Endpoint Protection

 View Only

  • 1.  SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 03:43 PM
    Like everyone else, we initially ran into the issue where clients would not show virus definitions later that 2009-12-30 or whatever the date was.  When the fix was released from Symantec, we applied it, clients started showing the correct date, we're all happy--except me.  My SEPM console home "dashboard" shows the leatest defs. out there as being from 2009-12-30 (see screenshot below).  Let me be clear here:  the clients have the correct defs. and the clients themselves show the correct date, it's just in SEPM where the date is wrong.  This is not the same issue the rest of the people who post without searching are fighting.

    I've tried the obvious things like restarting the service, deleting scm-server.jar and renaming scm-server-disabled.jar, etc.  My SEPM version is 11.0.5002.333.  I'm running on Windows Server 2003 R2 SP2.  Ideas?

    Screenshot


  • 2.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 04:00 PM
     Try this
    SEPM - Admin - Servers- Loca Site-properties - Liveupdate
    Change the content revisions to keep to 1.
     Log off from SEPM.
    Restart SEPm and embedded database service.
    Log back into SEPM and change the content revisions back to the number you have.

    SEPM might be showing wrong information because of the chached definitions in SEPM.


  • 3.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 04:07 PM
    What information you get when you pull a report for virus defs?

    Title: 'Virus definition information are different between the Home and the Report page on the Symantec Endpoint Protection Manager'
    Document ID: 2009090315384548
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2009090315384548?Open&seg=ent


  • 4.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 04:23 PM
     
    navigate to

    C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox ..or C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\temp\UploadTemp\

    and delet all .tmp files and .dat files and restart the SEPM service



  • 5.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 05:24 PM
    That didn't have any effect. Thanks though.


  • 6.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 05:26 PM
    The report gives the same information that I see in the dashboard--that virus defs. are from 2009.


  • 7.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 05:27 PM
    I have no .dat or .tmp files in those directories.  Do users need permissions to write to the C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox folder?  They currently only have read permissions to that folder.


  • 8.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.

    Posted Feb 15, 2010 05:53 PM
    I was working on a similar case today , where the customer had the same issue , but on his case the defintion was showing 28 jan but all the clients had 14 Feb.

    What we did we entered the correct proxy setting in the ADMIN --> Server -->Proxy and rebooted the server

    Within 5 mins  the SEPM had the correct information

    See if you can try this and if it helps


  • 9.  RE: SEPM Virus Def. Dist. incorrectly shows latest def. as 2009-12-30--client running latest defs.
    Best Answer

    Posted Feb 15, 2010 06:16 PM
    I granted write permissions to the C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\ folder, and every folder below it, and it seems to have fixed the issue.  I have 13 clients showing their defs. as being from today.  I imagine more will show the same as they check in with the server.

    Thanks for your help, you at least got me looking in the right place.