Endpoint Protection

 View Only

  • 1.  Comnunication betwen server and symantec

    Posted Jun 02, 2010 06:44 PM
      |   view attached
    Dear all:
     
    My SEPM that was working good until 05/26/2010 after that date all the clients did not have the actualization.  I verify the KB “Liveupdate and content troubleshooting for the symantec Endpoint Protection Manager” and realize that the most resent updates are 05/25/2010. (See the picture). According with that KB Log.Liveupdate shows that the server is downloading the actulization.
     
    5/29/2010, 1:27:16 GMT -> Progress Update: DOWNLOAD_FILE_START: URL: "http://liveupdate.symantecliveupdate.com/sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip", Estimated Size: 0, Destination Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads"
    5/29/2010, 1:27:16 GMT -> HttpSendRequest (status 200): Request succeeded
    5/29/2010, 1:27:16 GMT -> Download complete: Original estimated file size: 4210; Actual bytes downloaded: 4210
    5/29/2010, 1:27:17 GMT -> Progress Update: DOWNLOAD_FILE_FINISH: URL: "http://liveupdate.symantecliveupdate.com/sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip", Full Download Path: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip" HR: 0x0      
    5/29/2010, 1:27:17 GMT -> Progress Update: DOWNLOAD_BATCH_FINISH: HR: 0x0       , Num Successful: 1
    5/29/2010, 1:27:17 GMT -> LiveUpdate copied the Mini-TRI file from C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip to C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405\sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip
    5/29/2010, 1:27:17 GMT -> Progress Update: UNZIP_FILE_START: Zip File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405\sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip", Dest Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405"
    5/29/2010, 1:27:17 GMT -> Progress Update: UNZIP_FILE_PROGRESS: Extracting file: "liveupdt.grd"
    5/29/2010, 1:27:17 GMT -> Progress Update: UNZIP_FILE_PROGRESS: Extracting file: "liveupdt.sig"
    5/29/2010, 1:27:17 GMT -> Progress Update: SECURITY_SIGNATURE_MATCHED: GuardFile: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405\liveupdt.grd"
    5/29/2010, 1:27:17 GMT -> Progress Update: UNZIP_FILE_FINISH: Zip File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405\sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip", Dest Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405", HR: 0x0      
    5/29/2010, 1:27:17 GMT -> Progress Update: UNZIP_FILE_START: Zip File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405\sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip", Dest Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405"
    5/29/2010, 1:27:17 GMT -> Progress Update: UNZIP_FILE_PROGRESS: Extracting file: "liveupdt.tri"
    5/29/2010, 1:27:17 GMT -> Progress Update: UNZIP_FILE_FINISH: Zip File: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405\sesc$20virus$20definitions$20win32$20v11_microdefsb.curdefs_symalllanguages_livetri.zip", Dest Folder: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405", HR: 0x0      
    5/29/2010, 1:27:17 GMT -> Progress Update: SECURITY_PACKAGE_TRUSTED: "C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\Tri405\liveupdt.tri"
    5/29/2010, 1:27:17 GMT -> Available Update for Product: SESC Virus Definitions Win32 v11, Version: MicroDefsB.CurDefs, Language: SymAllLanguages, ItemSeqName: CurDefs.  Current Sequence Number: 100528002, New Sequence Number 100528021, Update filename 1275084968jtun_nav2k8en100528002.m25
     
    But ifa verify in the directory c:\program files\symantec\symantec endpoint manager\inetpub\content and the last files are dated 05/25/2010.  
    The last sesmlu.log is from 05\25\2010 and it shows that all is working.
    In order to have my clients up to date I used the *.jdb file and it work so the comunicacion between the client and the server is working. What it seams is not working is the comunication between the server and symantec. From my server I can Ping and traceroute to http://liveupdate.symantecliveupdate.com.
    I am using SEPM 11.0.4000.2295. The only changes that I made in the server was install COBIAN 10 and APC powerchute bussines version 8.01.  According with the documentation that I had the powerchute bussines version 6 has some issues with symantec.
    How do I force the communication between my server and Symantec?? Or any idea what is going on???


  • 2.  RE: Comnunication betwen server and symantec
    Best Answer

    Posted Jun 04, 2010 12:53 PM

    Update the definitions manually once on the Symantec Endpoint Protection Manager and then see if it updates automatically after that. Below is an article that you can refer to

    Title: 'How to update definitions for Symantec Endpoint Protection Manager using a JDB file'
    Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2007100820002048?Open&seg=ent

    If this does not work try clearing the corrupt definitions

    Title: 'Symantec Endpoint Protection Manager 11.x is not updating 32 or 64 bit virus definitions.'
    Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008041516215948?Open&seg=ent


  • 3.  RE: Comnunication betwen server and symantec

    Posted Jun 04, 2010 02:34 PM
    Try this


    1. Click Start, then Run.
    2. Type cmd, then click OK. This will bring up a command prompt.
    3. At the command prompt type cd and the path to lucatalog.exe. By default the command would be: 

      cd C:\Program Files\Symantec\Symantec Endpoint Protection Manager\bin
       
    4. Type lucatalog.exe -Cleanup

    Once completed
    lucatalog.exe -update



  • 4.  RE: Comnunication betwen server and symantec

    Posted Jun 10, 2010 10:14 AM

    Thanks Mudit and Vikram I applied  the KB  that you suggested Title: 'Symantec Endpoint Protection Manager 11.x is not updating 32 or 64 bit virus definitions.' and now its working.
    Again Thanks for your help