Endpoint Protection

Hello,
I have project for 300+ endpoints with SEPM (14.0.1904.000) installed on server under windows2012r2. Mostly all endpoints have 14.0 version, but few still under 12.1.
Whole network have no access to Internet so all definitions updates goes through .jdb files. Today i apply latest .jdb files and its applies ok (..\content\incoming is empty now, no .err folders). But latest on manager still remainis old (1/9/17 r1). On all endpoints "Proactive Threat Protection" and "Network Threat Protection" has been updated, but "Virus and Spyware Protection" remains old version. 
Can someone advise?

Did you use the reduced size def instead of the ful def JDB file? Below link scroll right to bottom and the second from the bottom is full JDB file.

Full JDB should be about 225MB rather the reduced def being 100MB

https://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

I apply full JDB file vd4c6416.jdb - 225 MB

Does SymDiag detect any issues?

Download SymDiag to detect Symantec product issues

Erm, shouldn't you have downloaded the below file instead?

http://definitions.symantec.com/defs/jdb/core15sds/vd4c6602core15sds.jdb

From the filename listed, you grabbed the 12.1.3+ VDefs instead.

#EDIT#

The SEP14 specific VDefs can be found below:

https://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

As your machines have no internet access, I'd recommend you use the darknet client and defs, or the clients will miss old threats.

Thank you for advices.

SymDiag doesn't detect any issue.

http://definitions.symantec.com/defs/jdb/core15sds/vd4c6602core15sds.jdb - from the description looks like it's only for SEP 12.1.6 and later Reduced size clients, while i use full size clients. 

I will try apply both .JDB files and write back the result

I'm pretty sure I linked the SEP14-specific vd4c6602core15sds.jdb Darknet file, not the SEP12.1.6-specific vd4c6602core3.jdb file...

I'll admit though, the naming convention gets very confusing!

Ah, sorry, my fault. Will apply this file to my SEPM tommorow and will write back with results. Thank you for advices!

Hello,
Thank you for advices, it works... I just apply defenitions for Syamntec Endpoint Protection 12.1.3 (or later) while i should apply Syamntec Endpoint Protection 14. 

Glad to hear that sorted it!

As always, if you could mark the relevant post(s) as the Solution to aid other who may come up with the same question.

To summarise:

For your network in which the SEP14 clients have no internet connection, my recommendation is that you use the Darknet defs, which you have confirmed as working.  And that SEP12.1.3+ defs do not work on a v14 SEPM.