How to distribute definition content from a LiveUpdate Administrator 2.x (LUA 2.x) server to an isolated network.

book

Article ID: 180346

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

 

Resolution

There is an alternative to downloading .JDB files and manually dropping them on a Symantec Endpoint Protection Manager (SEPM) to update virus definitions inside an isolated network with no outside connection.

Usage:

This method may be used to allow a SEPM or Unmanaged Symantec Endpoint Protection (SEP) clients to download and process definition content, including Virus and Spyware, SONAR/TruScan and Intrusion Prevention signatures, with minimal intervention required.

Solution:

Initial configuration:

  1. Install and Configure the source LUA following the install steps in KB TECH102701.
    • Use the default product distribution center.
    • Make sure you have a download schedule and a distribution schedule set about an hour apart.
       
  2. Configure the destination server to host content.
    1. Verify that the destination server has Internet Information Services (IIS) installed with at least the default web site on port 80.
      • Tomcat/Apache is a possible alternative. Adjust file paths accordingly.
      • If you wish to use a UNC path instead, please see KB TECH106222.
    2. Create a folder inside <Drive Letter>:\Inetpub\wwwroot called clu-prod.
    3. Copy an image or a text file to the clu-prod folder and verify that it can be opened through http://<server>/clu-prod/<filename>
      • Note: Failures here may indicate an issue with IUSR and the folder permissions. Change the account or permissions as needed.
    4. For more information, see How to configure a Windows Server 2008 as a Distribution Center for LiveUpdate Administrator 2.x content, KB TECH132545.
       
  3. Configure the SEPM to use a local LiveUpdate server. (Unmanaged SEP clients, see step 4.)
    1. Open the Admin page of the SEPM, then click Servers.
    2. Highlight the Local Site (site name) entry.
    3. Click Configure site properties.
    4. Switch to the LiveUpdate tab and edit the schedule as desired.
    5. Click Edit Source Servers...
    6. Select Use a specified internal LiveUpdate server
    7. Click Add and give the server entry a name.
    8. In the url, enter: http://<server>/clu-prod/
    9. Provide a user and password, if required, then click OK three times.
       
  4. Configure unmanaged SEP clients to use a local LiveUpdate server. (Skip this step for managed clients.)
    1. In the LUA, create a production Distribution Center that specifies the location of the destination server. 
      (See Adding distribution centers in "LiveUpdate Administrator Users Guide.pdf" - TECH134809.)
      • This Distribution Center should not have a schedule and the console will show that it is unreachable.
    2. Next, click the Configure tab.
    3. Click Client Settings.
    4. Highlight the destination Distribution Center.
    5. Click Export Windows Settings and save the Settings.Hosts.LiveUpdate file.
    6. Copy the file to a removable drive and move it to the unmanaged client.
    7. Paste the file in the LiveUpdate folder:
       
      • Symantec Endpoint Protection 11.x:
        • <Drive Letter>:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate  (Windows XP and 2003)
        • <Drive Letter>:\ProgramData\Symantec\LiveUpdate  (Windows Vista, 7 and 2008)
           
      • Symantec Endpoint Protection 12.1:
        • <Drive Letter>:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Config (Windows XP and 2003)
        • <Drive Letter>:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Config  (Windows Vista, 7 and 2008)
           
    8. LiveUpdate can then be manually launched from the SEP client GUI or configure the download schedule from: Change Settings, Client Management - Configure Settings, Scheduled Updates.)
       

Daily Maintenance

  1. Copy content from the source LUA to the destination server.
    1. On the source server, copy the <Drive Letter>:\Program Files\Symantec\LiveUpdate Administrator\clu-prod folder to a removable media. (Path may vary slightly by OS.)
    2. On the destination server, copy the contents of the clu-prod folder from the removable media to <Drive Letter>:\Inetpub\wwwroot\clu-prod or your Tomcat/Apache htdocs\clu-prod folder.
       
  2. Update the SEPM. (Skip this step for unmanaged clients.)
    1. If there is an already configured LiveUpdate schedule, allow it to update at the next scheduled time. (Default is every 4 hours).
    2. To update immediately:
      1. Open the Admin page of the SEPM, then click Servers.
      2. Highlight the Local Site (site name) entry.
      3. Click "Download LiveUpdate Content", then click Download on the popup window.

 

Powered by Wolken Software