This article describes how to download and update definitions for Symantec Endpoint Protection (SEP) clients using .jdb files.

In a managed environment, the Daily Certified or Rapid Release .jdb file can be used to update virus definitions for the SEP client. SEP clients will need to have third-party content management enabled before a .jdb can be applied.

Notes:

• The antivirus .jdb file contains only antivirus/antispyware definitions and will not provide updated content for the firewall, IPS, SONAR, and other features for the Symantec Endpoint Protection (SEP) clients.
• For SEP 12.1 RU2 and earlier, only virus definitions can be updated by downloading a standalone file such as a .jdb file or an IU. All other content types must be downloaded using LiveUpdate.
• For SEP 12.1 RU3 and later, .jdb and .exe standalone updaters are available for SONAR ("Behavior-Based Protection") and IPS ("Network-Based Protection") definitions. These are now available from Security Response's Virus Definitions & Security Updates page.

1. In the Symantec Endpoint Protection Manager (SEPM), go to Clients.
2. Select the group in which the client or clients can be found that need to be updated manually.
3. Edit the LiveUpdate Settings policy.
4. In the LiveUpdate policy, choose Server Settings in the left pane.
5. In the right pane, under Third-Party Management, enable the option "Enable third-party content management".
6. On the SEP client, check the Policy serial number to ensure that it matches the serial number published by SEPM.
7. The 'inbox' directory is found at the following path:

Windows 32bit: %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\CurrentVersion\inbox

Windows 64bit: C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\inbox

1. Download the .jdb file from the Symantec Security Response website:
   • Certified Definitions
   • Rapid Release Definitions
     
     Note: The file extension may change to .zip upon download. If this is occurs, change it back to .jdb.
2. For each SEP client that needs to be updated, copy the .jdb file into the folder noted step 6.
3. After a few minutes the .jdb file will be automatically processed. When complete, the client should reflect new antivirus definitions.

Troubleshooting

If a third-party management update fails, the content copied to the inbox will be moved to a folder called "invalid". Possible reasons for failure include:

• Third-party management has not been enabled.
• The file type is not supported.
• The file structure is incorrect.
• The content being installed by third-party management is already installed or is older than what is installed.

For more details on third-party management and updates regarding clients, see Using third-party distribution tools to update client computers.