Endpoint Protection

 View Only

  • 1.  Why Content Definations get Corrupted

    Posted Dec 11, 2014 10:59 AM

    Hello to all the Gurus of SEPM . I have a query would highly appreciate if someone could kindly answer my queries:

    1. Why does the content  definations get corrupted either on SEPM , GUP or endpoints ?
    2. What are the probable/exact reasons for this corruption ( would appreciate if someone can link exact Symantec artices on this )
    3. How much network bandwidth between a GUP and SEPM is consumed ideally in a single day ?

    Would really appreciate if I can have answers of these questions. Regards



  • 2.  RE: Why Content Definations get Corrupted

    Posted Dec 11, 2014 11:04 AM

    It usually happens if there is a drop in connectivity briefly during an update or if a machine is turned off. Here is the article:

    Troubleshoot corrupt definitions in Endpoint Protection

    There is no exact ansnwer on GUP bandwidth. It depends on clients, how many revisions, you keep, etc.

    Frankly, there isn't exact answers to either question. Could be a myriad of reasons.

    Do you have a tool to monitor bandwidth, maybe at your router / switch?



  • 3.  RE: Why Content Definations get Corrupted
    Best Answer

    Posted Dec 11, 2014 11:05 AM

    ***Why does the content definations get corrupted either on SEPM , GUP or endpoints ?**

    Many different scenarios can create virus definitions corruption, most likely related to network interruption issues or interruption of LiveUpdate processes during the update of virus definitions

    http://www.symantec.com/business/support/index?page=content&id=TECH92043

    How much network bandwidth between a GUP and SEPM is consumed ideally in a single day ?

    See .Brian best articles how can we check data size with using Wireshark

    Using Wireshark to detect full.zip downloads on SEP client machines

    https://www-secure.symantec.com/connect/articles/using-wireshark-detect-fullzip-downloads-sep-client-machines



  • 4.  RE: Why Content Definations get Corrupted

    Posted Dec 11, 2014 11:23 AM

    Well the reason of asking such a question is one of my clients wants to know why does definations get corrupted becase they had an issue where the definations on the GUP got corrupted and as a result it started downloading large files from SEPM like 40, 40 GBs in a single day due to this corruption.

    Would appreciate if I know the probable or exact reasons for this corruption.

    Regards



  • 5.  RE: Why Content Definations get Corrupted

    Posted Dec 11, 2014 11:25 AM

    Thanks for sharing the article James I have already gone through that but still we dont know the exact reasons of content definations corruption 



  • 6.  RE: Why Content Definations get Corrupted

    Posted Dec 11, 2014 11:27 AM

    The article states:

    Corruption of virus definitions may have many causes. Two contexts should be considered when responding to potentially corrupted content definitions:

    • Is the corruption believed to be a one-time issue with a suspected one-time cause?
    • Is the corruption a recurring issue due to an unknown cause?

     

    Is it very generic in this case. I gave two possible reasons. Others exist. I would suggest getting in touch with Symantec to get a quicker response, assuming you need one ASAP. Otherwise it's just going to be everyone chiming in here with their experience and this thread will be ongoing.



  • 7.  RE: Why Content Definations get Corrupted

    Posted Dec 11, 2014 11:43 AM

    no clear response from Symantec yet



  • 8.  RE: Why Content Definations get Corrupted

    Posted Dec 11, 2014 11:44 AM

    Opening an official case is the quickest way to go here.

    They do check in on the forums but on they're own time. This isn't an official support forum.