This is the standard interface to enter Explicit Group Update Providers in SEP 12.2.x:
This interface is servicable enough with a small number of entries, but when you are entering in hundreds of entries, this interface can be time consuming. Using instructions similar to the KB article "How can I add a large number of hosts to a Host Group in Symantec Endpoint Protection", we can enter in multiple entries easily into the Explicit Group Update Provider List (or the multiple Group Update Provider list). Here are the instructions that are based off the ones in the linked knowledge based article.
1. Login into your SEPM management console
2. Go to Policies - Live Update
3. Export an existing Live Update policies that includes at least one explicit GUP in it that you want to bulk add GUP's to.
4. Rename the exported policy from *.dat to *.zip
5. Open up the zip archive and extract the main.xml file
6. Open the main.xml file
7. Find the section marked <ExplicitGUPMapping> and copy the whole section.
8. Create a new excel document
9. Add a list of subnets in Column B of of the document and a list of the corresponding GUPs per subnet in Column D
10. In Column F you will need to paste in a list of unique 128 bit Hex keys that are as long as your list of hosts
11. Add the beginning XML tag to Column A (example: <ExplicitGupEntry ClientSubnet=")
12. In Column C place the tag information that occurs after the subnet, but before the IP address (example: " GupMappingType=GUP_IPADDRESS" GupMappingValue=")
13. In Column E we place the XML tag information that happens after the IP addres, but before the unique key (example: " Port=2967" _d="false" _i=")
13. In Column G you paste in the closing tag information (example: " _t="1354330697081" _v="6"/>)
Things to be aware of in this step as an FYI:
o _v parameters can all be the same
o _t parameters can all be the same
14. Use Excel to fill in Columns A, C, E, G with the information you placed in the first row.
15. Copy Columns A through G and paste them into your text editor of choice. You will have to remove the the tabs in the document to get the formatting correct. If you are using Notepad copy one of the tabs and use Find/Replace to remove the tabs. After you are finished you will have a list that looks like this:
16. Copy and past this into the explicit GUP section of the main.xml file
17. Save the main.xml file and zip it up.
18. Rename the .zip file to a .dat file
19. Import this policy into your SEPM and have an updated list of GUP providers.
This method should only be used if you are dealing with an extremely large number of GUPs. For a handful of GUPs any time savings you gained from this method would be minimal.
This same method can be used for inputting multiple GUPs into the SEPM by using the steps listed (altered for the XML) and going under the GUPRuleSet section of the main.xml file. For this section you will only need 4 columns. Column A will be the beginning of the XML tag, Column B will be the hex string that occurs after i=", Column C you can copy everything before the IP address, Column D will be your GUP IP Addresses, and Column E will be the closing of your XML tag following the IP address.
Test this in your development environment before importing it directly into your production environment.
Brent Gueth
Security Consultant
Conventus Corporation
