Solved

SEPM Definitions

Posted on 2011-02-24
12
1,220 Views
Last Modified: 2013-12-09
We have a server running 2003 standard which isn't connected to the internet. This server has Symantec Endpoint Protection Manager installed.

A couple of times per week we connect the server to the internet and download the latest definitions.

This has worked OK for a while.

Since 07th Feb, the AV definitions aren't updating. The Proactive Threat Protection and the Network Threat Protection are updating just fine.

I've tried manually updating the definitions using the JZB file from Symantec, same result.
Can anyone help?
0
Comment
Question by:carrgater31
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
12 Comments
 

Author Comment

by:carrgater31
ID: 34971346
Symantec
0
 
LVL 47

Expert Comment

by:Jackie Man
ID: 34977037
Post back your version of SEP.

Have you downloaded and installed the latest version of SEP from https://fileconnect.symantec.com/?
0
 

Author Comment

by:carrgater31
ID: 34995647
Here are the versions. I will look at the latest version.. SEPM Symantec
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 47

Expert Comment

by:Jackie Man
ID: 34996036
Your version is SEP 11 MR4 which was released in January 2009.

The latest version is 11.0.6 MP2 (11.0.6100.645).
0
 
LVL 47

Expert Comment

by:Jackie Man
ID: 35006334
You need to download the new version of SEP; remove the old version; and install the new version.
0
 
LVL 12

Expert Comment

by:jmlamb
ID: 35028046
This issue doesn't really have anything to do with the version of SEP being used. This is most likely a LiveUpdate issue. Start by doing these 2 things.

1. Verify content on the SEPM. Login to the console and go to Admin > Servers > Local Site > Show LiveUpdate Downloads. Check the 'Antivirus and anitspyware definitions Win## 11.0 MicroDefsB.CurDefs' entries. They're most likely out of date and this is why your SEP clients aren't updating.

2. Clean and Update the LiveUpdate catalog on the SEPM. Open a command prompt and cd to <path-to-where-SEPM-is-installed>\bin. Run lucatalog -cleanup then lucatalog -update. Go back to the console (same location as step 1) and 'Download LiveUpdate Content'.

Report back with any errors.
0
 
LVL 47

Expert Comment

by:Jackie Man
ID: 35028545
My experience tells me the version of SEP does have impact for liveupdate.

The old version might have bugs to be fixed and the best practice is to install with the latest version of SEP.
0
 
LVL 12

Expert Comment

by:jmlamb
ID: 35029404
And in the end an upgrade may be required, but I don't believe it will be a SEP upgrade. It will be LiveUpdate instead. The version of LU that comes with SEP MR4 is 3.2. RU6MP2 does come with LU 3.3. But because they're separate products we don't have to upgrade all of SEP to get LU 3.3.
0
 

Author Comment

by:carrgater31
ID: 35034871
I tried the two suggestions and the same thing has happened. We still have only AV definitions up to 07/02

Do I upgrade LU or SEP? Or both?
0
 

Author Comment

by:carrgater31
ID: 35034942
The LU version of SEPM is 3.3.
0
 
LVL 12

Accepted Solution

by:
jmlamb earned 500 total points
ID: 35036360
What is the version of the definitions currently on the SEPM (from step 1 in my earlier post)? If they're out of date, give this a try next.

1. Open File Explorer and browse to C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads.
2. Delete all of the ZIP files.
3. Browse to C:\Program Files\Common Files\Symantec Shared\SymcData\sesmvirdef32.
4. Check for any TMP files or folders and delete them if present.
5. Browse to C:\Program Files\Common Files\Symantec Shared\SymcData\sesmvirdef64.
6. Repeat step 4.
7. Stop and start the Symantec Endpoint Protection Manager (SemSrv) service.
8. Login to the console and go to Admin > Servers > Local Site.
9. Click 'Download LiveUpdate Content' under Tasks.
0
 

Author Comment

by:carrgater31
ID: 35037123
Bingo!

That has done it. All the definitions have now downloaded and we are up to date!
Thanks for your help!
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question