Endpoint Protection

Hi,

My virus definition folder is growing very large, its currently up to 12GB. The server is retaining over a months worth of definitions and it is using up all my available disk space on my server.

How can i change Endpoint to only retain 1-5 days worth of definitions? or how can i delete these definitions on a regular basis?

Thanks

are you talking about the virusdef on SEPM or SEP client?

SEPM

Check the Link Below

http://www.symantec.com/business/support/index?page=content&id=TECH141811&actp=search&viewlocale=en_US&searchid=1355296475669

Have a look at this KB

Disk Space Management procedures for the Symantec Endpoint Protection Manager

To make Chnages in keeping the Number of Revisions, please see the Link below

http://www.symantec.com/business/support/index?page=content&id=TECH92225&actp=search&viewlocale=en_US&searchid=1355296594026

you need to change the content revision, check this link

Best Practices for configuring the number of content revisions to keep in Symantec Endpoint Protection Manager

http://www.symantec.com/business/support/index?page=content&id=TECH92225

I looked at the links that were posted and checked my "Disk Space Management for Downloads" it is set to keep 3 retentions.

Now for some reason it has kept the last months worth of retentions.

How do i fix this?

when did you change this? if it is changed it will take sometime to remove the old content revision.

This havnt changed it. It has been 3 revisions for 8 months now. all of a sudden its not working correctly.

I have no more room on my server, so if it doesnt remove the old revisions it cant download the new ones.

Restart SEPM service once and launch liveupdate manually.

By the way do you have both 32 bit and 64 bits clients which are served by this SEPM?

try restarting the SEPM srevice.

does manually deleting the old content revision help or does it appear back?

AravindKM, i have done what you suggested. waiting for the update to complete. Yes i do have both 32 bit and 64 bit clients.

pete_4u2002, I cannot delete the old content. It is in a hidden folder "Program Data" i can access the files but it wont let me delete them. "Requires admin rights" although i have admin rights the system still wont let me delete them.

STOP the SEPM and DB service and then try to delete the revisions.

Simply deleting manually the virus defs are not advisable.

Even after running the liveupdate if you are still facing the problem, I recommend you to clear the defs as per below KB

Only 32 Bit Antivirus / Antispyware Definitions are not updating on the 32 Bit / 64 Bit Operating System.

I ran the live update but it didnt delete the old defs, it just used up all my hdd space and stopped all my other services from running.

AravindKM, i looked at the link but i cant find the keys that the article states. Symcdata-sesmvirdef

See attached pic.

Please delete whatevever entries are available and try...

Perform below step.

I would suggest you to contact Symantec Technical Support.

can you post the screen shot of the virus def folder for 32 bit ?

The above is extracted from this document

http://www.symantec.com/docs/TECH104721