Solved

SEPM Definitions

Posted on 2011-02-24
12
1,206 Views
Last Modified: 2013-12-09
We have a server running 2003 standard which isn't connected to the internet. This server has Symantec Endpoint Protection Manager installed.

A couple of times per week we connect the server to the internet and download the latest definitions.

This has worked OK for a while.

Since 07th Feb, the AV definitions aren't updating. The Proactive Threat Protection and the Network Threat Protection are updating just fine.

I've tried manually updating the definitions using the JZB file from Symantec, same result.
Can anyone help?
0
Comment
Question by:carrgater31
  • 5
  • 4
  • 3
12 Comments
 

Author Comment

by:carrgater31
Comment Utility
Symantec
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
Post back your version of SEP.

Have you downloaded and installed the latest version of SEP from https://fileconnect.symantec.com/?
0
 

Author Comment

by:carrgater31
Comment Utility
Here are the versions. I will look at the latest version.. SEPM Symantec
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
Your version is SEP 11 MR4 which was released in January 2009.

The latest version is 11.0.6 MP2 (11.0.6100.645).
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
You need to download the new version of SEP; remove the old version; and install the new version.
0
 
LVL 12

Expert Comment

by:jmlamb
Comment Utility
This issue doesn't really have anything to do with the version of SEP being used. This is most likely a LiveUpdate issue. Start by doing these 2 things.

1. Verify content on the SEPM. Login to the console and go to Admin > Servers > Local Site > Show LiveUpdate Downloads. Check the 'Antivirus and anitspyware definitions Win## 11.0 MicroDefsB.CurDefs' entries. They're most likely out of date and this is why your SEP clients aren't updating.

2. Clean and Update the LiveUpdate catalog on the SEPM. Open a command prompt and cd to <path-to-where-SEPM-is-installed>\bin. Run lucatalog -cleanup then lucatalog -update. Go back to the console (same location as step 1) and 'Download LiveUpdate Content'.

Report back with any errors.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
My experience tells me the version of SEP does have impact for liveupdate.

The old version might have bugs to be fixed and the best practice is to install with the latest version of SEP.
0
 
LVL 12

Expert Comment

by:jmlamb
Comment Utility
And in the end an upgrade may be required, but I don't believe it will be a SEP upgrade. It will be LiveUpdate instead. The version of LU that comes with SEP MR4 is 3.2. RU6MP2 does come with LU 3.3. But because they're separate products we don't have to upgrade all of SEP to get LU 3.3.
0
 

Author Comment

by:carrgater31
Comment Utility
I tried the two suggestions and the same thing has happened. We still have only AV definitions up to 07/02

Do I upgrade LU or SEP? Or both?
0
 

Author Comment

by:carrgater31
Comment Utility
The LU version of SEPM is 3.3.
0
 
LVL 12

Accepted Solution

by:
jmlamb earned 500 total points
Comment Utility
What is the version of the definitions currently on the SEPM (from step 1 in my earlier post)? If they're out of date, give this a try next.

1. Open File Explorer and browse to C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads.
2. Delete all of the ZIP files.
3. Browse to C:\Program Files\Common Files\Symantec Shared\SymcData\sesmvirdef32.
4. Check for any TMP files or folders and delete them if present.
5. Browse to C:\Program Files\Common Files\Symantec Shared\SymcData\sesmvirdef64.
6. Repeat step 4.
7. Stop and start the Symantec Endpoint Protection Manager (SemSrv) service.
8. Login to the console and go to Admin > Servers > Local Site.
9. Click 'Download LiveUpdate Content' under Tasks.
0
 

Author Comment

by:carrgater31
Comment Utility
Bingo!

That has done it. All the definitions have now downloaded and we are up to date!
Thanks for your help!
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
This video discusses moving either the default database or any database to a new volume.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now