Symantec Endpoint Protection: LiveUpdate Troubleshooting Flowchart

book

Article ID: 177870

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

How to troubleshoot failed LiveUpdate or definition update issues. 

Several important steps are illustrated in the short videos Troubleshooting Out-of-date Definitions on Clients (Part 1) and Troubleshooting Out-of-date Definitions on Clients (Part 2) on SymantecTV


 

Symptoms
Virus definitions are out of date

  • Virus definitions are not updating on the Symantec Endpoint Protection Manager (SEPM)
  • Virus definitions are not updating on the Symantec Endpoint Protection (SEP) clients
  • Some Symantec Endpoint Protection clients are not getting definition updates
  • LiveUpdate does not complete successfully

Resolution

The following flowchart can be used to help isolate LiveUpdate issues. Further explanation can be found below the chart.



  • Troubleshoot Communication issue: 
      1. Make sure that you are able to browse to the web sites below:
        1. Liveupdate.symantecliveupdate.com
        2. Liveupdate.symantec.com
        3. Symantec.com
      2. Make sure that the perimeter firewall has exceptions for the web sites above
      3. Run a packet capture and contact support for analysis

 

  • Check Connectivity between Symantec Endpoint Protection client & Symantec Endpoint Protection Manager:
  • Remove corrupt definitions
      1. Open the Symantec Endpoint Protection Manager
      2. Click on the Admin Tab
      3. Click on Servers
      4. Click on Local Site
      5. Click Show Liveupdate Downloads
      6. Make sure that the date for 32 bit and 64 Definitions for ‘Virus & Spyware Definitions’ is up-to-date
         
  • How to read the Log.liveupdate and SESMLu.log of Symantec Endpoint Protection Manager:
  • Make sure proxy settings are configured in Symantec Endpoint Protection Manager:

      


Attachments