search cancel

Error: Device failed to connect to Symantec for content update

book

Article ID: 161793

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

Health Status in the Endpoint detection and response (EDR) User Interface (UI) shows a Red Critical.

Message appears as "Device failed to connect to Symantec for content updates"

Cause

LiveUpdate was not able to retrieve virus definitions or other content.

Resolution

Check to confirm that the Device where this message appears can reach the LiveUpdate servers.

status_check command can be run to validate if there is connectivity with the Symantec servers.

If symptoms persist, open a case with Symantec Technical Support.

There was a known issue of content failure in older build wherein Proxy server is configured to connect to the Internet and Symantec Liveupdate server was accessible. A workaround was as follows:

  1. Log into EDR.
  2. Click on Settings> Appliances> and then click the Appliance
  3. Scroll down to Network Proxy section.
  4. Uncheck the box that is checked and wait a few seconds and check the same box again.
  5. This should overwrite the default settings.
  6. Wait for Liveupdate to run again.
  7. If successful then the Red Critical should go away and you should see a green Healthy Status.

Other option is to configure EDR appliance to connect directly to the internet