Solved

SEP ips signatures

Posted on 2012-04-02
7
1,025 Views
Last Modified: 2012-04-07
Hello,
I have SEPM server 11.0.7101 which i apply the definination updates manually to be distributed to clients. No live update used just the SEP Management server.  The clients get the AV definitions updated but the firewall (although status is green) definitions are old.  I am making assumption that the ips signatures is what the definition date stamp is for the firewall.  Why arent the ips signatures loading?  BTW. The SEPM console also reports that the ips signatures are of the old date.  So it appears that the SEPM is not processing the ips signatures when the jdb file is loaded.  Thanks for your help.
0
Comment
Question by:coolmike2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 79

Expert Comment

by:arnold
ID: 37799243
What is the status of your management iris definitions?
Do you have live update retrieving data?
Have you considered setting up a local live update dministrator and letting it download the updates while configuring the clients to use it for updates in addition to the management server?
Double check your manager's live update control panel to see which options/products are selected there.
0
 

Author Comment

by:coolmike2
ID: 37800754
Arnold,
not sure what iris def's are?  No live update is not running since not possible for this private lan. I place the jdb file in a particular directory on the SEPM server.
Thanks
0
 
LVL 79

Expert Comment

by:arnold
ID: 37800774
IPS not iris, it seem my word filler changed to a suggestion that I did not notice.
Downloading job files from Symantec download only deals with virus and not signatures if memory serves me right.
Check the sep management server for the version of signatures it has.  Any reason why you are not using the live update agent on the management server to update the various definitions?
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 

Author Comment

by:coolmike2
ID: 37800959
I thought i had read somewhere that all feature content is included in the jdb files. could be wrong of course. The latest signature version is dated march of 2010.
I cant use the liveupdate feature because this is a private lan (no outside connectivity).  I could potentially use live update on the clients to point to the SEPM server for their updates but don't see a reason to do that since the SEPM server seems to be updating the AV defs just fine on the clients. Thanks again.
0
 
LVL 79

Accepted Solution

by:
arnold earned 400 total points
ID: 37801288
You can only download the virus definitions:
http://www.symantec.com/security_response/definitions.jsp?pid=sep11_32
Everything has to be downloaded using live update. Look at live update administrator to download the updates at night. The connect it to the private LAN for the clients to use to update.
0
 

Author Comment

by:coolmike2
ID: 37806083
Its a nice option to have but unfortunately that cant be done. So how would i be able to manually import the ips signatures into my SEPM server?
0
 
LVL 79

Expert Comment

by:arnold
ID: 37806425
I'm unaware of other options.
In a way if the systems Have no external access, anti-virus feature is all that is needed.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question