Endpoint Protection

 View Only

  • 1.  out of date

    Posted Aug 21, 2018 01:51 PM

    Hello guys

    I have in my environment with many clients with status: out of date. We have about 10 GUPs configured.
    What do you recommend to reduce this out of date status? Has anyone had this problem, what actions have they taken?



  • 2.  RE: out of date
    Best Answer

    Posted Aug 21, 2018 01:58 PM

    Where are those out of date clients supposed to get their updates from? Have you verified the source and started troubleshooting the cause?



  • 3.  RE: out of date

    Posted Aug 21, 2018 02:14 PM

    I have not started yet. What do you recommend? Where to start



  • 4.  RE: out of date

    Posted Aug 21, 2018 02:16 PM

    Verify in the policy applied to the group where the clients should be getting their updates from. Download and run SymDiag on a problem client to check for errors. Enable sylink logging on the affected client and review the log for errors.



  • 5.  RE: out of date

    Posted Aug 21, 2018 03:30 PM

    Many thanks for the reply.

    I'm thinking of using ping / telnet to test connectivity, for example, in the GUPs giving a telnet on port 2967

    And in the endpoints telnet 8014



  • 6.  RE: out of date

    Posted Aug 22, 2018 05:19 PM

    What type of GUPs are you using and do you have GUPs for all your clients? Do you have the option for a client to fallback to the SEPM for content updates if a GUP is not available for a certain period of time enabled? Do you have winhttp proxy set on the GUPs?



  • 7.  RE: out of date

    Broadcom Employee
    Posted Aug 22, 2018 10:29 PM

    How to collect full support logs for Support with the SymDiag utility

    Please run the Symdiag on a client that is out of date and attach it here.

    I will do a quick review for you.

    Thanks,

    John Owens



  • 8.  RE: out of date

    Posted Aug 25, 2018 10:14 AM

    After an analysis I identified 10 GUPs configured and updated.
    We have two scenarios with this problem.

    Scene 1
    Computers that are on the same network as SEPM, most are up to date and some are not. I noticed that the computer is online but with an outdated signature. We use it in the PULL-MODE environment.
    What could cause this outdated signature? Since the computer is online.

    Scenario 2
    In this scenario, clients must update through the GUP. The GUPs are online and up to date. Customers are online but with signatures desaturated. We use it in the PULL-MODE environment. And since we have link problems, we use bandwidth control policies.



  • 9.  RE: out of date

    Posted Aug 27, 2018 02:46 PM

    Tiago,

    From the screenshots you've provided you have only Multiple GUPs set-up and clients will never fallback to the SEPM for definitions if a GUP is not available. I would suggest three possible course of actions:

    1. Stay with Multiple GUPs with no fallback option - you must make sure that you have a GUP configured for each and every subnet in your network

    2. Stay with multiple GUPs but enable the fallback option - you have to enable the option for the clients to go to the SEPM for content updates after GUP is unavailable for X minutes/hours/days

    3. Go for Explicit GUP mapping - you'll have to map subnets to specific GUPs; good thing is that with 14 VLSM was introduced and it's relatively easy task as long as you have the company's network infra

    Hope some of these help