search cancel

Core 1.5 definition support for Symantec Protection Engine

book

Article ID: 150160

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS

Issue/Introduction

 

Resolution

Earlier, the antivirus definitions package size was large (approximately 512 MB).This would consume the bandwidth and memory on Symantec Protection Engine. Symantec Protection Engine 7.0.4/7.5.2 is now incorporated with core 1.5 definitions support. You can now update Symantec Protection Engine with the latest antivirus definitions package, which has reduced considerably in size (approximately 280 MB). Thus, LiveUpdate, Rapid Release, and Intelligent Update can now run to obtain the updated antivirus definitions with core 1.5 definitions support.

Note: Although the core 1.5 definition packages are shipped with SPE v7.0.4 and SPE v7.5.2 onwards, the previous antivirus definition packages shipped with SPE v7.0.x and SPE v7.5.x also support the core 1.5 definitions seamlessly.

This enhancement offers core 1.5 definition support for the following antivirus definitions mechanism:

  • Intelligent Update
  • Rapid Release 
  • LiveUpdate

Core 1.5 definition support for Symantec Protection Engine on Windows platforms:

SPE Version(s)

IUv5

RRv4

LiveUpdate AV Defs

RRv5

7.0.0

Y

N

Y

N

7.0.1

Y

N

Y

N

7.0.2

Y

N

Y

N

7.0.3

Y

N

Y

N

7.0.4

Y

Y

Y

N

7.0.5

Y

N

Y

Y

7.5.0

Y

N

Y

N

7.5.1

Y

N

Y

N

7.5.2

Y

Y

Y

N

7.5.3

Y

N

Y

Y

Note:

  1. If you want to run core 1.5 Intelligent Update v5 on the SPE versions 7.0.0 to 7.0.3, you must apply latest hotfix that contains signed binaries SSEAUTH.DLL and DEFUDPLY.DLL.
  2. Rapid Release Core 1 v4 and Intelligent Update Core 1 v4 definition packages are discontinued by Symantec from May 2016. For Rapid Release and Intelligent Update support on Windows platform, see the following page: https://support.symantec.com/en_US/article.INFO3307.html

 

Core 1.5 definition support for Symantec Protection Engine on Linux/Solaris platforms:

SPE Version(s)

IUv4

RRv4

LiveUpdate AV Defs

RRV5

7.0.0

Y

Y**

Y

NA

7.0.1

Y

Y**

Y

NA

7.0.2

Y

Y**

Y

NA

7.0.3

Y

Y**

Y

NA

7.0.4

Y

Y

Y

NA

7.0.5

Y

Y

Y

NA

7.5.0

Y

Y**

Y

NA

7.5.1

Y

Y**

Y

NA

7.5.2

Y

Y

Y

NA

7.5.3

Y

Y

Y

NA

On Linux and Solaris platforms, if the SPE version is 7.0.0, 7.0.1, and 7.0.2, and you want to update definitions through Core 1.5 IU package, you must create Symantec.conf file under /etc directory.

Ensure that the following  information exists in the Symantec.conf file: 

   # Global settings that are not product or component specific
      # Product or component specific settings 

         [Symantec Shared]
         BaseDir=/opt/Symantec

 

For Solaris or Linux platforms, Core 1 v4 defintions publishing has been stopped. Symantec Protection Engine has started to support Core 1.5 v4 definitions, and they are available to download and to install from SPE v7.0.4 and  v7.5.2 onwards. Symantec recommends that you install latest available Symantec Protection Engine version.

 

**For Rapid Release definitions update to work for your Symante Protection Engine version, Symantec has provided the symbolic link symrapidreleasedefs-unix.sh that is redirected to the Core 1.5 RRv4 package link symrapidreleasedefscore15-unix.sh.   Symantec will remove this Symbolic link in ~3 to 6 months. We recommend that you update your liveupdate.xml file with Core 1.5 RRv4 link.  

To update the liveupdate.xml file for Core 1.5 RRv4 link

  1. Stop Symante Protection Engine service.
  2. Go to the Symante Protection Engine installation directory.
  3. Launch the command prompt.
  4. Run the following commands:
    • export LD_LIBRARY_PATH=/opt/SYMCScan/bin
    • ./xmlmodifier -s //liveupdate/rapidrelease/ftpsettings/url/@value ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus_corp/rapidrelease/symrapidreleasedefscore15-unix.sh liveupdate.xml
  5. Start Symante Protection Engine service.

For more information refer to Symantec Protection Engine Implementation guide on Page 118 available at the following links: