472

Configuring LiveUpdate Administrator 2.x to Download and Distribute Symantec Antivirus for Linux Contents

http://www.symantec.com/business/support/index?page=content&id=TECH152311

Hi,

Thank you for posting in Symantec community.

I would be glad to answer your query.

Linux clients cannot get updates from the default management server. For Linux clients, you must specify an internal or external LiveUpdate server.

To configure Linux clients to use an internal LiveUpdate server

1. Under Policies, click LiveUpdate.
2. On the LiveUpdate Settings tab, right-click the policy that you want and then click Edit.
3. Under Linux Settings, click Server Settings.
4. Click Use a specified internal LiveUpdate server, and then click Add.
5. In the Add LiveUpdate Server dialog box, type the information that you need to identify and communicate with the server that you want to use.

For example, for the URL:

• If you use the FTP method (recommended), type the FTP address for the server. For example: ftp://myliveupdateserver.com.
• If you use the HTTP method, type the URL for the server. For example: http://myliveupdateserver.com or http://2.168.133.11:7070/export/home.

6. If your server uses FTP or HTTPS, click Advanced Server Settings.
7. Select the FTP or HTTPS mode that the server uses, and then click OK.
8. Click OK.

To set up an external LiveUpdate server for Windows, Mac, or Linux clients

1. In the console, open a LiveUpdate policy, and click Edit
2. Under Windows Settings, Mac Settings, or Linux Settings, click Server Settings.
3. Click Use the default Symantec LiveUpdate server or specify another LiveUpdate server. If needed, specify your proxy configuration.
4. Click OK.

Hello,

The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels. Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5

SEP for Linux clients can now be managed by an RU5 SEPM, or later. Configuration enhancements have been made to the SEPM to allow policy creation for managed Linux clients. This includes AV policy settings, centralized exceptions, and LiveUpdate settings. The SEPM also features enhanced reporting for Linux clients, including the SEP client version, host OS details, and hardware details.

1. How scheduled scan, live update frequency, exclusions and other different settings can be set for linux client? Will everything be managed by SEP Manager through policies or still we need to use for example symcfg to anable folder exclusion?

--->  If it’s managed linux client you can create policies accordingly so for managed clients no need of symcfg to enable folder exclusion. For un-managed client it’s still the same process.

See this screen-shot Under Virus & Spyware Protection linux Settings are available:

2. If yes policies for linux client must be set different from windows client policies?

-->  Yes, need to configure separately.

3. Can i configure live update policy to retrieve updates only from SEPM like i did on windows clients?

-->  No, though linux clients can be manged by SEPM it will fetch definitions updates from LUA or Internet liveupdate server only. 

4. Can I deploy linux clients without any particular policies and modify them later? Will be the policies upgrade automatically?

-->  You can't. If upgrading from MR13 to SEP 12.1 RU5 then polices will be upgraded automatically

5. Which task can i run from SEPM to SEP linux? (es: scan now, run liveupdate,ecc ecc)

-->  You can run  Scan, Update content, Update content and Scan & Enable auto protect commands from SEPM console

6. Are in SEPM the liveupdate default sources still: liveupdate.symantecliveupdate.com and liveupdate.symantec.com TCP 80?

-->   There is no change in SEPM liveupdate process except content optimization feature.

7. Can i choose the path where to install SEP on linux? How to do if I need to install not in default /opt?

--> Yes, you can.

8. About the ports to leave opened: up to now we have used only the console on the server and the web console: do i need to leave open just 8443, 9090, 8014 or others? Apache and tomcat?

--> For linux clients to communicate with the SEPM there is no specific ports to be open on client/SEPM. 

Check this article: Which Communications Ports does Symantec Endpoint Protection use?http://www.symantec.com/docs/TECH163787 

Article for reference: 

Symantec Endpoint Protection 12.1.5 for Linux Client Guide

http://www.symantec.com/docs/DOC7697

Configuring LiveUpdate Administrator 2.x to Download and Distribute Symantec Antivirus for Linux Contents

http://www.symantec.com/docs/TECH152311