Solved

Symantec Live update stopped after installing ISA 2004.

Posted on 2006-07-12
5
1,248 Views
Last Modified: 2013-11-16

Hi Experts,

I have windows 2003 domain, in which I have setup symantec anti-virus corporate edition 10. It is working fine and updating all the client machines from central location.

I have recently seutp ISA 2004 server on one of my windows 2003 member server for firewall purpose.

I found after installing  that my ISA machine is not able to get virus definitions update from my symantec corporate edition server.

What ports I need to open in my ISA to enable the virus def. updates on ISA. Both machines are on same LAN subnet.

Awaiting for your reply.

regards,

Globrin.
0
Comment
Question by:Globrin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 26

Accepted Solution

by:
Leon Fester earned 125 total points
ID: 17090739
Liveupdate runs on normal http traffic...According to my Symantec Corporate v10 and ISA server 2004 monitoring.

By default ISA firewalls do NOT allow any traffic through the firewall unless you've created a suitable rule.

I'd suggest that you add the following as your first rule in ISA Server.
Right-click firewall policy,
Click 'new', 'access rule'
Enter a name e.g. 'http traffic from isa server to external' - NEXT
Select 'Allow' -> NEXT
Select 'Selected protocols'
Click 'Add' and then select http under the list of protocols.
click 'Add', Click 'Close' -> NEXT
Click 'Add', select 'Localhost' and 'Internal' under the list of networks -> CLOSE -> NEXT
Click 'Add', Select 'external' under the list of networks -> CLOSE -> NEXT
CLICK FINISH.

Test the liveupdate from there...you can use the Monitoring tool to check the traffic going in and out your ISA server. P.S. Can you browse to any other sites via your ISA Server?
0
 

Author Comment

by:Globrin
ID: 17096977


I have set the rule according to you . I have installed independent symante antivirus unmanaged client on ISA which wll update from live update server. But when I click update on live update it is saying your definition is already updated. I have also monitored ISA for allowe connection and it is saying on port 80 it is communicating to live update server.

My old definition is of Apr 12, 2005 , and it is not updated to the recent date. I have reboot the ISA as well.

please help.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 17097180
Did your Symantec license expire?

Liveupdate will fail if you software license has expired.

If the unmanaged client could update, then you symantec console should also be able to update.

Check the historical data on ISA for when Symantec Console was supposed to update, and check what traffic/errors are reported on the firewall.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows Security Pop-Up 7 73
SOC, SIEM, IPS and FW 4 52
"Ensure their internet protocol supports SHA-2 certificate" ?? 5 68
How are passwords stored in Active Directory 25 148
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Ransomware continues to grow in reach and sophistication, putting data everywhere at risk. Learn how to avoid being caught in its sinister clutches with these 11 key tips.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question