LiveUpdate and SEPM managing more than just definition downloads?
LiveUpdate has been embedded with Symantec products for years now and remains one of the integral elements of our software packages. This is also the case of Symantec Endpoint Protection line. It became a kind of tradition to keep it despite numerous innovations in terms of content download & distribution management made since 1996 when it was first introduced by our company.
Currently, LiveUpdate is a separate executable responsible for downloading definitions destinated for Symantec products installed on a local machine so its core function has not changed substantially throughout all versions. Symantec Endpoint Protection Manager allows an express request for download of definitions via LiveUpdate (v.3.3) and the entire process is logged in sesclu file. For multiproduct content download & distribution management our company proposes LiveUpdate Administrator.
My idea is a following one: Since the entire infrastructure is already in place (installation of LU is compulsory, the Manager is integrated with LU via sesclu), it would be reasonable to allow other content to be downloaded and distributed in a more automated way. By this I mean the following products and appliances:
- SEP full ISO package
- SEP client-only ISO package
- Symantec Endpoint Recovery Tool
- RapidRelease definitions
- JDB definitions
- Symantec Support Tool
and many others.
This improvment would have clear-cut advantages. For instance, it would substantially decrease the use of Technical Support as a last resort to access to the above resources. Additionally, it would permit a more convenient access to our products since we all know how cumbersome our FileConnect website can sometimes be (needless to say what to think about Java applet used for downloads...). Moreover, it would also decrease traffic on our FTP servers since often these are used to actually upload ISO packages after a failure to access them via FileConnect.
One may say that there are technical problems that can be encountered while trying to apply this idea. I think that is not the case. In order to authenticate, a registration key is entered in post-installation process of our product (ex: SEP SBE 12.x or Amber). For products not using registration key (ex: SEP 11.x) it would be just enough to create a subpage accessible via IIS and does not need any substantial modification of the Manager code itself.
Please write your opinions about the above. Any commentary and critique is most welcome.