Endpoint Protection

 View Only

  • 1.  Broken SONAR Defs

    Posted Oct 29, 2013 05:10 AM

    I came in this morning to find a bucket-load of machines reporting as out-of-date.  The SEPM believes this to be due to old SONAR defs, and yet the Symantec site is reporting the latest SONAR defs as being from 22nd August (see screnies).  The peculiar thing is that there clearly were later defs released as some machines (and the SEPMs of various environments) report SONAR defs of 24th October.

    Symantec, if you are going to rescind defs and mess about with my monitoring, then please spin up a site where I can monitor such changes.  This is similar to the below thread where the VDefs were also reverted without notification or reason:

    https://www-secure.symantec.com/connect/forums/old-defs-1042013-rev-35



  • 2.  RE: Broken SONAR Defs

    Broadcom Employee
    Posted Oct 29, 2013 05:21 AM

    http://www.symantec.com/security_response/definitions.jsp?inid=us_sr_flyout_updates_virusdef

    its the current definition

    Behavior-Based Protection

     
     
    Definitions Released: 10/28/2013
    Extended Version: 10/24/2013 rev. 11

     



  • 3.  RE: Broken SONAR Defs

    Posted Oct 29, 2013 05:24 AM

    Still says the same as my screenie on the actual download page:

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sonar



  • 4.  RE: Broken SONAR Defs

    Broadcom Employee
    Posted Oct 29, 2013 05:28 AM

    yea, looks like glitch.. will reach out to the team..



  • 5.  RE: Broken SONAR Defs

    Posted Oct 29, 2013 05:31 AM

    Muchos gracias!



  • 6.  RE: Broken SONAR Defs

    Broadcom Employee
    Posted Oct 31, 2013 10:31 PM

    fixed, can you please check

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sonar

    sorry for the inconvinience.

     



  • 7.  RE: Broken SONAR Defs

    Posted Oct 31, 2013 11:57 PM

    Hi

    Please upgrade to SEP 12.1.4

    Regards

     



  • 8.  RE: Broken SONAR Defs

    Posted Nov 01, 2013 04:38 AM

    Yup, I noticed this yesterday.  Is there any explanation available?

    Was it just a bug on the site itself or was the Oct defs pulled at some point?  Oh, and do you know if there are any plans to introduce a "Revision History" similar to the AV defs?

    Thanks for looking into it



  • 9.  RE: Broken SONAR Defs

    Posted Jan 02, 2014 03:41 AM

    Hi All,

    we have SEP 12.1.4 but problem with PTP updates exists ... we have virus and spyware protection from 01.01.2014,but PTP updates are from 03.12.2013 when we created Symantec Client installation and is not updating from SEPM and not updating from internet too. any advice for PTP updates ?!



  • 10.  RE: Broken SONAR Defs

    Posted Jan 02, 2014 04:04 AM

    Hi

    Can you post the Sylink logs from the affected system

    Regards

     



  • 11.  RE: Broken SONAR Defs

    Posted Jan 02, 2014 04:29 AM

    I'd actually recommend you open up a new thread as your issue does not match the one I raised.

    That said, it shouldn't really be necessary as the date you reported does appear to be the current PTP defs anyway.  Please refer to the below links for verification that the current PTP defs are dated: 12/3/2013 rev. 11

    http://www.symantec.com/security_response/definitions.jsp?inid=us_sr_flyout_updates_virusdef

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sonar



  • 12.  RE: Broken SONAR Defs

    Posted Jan 02, 2014 01:55 PM

    Those are the latest PTP defs. PTP defs do not coem out every day like AV content. They are more likely to come out every couple weeks or so.

    See here:

    http://www.symantec.com/security_response/definitions.jsp

    Behaviour based protection is what you want to look at for the PTP def date