Hi,

I hope my english will not be to bad to be understood.

I want to optimize my update virus definitions procedure because today i use .exe and manually update each station because they are not internet connected.

I know there is a .xdb (or jdb?) file which can automatically execute the update but since i upgrade to version 11 of Symantec Endpoint protection that's unsucessfull.

I plan to manually download the virus update with my workstation and after send this file to all stations will the plant LAN IP thanks to a share folder. May i have to modify this method?

Thanks you very much,

Benjamin

Hi,

How to update definitions for Symantec Endpoint Protection Manager (SEPM) using a .jdb file

Download Sep virus defination

Check this.

http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=rr

http://www.symantec.com/security_response/definitions.jsp

Hi,

Thank you for your quick answer,

I saw these topics and downloaded this .jdb file this morning but i don't have SEMP folder so i don't know where to paste the file.

Under C/Program files/... i just have SEP folder...

HI,

You can try this download also.

Script to download Definitions from SEPM

https://www-secure.symantec.com/connect/downloads/script-download-definitions-sepm

Check this

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

To update a managed client with a .jdb file:

1. In the Symantec Endpoint Protection Manager, go to Clients.
2. Select the group in which the client or clients can be found that need to be updated manually.
3. Edit the LiveUpdate Settings Policy.
4. In the LiveUpdate Policy, choose Server Settings in the left pane.
5. In the right pane, under Third Party Management, enable the option "Enable third party content management".
6. On the SEP client, make sure that the client received the policy change by checking for the existence of the 'inbox' directory as following paths:
   
   SEP 11.x:
   %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\inbox
   
   SEP 12.1.x:
   %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\CurrentVersion\inbox
   
   (Please note that on SEP 12.1.x clients the \inbox directory is always present, please check the Policy serial number to ensure it's matching the one published by SEPM)

Hi,

You have not mentioned whether you are using SEPM or not ?

If using SEPM in the network, then only need to update SEPM manually & it will push definitions update to all the clients.

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

http://www.symantec.com/docs/TECH104363

If not using SEPM then need to use Intelligent updater to update clients.

Using Intelligent Updater files to update client virus and security risk definitions

http://www.symantec.com/docs/HOWTO80903

Hi Benjtv,

To get the folder enabled to paste the .jdb file into you have to enable Third Party Management in the Liveupdate Policy > Server Settings at the bottom of page.

When the machines recieve this policy they will create the inbox folder you paste the.jdb file into distribute.

Ok, thank you for all these responses.

I'm confused because i m not sure but for my point of view, i don't use SEPM so i think i will not be able to udate clients without executing .exe on each of them.

Yes..however if possible you can distribute .exe via third party software if there is any.

Have you considered using the LiveUpdate Administrator software?

I've listed a couple of articles below for how you would go about hosting definitions on an LUA in an isolated network, as well as how to configure unmanaged SEP clients to use this internal LUA location to get their updates:

http://www.symantec.com/docs/TECH106254

http://www.symantec.com/docs/TECH166129

http://www.symantec.com/docs/TECH123388

Is this more what you were after?

I notice this option and will come back to you when i would have test it.

Hi Benjtv,

I noticed that most of the comments were for SEP 12 but you had listed SEP 11.  Since you are using SEP 11, it is fairly easy to update the definitions on at least Windows XP systems.  Just download the .jdb file from Symantec and then unzip the contents to \Program Files (x86)\Common Files\Symantec Shared\Virusdefs\incoming on x64 systems or \Program Files\Common Files\Symantec Shared\Virusdefs\incoming  on x32 systems.  I think the location on Vista and later systems is in Program Data, I would have to check.  But depending on the number of systems that you have, you may be better off setting up a local definitions server and have the systems point to that.

Good Luck.

Hello Benjtv,

Agree with Chetan, use the third party s/w for distribution the content.

Good news for admins and end users who find themselves in this situation!

SONAR and IPS Intelligent updater (IU) are now available on :

http://www.symantec.com/security_response/definitions.jsp

NOTE: These SONAR and IPS Intelligent updater are only for SEP 12.1 RU3.

For more information, please see Latest Symantec Endpoint Protection Released - SEP 12.1.RU3