Avatar of scs-paul
scs-paul
 asked on

Symantec Endpoint Protection v 11 - how to point roaming users to local definition server

Hi
we run a MS server 2003 R2 domain across 17 sites and each site has a Syamntec End Point Protection Server that locally based users point to for their AV updates.
However, when users travel between sites their AV still gets its definition updates from the site they are normally based at causing extra network trafic that we would like to remove.
Is it possible to set SEP on the client PCs to look for a local server rather than their normal home server so that they get the definition updates from the LAN and not over the WAN?
Anti-Virus Apps

Avatar of undefined
Last Comment
scs-paul

8/22/2022 - Mon
ajkreddy

I dont think so. Client cant communicate with multiple servers at same time.
ASKER CERTIFIED SOLUTION
Member_2_4421735

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
scs-paul

ASKER
@jmlamb

Thanks but having a few issues with location awareness - namely the management server list appears to be a Location Independent Setting.

I want to be able to set up a group of users and then within that group I would have each location based upon IP address and then each location would have a different 'Management server list'.  But the management server list is set against the group and not the location.

Can you set up a management server list against the location?

I basically want to have a number of users in a group and then they are normally based at Loc A; when they travel to Loc B the location is changed by the IP address but I want them to look at the local server based on the management server list.  Not sure if this is possible.
Member_2_4421735

Yes, under each location within the group on the Policies tab, expand the Local Settings area under each location. You'll see a communications option there. Click on that and change the option from group to location based. Then you'll be able to assign a different MSL for each location within the group.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
scs-paul

ASKER
OK getting closer.  I have set up locations and set the location to change based on ip range and have assigned a different master server list and by extension a new master server list to this location.  I have travelled to this location and my SEP notifies me that my location has been changed.

When I view the Management page of the troubleshooting area on the SEP client it shows the location has changed but does not change the server.  Should this change.

If I try to perform a policy update from the client.  It then shows the server as offline.  

Wondering if I am missing something re the server set up.  So I start at location A and am on server A; I move to location B and it connects to server A and changes my location to be B which has master server list= Server B.  But how does server B know who I am?  I assume this is my problem.
Member_2_4421735

Are all of the SEPM's part of one site? Or is each one it's own site? If the latter, are the sites replicating with each other?
scs-paul

ASKER
Appears the sites are all independent with no replication.

So we have approx 15 servers all set up with install packages and unique groups.  I am assuming that I have to either join all these together or at least replicate between sites.  Can this be done without requiring re-install of servers?

At present when I try to add replication partner to a server I get the error message:  'The local site [My Site] does not have the information for the remote site.  Please synchronize the local site's data with it's partners first.' I assume this was something that should have been set up when the servers were first installed.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
scs-paul

ASKER
@jmlamb thanks for all your help.  Looks like I will be setting up loc awareness at all sites and using this to basically stop updates etc occurring for users away from their home site (bandwidth issues).  Further down the line I may look to clean up and get this working correctly.  Again thanks for your help.