Endpoint Protection

 View Only
  • 1.  Updates

    Posted Jul 17, 2012 02:23 AM

    Hi all,

     

    How will I know which client is going to consume heavy updates from Antivirus server.

    Do Antivirus server Management console has such features which will list real time virus definition update’s communication between client and Server.

     

     

    My version for SEPM is MR4



  • 2.  RE: Updates

    Posted Jul 17, 2012 02:42 AM

    as i know, you can only see from the logs to view clients activitis, and which aren't the real time view.



  • 3.  RE: Updates

    Broadcom Employee
    Posted Jul 17, 2012 02:59 AM

    check the iis logs

    it will look something like this, whether delta or full and client IP

    2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110213003/Full.zip 10.225.248.1 200 90702117
    2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110214002/Full.zip 10.234.56.30 200 69206309
    2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110213003/Full.zip 10.236.200.3 200 84279589
    2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/Full.zip 10.233.232.70 200 94896421
    2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/Full.zip 10.232.112.70 200 62849317
    2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/Full.zip 10.235.8.6 200 71696677
    2011-02-16 07:26:22 /content/{C60DC234-65F9-4674-94AE-62158EFCA433}/110215002/Full.zip 10.224.184.70 200 49414437



  • 4.  RE: Updates

    Broadcom Employee
    Posted Jul 17, 2012 05:33 AM

    Hi Anil,

    SEPM is management console but information which you are looking for will be available through network monitoring tools like Whats up gold, Solar wind Orion etc.

    SEPM console won't be able to provide information about bandwidth utilization.

    As you stated it's MR4 I would suggest it's a time to upgrade to latest version.

    Check till date SEP releases

    http://bit.ly/m0vOJp

     

     



  • 5.  RE: Updates

    Trusted Advisor
    Posted Jul 17, 2012 09:06 AM

    Hello,

    To answer your Question above, it is important to understand HOW are virus definitions distributed from the Symantec Endpoint Protection Manager? Check this Article: http://www.symantec.com/docs/HOWTO53175

    Check these Articles below which would assist you on HOW to prevent the clients to download the Full definitions set from SEPM and limit Bandwidth usability - 

    Preventing Symantec Endpoint Protection (SEP) Clients from receiving FULL Antivirus/Antispyware definition packages from a patched Symantec Endpoint Protection Manager (SEPM)

    http://www.symantec.com/docs/TECH98453

    With default LiveUpdate content revision settings configured within the Symantec Endpoint Protection Manager, clients are downloading full definition updates instead of delta updates

    http://www.symantec.com/docs/TECH94916

    SEPM & SEP Client bandwidth troubleshooting

    https://www-secure.symantec.com/connect/articles/sepm-sep-client-bandwidth-troubleshooting

    Hope that helps!!