Clients keep downloading virus definitions from SEPM via proxy when SEPM and SEP are in the same local network.


Article ID: 178074


Updated On:


Endpoint Protection


High load observed on proxy. Proxy logs indicate that local traffic traversing the proxy is communication traffic between client and the SEPM.



Clients are not configured to bypass the proxy correctly. Proxy servers are detectable by clients configured to auto-detect proxy servers. This has been seen to happen with Blue Coat proxies. Proxy servers are networked to proxy all traffic regardless of client configuration.


Ensure that the clients are configured to bypass the proxy.

  1. Open Internet Explorer.
  2. Tools > Internet Options > Connections > LAN settings.
  3. Uncheck "Automatically detect settings".
  4. Under proxy server, click "Advanced".
  5. Under Exceptions, enter in the SEPM IP address and hostname.
    Note: Also can add the local network for example: 10.*.*.* or 192.168.*.* depending on the addressing of the local network.
  6. Reboot and test.

Note: If clients are still communicating through the proxy after configuring to bypass the proxy, add exceptions to the proxy server to "no authentication" for any request going to the management servers. Traffic that traverses the proxy going to the SEPM should now be ignored.

Http error 407 is seen in the sylink log:
This can be caused by a change in proxy configuration. But the change did not consistently change in all the places the configuration is stored in the registry. Proxy configuration can be refreshed by deleting the these registry keys and rebooting. After reboot the operating system will repopulate the proxy configuration in the registry. For steps on how to do this please refer to the following KB.

Client is not appearing in Symantec Endpoint Protection Manager (SEPM), error: HTTP returns status code=407

Client is not appearing in Symantec Endpoint Protection Manager (SEPM), error: HTTP returns status code=407

SEP MR4 MP1A loses communication with SEPM servers after IE8 is installed