Endpoint Protection

 View Only

  • 1.  Disable Liveupdate from client computers

    Posted Apr 26, 2010 02:21 PM
    In my organization, computers normally get Liveupdates from our Endpoint Protection server. I've noticed however looking at content filtering reports that all our clients are also sniffing the WWW for updates as well. How can I force those clients to only get updates from the server and to not download them from the internet.

    Thanks for those who can help, CAT


  • 2.  RE: Disable Liveupdate from client computers

    Posted Apr 26, 2010 02:49 PM
    Configure the policies for Live update so that take the definitions from the SEPM and not from the internet. This is possible only in case of a managed client of SEP 11. Once the policy is configured for the clients to take updates from the SEPM the Liveupdate button on the client side would be grayed out. Ensure that the created policy is assigned to the group which has the desired clients.




  • 3.  RE: Disable Liveupdate from client computers

    Posted May 06, 2010 09:14 AM
    I already had this setup identically, yet Websense Reporting will show that clients will still turn to the web for updates also. It's not the worst thing and not really a problem, just wondered why the clients were not working as they should.


  • 4.  RE: Disable Liveupdate from client computers

    Posted May 06, 2010 09:24 AM
    Which is the version you are using?
    Try this article
    in the logs any entry related to internet
    How to analyze Debug logs from GUP to determine which clients are taking definitions from GUP


  • 5.  RE: Disable Liveupdate from client computers

    Posted May 06, 2010 11:03 AM
    to minumize users from getting their updates from outside sources. As with CAT, I have our LU policy set to use only our management consoles and our 'internal' LiveUpdate servers but still I have situations like below, where 99% of our enterprise is using the defs I choose, and a handful of stragglers are grabbing thiers from some other source.



    Does anyone know? Is there some way I can force our LiveUpdate Policy back down to ALL our client machines? Just in case some have some switched to Symantec servers for their updates?


    @ioniancat21 - Seems like users will always be able to get their defs from outside sources. If they know how to redirect LU to Symantec or if all they do is get the daily intelligent updater. Unless there is some way to lock down the SEP client from receiving updates from anything other than what is directed by the LU Policy.

    -Mike