I have updated to latest version of Symantec and is that Firewall turned off notifications pop up messages. Symantec works fine and all FW logs are captured. Any help
I would like to install Symantec Endpoint Protection on our computers in local network, but we mustn’t connect anyone to internet anytime now and later. Is it possible to install SEPM, deploy clients on other computers this way without any interferences? Can SEP work offline? Do we need to uninstall LiveUpdate while doing that or is it necessary to work with .jdb files and working with other nodes? Are there any other tips i need to know?
Thanks in advance for answers
Can anyone confirm that clients running an older version of SEP 14 should still recieve virus definition updates from the SEPM automatically after an upgrade to SEPM? Usally I like to perform a staged migration from the older client to the newer client after an update. After the most recent update clients running 1 version behind have stopped recieving virus definition updates from the SEPM, however they have stayed in contact with the server. I did upgrade one client to prove my theory, once it was upgraded it started reciving virus definition updates. Additionally if I run LiveUpdate striaght from the server the virus definitions update on an old client. Aditionally if I change the LiveUpdate settings policy to only use the default Symantec LiveUpdate server, ie go out to the internet, the clients will recieve the definition updates.
After update from 14.2 RU1 to 14.2 RU2 (buil 5335) the the onnection to the LiveUpdate server failed via Proxy connection
This is urgent case, anyone can help?
Note: old version 14.2 RU1 liveupdate working fine with the same network enviroments.
Thanks in advance.
I have attached the capture liveupdate failure.
I’m currently configuring our LiveUpdate Administrator to get SEP 14.2 RU2 Products. I noticed that there are new products in the SEP 14.2 RU2 Content Updates.
Client – Network Threat Protection (IPS) Rollback
Client – Virus Definitions SDS (Win32) Rollback
Client – Virus Definitions SDS (Win64) Rollback
Can someone provide more details regarding these products? I can’t see any articles pertaining to these. Also, I’m saving space in our LUA Server’s HDD so I avoid adding products that we are not using.
***Taken From Symantec Support TECH102935 ***
You suspect that the virus definitions currently in use by Symantec Endpoint Protection (SEP) clients are corrupt, and would like to roll back to a previous virus definition set. These clients are managed by a Symantec Endpoint Protection Manager (SEPM). You wish to configure or control the content revisions that clients use.
the example below shows reverting AntiVirus definitions to an earlier version. The procedure works with other SEP components as well (reverting to an earlier release of IPS definitions, etc)
To rollback definitions, the [LiveUpdate Settings] policy -> Server settings -> [Use default management server] must be enabled.
The method described below can also be used to circumvent a confirmed False Positive (FP) until definitions are available that remove the detection. In the case of False Positives, though, creating a specific exclusion or awaiting new Rapid Release definitions is the recommended approach. As each set of new definitions includes protection against new threats, reverting to an older revision will always introduce security risk into an organization.
Follow the steps below to roll back virus definitions in Symantec Endpoint Protection Manager:
- Click Policies
- Select View Policies
- Click LiveUpdate.
- Double-click your current LiveUpdate Content Policy Under the “LiveUpdate Content” tab. The LiveUpdate Content Policy Overview dialog box appears.
- From the “LiveUpdate Content” section, click Security Definitions.
- Enable the Select a revision option located in the “AntiVirus and AntiSpyware definitions” section,
- Click the Edit button. The Select Revision – Antivirus and AntiSpyware definitions dialog box appears.
- Expand the drop-down list and browse to the appropriate (32-bit or 64-bit) definition set.
- Click the desired rollback definition date.
- Click OK.
- Click OK to close the “Security Definitions” dialog box and return to the “Policies” tab.
Note: Remember to later return to your LiveUpdate Content Policy and change back to the Use latest available option. Definitions on all endpoints must be kept current in order to protect against the latest threats in circulation.
Click HERE to go to original TECH article
Hi, I cannot update Symantec. Here’s the update log:
The following Symantec products and components are installed on your computer:
> AP Portal List
> Intrusion Prevention Signatures
> Symantec Endpoint Protection Client
> Common Network Transport Library and Configuration
> SEP Client Security Updates
> Endpoint Detection and Response
> AdvML (Static) Win64
> Application Control Data
> Symantec Whitelist
> SEPC Error Submission Control Data
> Centralized Reputation Settings
> Power Eraser Definitions
> Extended File Attributes and Signatures
> Submission Control Thresholds
> Virus and Spyware Definitions SDS Win64 (Reduced)
> Revocation Data
> WSS Traffic Redirection
> SONAR Definitions
Connecting to liveupdate.symantecliveupdate.com…
Connected to LiveUpdate server successfully.
Files to be downloaded: 17
Downloading catalog file (1 of 17) finished.
Downloading catalog file (2 of 17) finished.
Downloading catalog file (3 of 17) finished.
Downloading catalog file (4 of 17) finished.
Downloading catalog file (5 of 17) finished.
Downloading catalog file (6 of 17) finished.
Downloading catalog file (7 of 17) finished.
Downloading catalog file (8 of 17) finished.
Downloading catalog file (9 of 17) finished.
Downloading catalog file (10 of 17) finished.
Downloading catalog file (11 of 17) finished.
Downloading catalog file (12 of 17) finished.
Downloading catalog file (13 of 17) finished.
Downloading catalog file (14 of 17) finished.
Downloading catalog file (15 of 17) finished.
Downloading catalog file (16 of 17) finished.
Downloading catalog file (17 of 17) finished.
Session summary: 0 update(s) available, 0 update(s) installed.
LiveUpdate session is complete.
Hi, is it just me or you are also seeing the discrepency on Symantec Windows Definitions Updates? Today’s date is 2019/08/19.
Latest from Symantec: 2019/08/17 r3
Latest on Manager: 2019/08/18 r8
Where is the Manager getting the updates from?
Note: The manager is configured to download the updates from Symantec LiveUpdate.
I’m just installing new sepm, the version is 14.2.777xx (forgot the exact version). I’m trying to liveupdate from Sepm and the liveupdate got failed (screenshoot attached below). I already try uninstall and install the liveupdate manytime but still got the same error. I try to live update using liveupdate express and it also got failed to with code LU1835 (screenshoot attached below). I’m not using any proxy and already try to cleanup the liveupdate folder. Could someone help me please ?