Solved

SEP ips signatures

Posted on 2012-04-02
7
1,013 Views
Last Modified: 2012-04-07
Hello,
I have SEPM server 11.0.7101 which i apply the definination updates manually to be distributed to clients. No live update used just the SEP Management server.  The clients get the AV definitions updated but the firewall (although status is green) definitions are old.  I am making assumption that the ips signatures is what the definition date stamp is for the firewall.  Why arent the ips signatures loading?  BTW. The SEPM console also reports that the ips signatures are of the old date.  So it appears that the SEPM is not processing the ips signatures when the jdb file is loaded.  Thanks for your help.
0
Comment
Question by:coolmike2
  • 4
  • 3
7 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 37799243
What is the status of your management iris definitions?
Do you have live update retrieving data?
Have you considered setting up a local live update dministrator and letting it download the updates while configuring the clients to use it for updates in addition to the management server?
Double check your manager's live update control panel to see which options/products are selected there.
0
 

Author Comment

by:coolmike2
ID: 37800754
Arnold,
not sure what iris def's are?  No live update is not running since not possible for this private lan. I place the jdb file in a particular directory on the SEPM server.
Thanks
0
 
LVL 76

Expert Comment

by:arnold
ID: 37800774
IPS not iris, it seem my word filler changed to a suggestion that I did not notice.
Downloading job files from Symantec download only deals with virus and not signatures if memory serves me right.
Check the sep management server for the version of signatures it has.  Any reason why you are not using the live update agent on the management server to update the various definitions?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:coolmike2
ID: 37800959
I thought i had read somewhere that all feature content is included in the jdb files. could be wrong of course. The latest signature version is dated march of 2010.
I cant use the liveupdate feature because this is a private lan (no outside connectivity).  I could potentially use live update on the clients to point to the SEPM server for their updates but don't see a reason to do that since the SEPM server seems to be updating the AV defs just fine on the clients. Thanks again.
0
 
LVL 76

Accepted Solution

by:
arnold earned 400 total points
ID: 37801288
You can only download the virus definitions:
http://www.symantec.com/security_response/definitions.jsp?pid=sep11_32
Everything has to be downloaded using live update. Look at live update administrator to download the updates at night. The connect it to the private LAN for the clients to use to update.
0
 

Author Comment

by:coolmike2
ID: 37806083
Its a nice option to have but unfortunately that cant be done. So how would i be able to manually import the ips signatures into my SEPM server?
0
 
LVL 76

Expert Comment

by:arnold
ID: 37806425
I'm unaware of other options.
In a way if the systems Have no external access, anti-virus feature is all that is needed.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now