Troubleshooting content delivery in an Endpoint Protection environment

book

Article ID: 180681

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

 

Resolution

When troubleshooting content delivery, you will first need to determine if the issue is likely with the Symantec Endpoint Protection Manager (SEPM) (eg. all clients cannot update), Group Update Provider (GUP) (eg. all clients going to a single GUP cannot update) or clients (eg. some clients cannot update). The following document may assist troubleshooting.
 
Symantec Endpoint Protection: LiveUpdate Troubleshooting Flowchart
 

If the issue appears to be with the SEPM:

  • Verify the SEPM has the updated definitions. See the following document
    LiveUpdate and content troubleshooting for the Symantec Endpoint Protection Manager
    http://www.symantec.com/docs/TECH105924
  • Verify the SEPM is set to download the specific content. In the SEPM, this can be done via Admin > Servers, right click Local Site > Edit site properties. On the LiveUpdate tab under "Content Types to Download" click "Change Selection" and verify the specific content type is checked.
  • Verify the LiveUpdate policy for the specific group is set to allow the latest content of the specific type. See the following document 
    Configuring the types of content used to update client computers
    http://www.symantec.com/docs/HOWTO55181
  • Enable debug logging on the SEPM, run LiveUpdate and check the logs for errors. See the following document
    How to debug the Symantec Endpoint Protection Manager console in Symantec Endpoint Protection 11.x
    http://www.symantec.com/docs/TECH102413

If the issue appears to be with a GUP:

  • Verify in the SEPM that the LiveUpdate policy the clients have specify to use a GUP. 
  • Verify in the SEPM that the LiveUpdate policy the GUP has specifies that it is to be a GUP.
  • Check that the GUP knows it is a GUP and that it is listening for connections. See the following document
    Troubleshooting the Group Update Provider (GUP) in Symantec Endpoint Protection (SEP)
    http://www.symantec.com/docs/TECH104539
  • Verify that clients are attempting to retreive updates from the GUP. See the following document
    How to confirm if SEP Clients are receiving LiveUpdate content from Group Update Providers (GUPs)
    http://www.symantec.com/docs/TECH97190

If the issue appears to be with the clients:

  • Verify in the SEPM that the LiveUpdate policy the clients have specify to use a GUP. 
  • Verify the clients are connected to the SEPM and in the correct group. See the following document
    Symantec Endpoint Protection: Troubleshooting Client/Server Connectivity
    http://www.symantec.com/docs/TECH105894
  • Verify the client is attempting to connect to the GUP and get definitions
    How to enable Sylink Debugging for Symantec Endpoint Protection in the registry
    http://www.symantec.com/docs/TECH104758