The Policy Serial Numbers for all groups in the Symantec Endpoint Protection Manager are updated after LiveUpdate runs

book

Article ID: 157196

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

The policy serial numbers for all groups in the Symantec Endpoint Protection Manager (SEPM) are updated after LiveUpdate runs. This causes the Symantec Endpoint Protection (SEP) clients to download the a new copy of the policy file from the SEPM, even though no policy changes have been made.

No errors are associated with this issue.

Cause

Note: The SEPM must be configured for replication for this issue to occur.

 
Replication has been configured by the administrator such that SEP client installation packages are not replicated with all other sites in the replication partnership. This has allowed one or more sites to have one or more client installation package(s) which other sites do not have.
 
This mismatch of available client installation packages causes the SEPM to incorrectly update the policy serial number for each group after LiveUpdate runs which, in turn, causes the SEP clients to download a copy of the policy file even though no policy changes have occurred.

Resolution

The solution for this issue is to ensure that all SEPM sites in the replication relationship have the exact same client installation packages available to them. There are two possible ways to accomplish this.
  1. Manually delete or import client installation packages on all SEPM sites to make sure that all SEPM sites have the same client installation packages available.
  2. Temporarily enable replication of client installation packages.
Detailed steps for these two options are listed below.
 
How to manually delete client installation packages from a SEPM site:
  1. Login to the SEPM
  2. Click Admin > Install Packages > Client Install Packages
  3. Right-click the offending installation package and click Delete
  4. Click Yes
How to manually import client installation packages into a SEPM site:
 
 
How to enable replication of client installation packages:
 
Note: It is normally recommended to only turned this setting on for a temporary period of time, as it can significantly increase the amount of data transferred during replication by several hundred megabytes or more.
 
The following article explains this process: Replicating client packages and LiveUpdate content