Endpoint Protection

 View Only

  • 1.  Manually Update SONAR Definitions?

    Posted Dec 20, 2011 08:18 AM

    I have two computers in my environment (SEP 12.1 RU1) that are updating thier virus definitions normally, but the SONAR content and the Download Protection Definitions are out of date and do not seem to update. How can I force these two systems to download the latest content since this is not included in the jdb file?



  • 2.  RE: Manually Update SONAR Definitions?

    Trusted Advisor
    Posted Dec 20, 2011 09:00 AM

    Hello,

    Could you please specify the dates they are showing ??



  • 3.  RE: Manually Update SONAR Definitions?

    Posted Dec 20, 2011 09:10 AM

    Sonar is reporting 11/24/2011 r11

    Download Protection is showing 12/05/2011 r6

     

    Everyone else (other than these two systems):

    Sonar 12/10/2011 r2

    Download 12/19/2011 r3



  • 4.  RE: Manually Update SONAR Definitions?

    Broadcom Employee
    Posted Dec 20, 2011 09:39 AM

    are these machines connected to internet?



  • 5.  RE: Manually Update SONAR Definitions?

    Posted Dec 20, 2011 09:57 AM

    Yes, the machines in question are connected to the Internet. However, they are managed by a central SEP Management server, which itself is connected to a Live Update server. The machines in question (in fact all the machines in my network) do not directly connect to Symantec. The SEPM server does not directly connect to Symantec. Only the Live Update server has a direct connection to Symantec to download updates. The downloads are working fine, and distributed to the SEP Manager server without incident. Again, all of my other clients on the same SEPM server are up to date, just these two machines showing SONAR out of date (Virus definitions are identical to all the other machines).



  • 6.  RE: Manually Update SONAR Definitions?

    Trusted Advisor
    Posted Dec 20, 2011 11:07 AM

    Hello,

    So, Is the SEPM getting updates from the Liveupdate Administrator??

    Is the Liveupdate Administrator, downloading the SONAR heuristic signatures?

    When you configure content types for download in Symantec Endpoint Protection Manager, these are called SONAR heuristic signatures.

    Could you check within the SEPM, if the SONAR heuristic signatures are up to date.

     

    About the types of content that LiveUpdate can provide
     
     
    Symantec Endpoint Protection 12.1 SONAR - Proactive Threat Protection or Download Insight False Positive Corrections
     
     
    Hope that helps!!


  • 7.  RE: Manually Update SONAR Definitions?

    Posted Dec 20, 2011 11:28 AM

    Live Update is downloading the proper information, and the SEPM is up to date, as evidence by every other client on this SEP server having the correct dates. It's just two clients of the 300+ clients on this system that are out of date just on the SONAR definitions. I would have to assume somehow there is something corrupt on the client themselves but I don't know what to delete/what registry setting to hack in order for it to try and download the update again.



  • 8.  RE: Manually Update SONAR Definitions?
    Best Answer

    Trusted Advisor
    Posted Dec 20, 2011 11:30 AM

    Hello,

    Check this Article:

    How to clear out definitions for a Symantec Endpoint Protection 12.1 client manually
     
     
    Hope that helps!!


  • 9.  RE: Manually Update SONAR Definitions?

    Posted Jan 11, 2012 05:17 AM

    Matthew. Did this solve the problem?

     

    I've got the same problem. One client out of 14 refuses to update it's Sonar definitions and therefore reports as out of date in SEP Manager.



  • 10.  RE: Manually Update SONAR Definitions?

    Posted Jan 11, 2012 05:27 AM

    Yup. I had to manually clear the definistions. Once completed the machine checked back in, and downloaded the up to date versions.



  • 11.  RE: Manually Update SONAR Definitions?

    Posted Jan 11, 2012 05:37 AM

    Thanks Matthew. I'll give it a try.