Symantec endpoint protection 12 not updating virus definitions on client
In some environments client communication will go over the WAN while Internet traffic will traverse through a cheaper local ISP.In this scenario one serious discussion should be if it is better engineered to have all clients retrieve their definitions directly through the Internet to Symantec’s public Live Update servers.TEM managed clients should receive updates automatically from the server.If a client is not receiving updates automatically, follow this process.A freshly installed client will take a few hundred megabytes to get updated to the latest definition set.
Depending on how you publish definitions within your environment, something else to consider is the difference between cheap and expensive bandwidth.
The GUP technology in SEP allows administrators to designate client systems within the environment to distribute client definitions in a peer fashion.
In an environment where a GUP is configured, clients designated to use GUPs will reach out on port 2967/TCP to see if there is a definition update available.
In theory all clients in an environment can act as a GUP. What it is going to do is require all clients to reserve more hard drive space because they will all save separate definitions to be available to any possible peers.
In this scenario none of the agents will actually communicate with another GUP since a GUP can only retrieve updates from a SEPM.Gueth is a Senior Security Consultant with Conventus specializing in Symantec Endpoint Protection and Symantec Data Center Security.