Endpoint Protection

Hi,

I'm new to this so I'm hoping someone can help me.

I am working on a site that has double the necessary Servers and OP as this is how they deal with resilience.

They do not use the LiveUpdates service and use the .jbd files to manually update the virus definitions (which are then deployed to all machines in the Client List, at once)

As they use two set of hardware for resilience, is there a way of updating (say) 20 machines in one go and then updating the other 20 machines when the first lot have finished, in exactly the same way, with the same defintions?

They are currently using SEP 11 Version 11.0.6200.754.

So I want to be able to update 20 machines manually using the .jdb file and then when they have finished updating, I want to be able to do the other set of machines, exactly the same way. 

Any help would be greatly appreciated.

Regards,

Vinay.

how you are updating the first 20 set? is there a script you run or update the jdb manually on each client?

HI,

If you want to update manually sep client through .jdb.

you can check this download

Script to download Definitions from SEPM

https://www-secure.symantec.com/connect/downloads/script-download-definitions-sepm

Check this thread

https://www-secure.symantec.com/connect/forums/script-pull-virus-defination-update-clients

I haven't yet updated the first 20.

I would like to know how to do it. If possible.

At present we currently place the .jbd file into the C:\Program Files\Symantec\Symantec Endpoint Manager\data\inbox\content\incoming, which then processes the extraction which then deploys the AV to all machines at once.

I would like to know if it can be done seperately, twice, with sets of machines?

Thanks for looking.

Vinay.

HI,

Are you using managed client ?

If yes you can set sepm console update directly symantec live update after sepm console update all sep client.

Place the JDB on client rather than on the manager

http://www.symantec.com/business/support/index?page=content&id=TECH104363

or 

create two groups in SEPM

Change the heartbeat interval.

for 1 group make push mode ( will get updates when manager is updated using jdb)

for group 2 make it pull mode ( put an interval ) 

http://www.symantec.com/business/support/index?page=content&id=TECH191617

Thanks Manish S and Rafeeq. I will try both suggestions and let you know how I get on.

Thanks for the reply.

Yet another option is to set your clients to update using the JDB files themselves as per the below article:

http://www.symantec.com/docs/TECH104363

Then it's just be a matter of creating and scheduling a script on your endpoints to pull the content at your required times (whether you do this via scheduled tasks or have some other management tool to do it is up to you).  All you'd have to do then is download the JDB files themselves and put them on a network location accessible by your clients...

You might want to check out the additional articles below which talk more about using non-Symantec tools to update content:

http://www.symantec.com/docs/TECH106028
http://www.symantec.com/docs/TECH102542

Have you got Altiris Deployment Server?

If yes, you could create a task to update the clients. Then run this task against all your computers and tell Altiris DS to do the scheduling. See this screen shot.

I am not aware of a method you can achieve this natively in SEPM.

Guys,

Many thanks for all of your input in this.

1) Ian_C;  Unfortunatley the customer does not have an Altaris Deployment Server and is not something they would consider. So that is out of the question I'm afraid.

2) SMLatCST & Rafeeq; Your suggestions seem the most feasible as it work on a machine to machine basis. This way we can deploy the Virus Definitions as and when we want to.

3) Manish_S; I have had a look at the script and am going to try this to see of it work.

Again, many thanks for your replies.

Regards Vinay.

Hello,

I am not sure why they want to have to update these machines manually and use no Liveupdate Service?

Maybe unavailability of Internet OR probably to Reduce Bandwidth.

In such cases, Why not use the Symantec Liveupdate Administrator?

Here you would be able to update more than 20 machines in one go and that too automatically.

LiveUpdate Administrator (LUA) creates a local repository of the content and product updates available on the public LiveUpdate (LU) servers. Under the right circumstances, LUA can be used to minimize the amount of external bandwidth needed to update Symantec products in large, highly centralized networks.

The main reasons for installing LUA are:

• Testing content updates before distributing them to prdouction environments
• Reduced bandwidth utilization when updating unmanaged Symantec products
• An internal failover mechanism for updating managed Symantec products
• Consolidated management of updates for multiple Symantec products in secure environments

Check these Articles:

When to use LiveUpdate Administrator

http://www.symantec.com/docs/TECH154896

Best Practices for LiveUpdate Administrator (LUA) 2.x

http://www.symantec.com/docs/TECH93409

How to obtain the latest version of Symantec LiveUpdate Administrator (LUA) 2.x

http://www.symantec.com/docs/TECH134809

Installing and Configuring LiveUpdate Administrator (LUA)

http://www.symantec.com/docs/TECH102701

LiveUpdate Administrator 2.x and Symantec Endpoint Protection Manager on the same computer

http://www.symantec.com/docs/TECH105076

Hope that helps!!!

Mithun Sanghavi,

Thanks very much for the reply. This is another thing for me to consider and a really good suggestion for automated processes.

Many thanks Vinay.