Endpoint Protection

 View Only
  • 1.  SEPM v11.0.6 not updating definitions

    Posted Jan 23, 2015 05:40 AM

    hi all

    we are running SEPM v11.0.6 on a 2008 server and ive noticed that our definitions have stopped updating.
    ive tried running the Liveupdate (LUALL.exe) manually but it still didnt work.

    ive found a lot of threads about this but couldnt find a solution that acutally worked for me.. i was not able to enable sylink logging, even though i disabled tamper protection i still wasnt able to modify the registry entry :/

    yesterday i manually installed the latest definition by importing the jdb file onto the server so that our environment was upto date, but today i can see that theres a new definition out there and it hasnt downloaded.

    i can do it manually.. but i need to resolve the automatic update.

     

    can somebody assist me in getting this resolved and what i should try?

     

    here is the liveupdate status log.

    23 January 2015 10:14:52 GMT:  LiveUpdate succeeded.   [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:52 GMT:  LUALL.EXE finished running.  [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:52 GMT:  LUALL.EXE finished.  There were no new content updates. Return code = 1.  [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:50 GMT:  Symantec Endpoint Protection Win64 11.0.6200.754 (English) is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:49 GMT:  Symantec Endpoint Protection Win64 11.0.7000.975 (English) is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:49 GMT:  Symantec Endpoint Protection Win32 11.0.7000.975 (English) is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:48 GMT:  Symantec Endpoint Protection Win32 11.0.6200.754 (English) is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:48 GMT:  TruScan proactive threat scan engine Win32 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:48 GMT:  TruScan proactive threat scan commercial application list Win32 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:47 GMT:  TruScan proactive threat scan whitelist Win64 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:47 GMT:  Intrusion Prevention signatures Win64 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:47 GMT:  TruScan proactive threat scan engine Win64 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:47 GMT:  Submission Control signatures 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:47 GMT:  TruScan proactive threat scan data 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:47 GMT:  TruScan proactive threat scan whitelist Win32 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:46 GMT:  TruScan proactive threat scan commercial application list Win64 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:46 GMT:  Antivirus and antispyware definitions Win32 11.0 MicroDefsB.CurDefs is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:46 GMT:  Decomposer Win32 and Win64 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:46 GMT:  Symantec Endpoint Protection Manager Content Catalog 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:46 GMT:  TruScan proactive threat scan commercial application engine 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:46 GMT:  Antivirus and antispyware definitions Win64 11.0 MicroDefsB.CurDefs is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:14:45 GMT:  Intrusion Prevention signatures Win32 11.0 is up-to-date.    [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:12:59 GMT:  LUALL.EXE has been launched.  [Site: Docklands]  [Server: SERVER]
    23 January 2015 10:12:58 GMT:  Download started.  [Site: Docklands]  [Server: SERVER]

    i can see a return code =1 

    no new content available.. but if i check here http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

    there is a new jdb file release date 01/22/2015

     

    appreciate any help

     

     

    thanks,

     

    Adam.

     

     



  • 2.  RE: SEPM v11.0.6 not updating definitions
    Best Answer

    Posted Jan 23, 2015 12:44 PM

    SEP 11.x is end of support life. You will no longer receive defs, you need to move to 12.1 now.

    See here:

    https://www-secure.symantec.com/connect/forums/symantec-endpoint-protection-110x-eosl

    https://www-secure.symantec.com/connect/blogs/did-you-get-security-memo-symantec-endpoint-protection-11-eosl

    Also, a link from Symantec's Chetan Savade:

    https://www-secure.symantec.com/connect/forums/client-not-updated-sepm-11#comment-10830321



  • 3.  RE: SEPM v11.0.6 not updating definitions

    Posted Jan 24, 2015 09:18 AM

    Check the thread solution. It help in your query

    https://www-secure.symantec.com/connect/forums/client-not-updated-sepm-11



  • 4.  RE: SEPM v11.0.6 not updating definitions

    Posted Jan 26, 2015 07:04 AM

    ahh ok.. well that explains it

     

    thanks!



  • 5.  RE: SEPM v11.0.6 not updating definitions

    Posted Jan 26, 2015 08:00 AM

    You're welcome