As a best practice, ensure that the SEPM is upgraded to the very latest release of SEP.
The issue causing the update issue may be resolved by the improved processing and enhanced features available in a software version later than what is running.
What you need:
1) Latest Certified Definitions from Symantec.
Please download the latest certified definitions from Symantec website at: http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep
Download the definitions for SEPM (.jdb format). File may be saved as .zip, please rename the file to .jdb when the download is complete.
2) LiveUpdate Installer shipped with the release of SEP in use.
The file is located in the SEPM folder on the installation media.
The filename is lusetup.exe
Step 1) Check the LiveUpdate version installed.
This can be done by locating the log.liveupdate file on the computer. The file should be in one of these locations:
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate
At the beginning of each LiveUpdate cycle, the LiveUpdate version will be shown. Verify the version of LiveUpdate reflects the version you have installed on SEPM.
Please proceed to Step 4, if the correct version is shown.
Step 2) LiveUpdate Installer
Assume the wrong LiveUpdate version is installed on the system, locate the LiveUpdate installer shipped with your release of SEP as per above.
Step 3) Remove LiveUpdate and install the correct version for SEP
- Uninstall "Symantec LiveUpdate" from the Windows Control Panel,
- Reboot the server,
- Install the LiveUpdate shipped with your release of Endpoint Protection.
Step 4) Cleanup the LiveUpdate Catalog and Re-register SEPM with LiveUpdate.
Open a command prompt and change directory to the following path (or the relevant path for the current installation).
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\bin
Type the following commands:
Step 5) Apply latest certified definitions.
Move the .jdb file previously downloaded into this folder (or the relevant folder for the installation)
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\incoming
File will be processed, and within a few minutes virus definitions will be updated on the SEPM Console and to the respective clients.
Click “Refresh” on the Console home page, if this is not the case.
Step 6) Proxy Settings
For environments with a corporate proxy, allow HTTP port 80 or FTP ports 20, 21 and port 443 connections to these hosts:
Note that IP address obtained by DNS resolution, should not be used, as this may be subject to change due to system updates and load balancing. It is highly recommended that the provided hostnames are used.
Disable content caching and AV scan in the proxy for that connection to avoid corruption of the definition files.
Step 7) Monitor System
Allow 24 hours to verify that LiveUpdate is now working properly. Monitor the system for a few days to ensure that updates are downloaded and installed properly.