How to use LiveUpdate Administrator 2.x with Symantec Security Information Manager 4.5, 4.6, 4.7, 4.8 and SSIM Event Collectors

book

Article ID: 177451

calendar_today

Updated On:

Products

Security Information Manager

Issue/Introduction

Updates for Symantec Security Information Manager (SSIM) 4.x and/or the SSIM Event Collectors may be provided internally on a network by the current  LiveUpdate Administrator 2.3.x (LUA 2.3.x) server.  This article provides details on how to update SSIM and/or the SSIM Event Collectors using the current LUA 2.3.x.


 

Resolution

LiveUpdate Administrator 2.3.2.99 or newer is required to successfully retrieve LiveUpdate content for the SSIM Event Collectors. To download the latest verison of LUA 2.3.x, please visit What is the latest version of Symantec LiveUpdate Administrator 2.x (LUA 2.x)? 

Please review the documents in provided for LiveUpdate Administrator for requirements to install the server.  At the time of this document the information is available here

Install the latest available LiveUpdate Administrator 2.3.x and make a note of where the download and distributed packages are placed. You can change these paths if required.

One you have installed LUA 2.3.x you will have to create a "download and distribution" schedule for SSIM 4.5, 4.6, 4.7,4.8 and collectors.

Configure LiveUpdate Administrator 2.3x for SSIM and SSIM Collectors only

Step 1:

    • Log in to the LiveUpdate Administrator
    • Select Configue and click on the Update Symantec Product Catalog link. You will see the Symantec Event Collectors 2.0 add after the catalog has been updated.
    • Select Configure -> My Symantec Products and and click on Add New Products
    • Select Symantec Event Collectors 1.0 , scroll to the bottom of the windows check all the boxes and click OK
    • Select Symantec Event Collectors 2.0 , scroll to the bottom of the windows check all the boxes and click OK
    • Click on Add New Products and select Symantec Security Information Manager, scroll to the bottom of the window, check all the boxes and click OK


Step 2:

    • Select Configure -> Distribution Centers scroll down to the middle of the page and make a note of the URL for the Distribution Center you will use that when configure SSIM and the collectors for Java LiveUpdate. Here is an example URL: http://mp-sesa6:7070/clu-prod,
    • Select the Distribution Center, this document uses the Default Production Distribution Center.
    • Check the box next to Default Production Distribution Center and click on Edit go to the Product List and click on the Add button.
    • Select Symantec Event Collectors 1.0 , expand the list and uncheck the the collector updates you do not need,
    • Select Symantec Event Collectors 2.0 , expand the list and uncheck the the collector updates you do not need,
    • Check Symantec Security Information Manager 4.5 English, Symantec Security Information Manager 4.6 English and Symantec Security Information Manager 4.7 English . Click Apply
    • You should now see the list of Products in the middle of the page, if you are downloading everything each product will have a green check under Component Coverage, if you only downloading certain Event Collectors it wil have a circle with a yellow slash under Component Coverage. Click Apply

Step 3.

    • Select Download and Distribute click on Add Download
    • At the next page fill in these blanks Download Schedule name: Status:Enabled, Select Products -> click on Add
    • Check the box for Symantec Security Information Manager 4.5, Symantec Security Information Manager 4.6, Symantec Security Information Manager 4.7 English, Symantec Event Collectors 2.0 and Symantec Event Collectors 1.0
    • Click on Add then scroll to the bottom of the page
    • Select Schedule: Weekly would be good for SSIM, at this time LiveUpdates are usually one released once a month as a group. Click on OK

Step 4:

    • Select Download and Distribute, click on Add Distribution
    • At the next page fill in these blanks Distribution Schedule name: Status:Enabled, Select Products -> click on Add
    • Check All Products Box then click on Add
    • Select Schedule: I use 2 hours after the Download time

Note: Before you create the Java LiveUpdate configuration for SSIM and off box collectors open browser and type in the URL for the distribuition center. You should see a list of files in this directory. If you do not see a list of files, the download or distribution might have failed or was not correctly set up, the names on these files will contain the name of the collector update.

Setup the Java LiveUpdate configuration on the SSIM 4.x or any offbox Event Agent/Collector

To create the Java LiveUpdate configuration:

    1. Connect to your Information Manager with the SSIM Client.
    2. In the left pane, click System.
    3. In the right pane, go to the Product Configurations tab.
    4. Navigate to LiveUpdate 1.0 > Java LiveUpdate.
    5. Right-click on Java LiveUpdate and click New.
    6. Follow the Create a new Configuration Wizard and add the appliances and agents that are to download updates from the LiveUpdate Administration Utility.
    7. Click Finish on the Configuration summary page of the wizard.


To setup the Java LiveUpdate configuration

    1. Select the Java LiveUpdate configuration created in the previous set of instructions.
    2. On the right side of the Product Configuration tab, click the Hosts tab.
    3. Setup these options:
      • Host1URL - URL from the Distribution Center for example: http://mp-sesa6:7070/clu-prod
      • Host1Username - Username if you have setup LUAdmin to require a username, otherwise leave blank
      • Host1Password - A password if you have setup LUAdmin to require a username, otherwise leave blank
    4. At the bottom, click Save.
    5. On the toolbar at the top, click the Distribute settings to computers icon.

If you have more than one LiveUpdate Administration Distribution Center configured, you may set up additional Hosts within the configuration.

Important Note: LiveUpdate Administrator uses Apache Tomcat as a webserver.  If you install LUA 2.x on a computer with IIS running or the Symantec Endpoint Protection Manager (SEPM), you might run into conflicts with resources and ports. This document was tested on a machine without IIS, a SEPM or the SEP database.