This article describes how to download and update definitions for Symantec Endpoint Protection (SEP) clients using .jdb files.

In a managed environment, the Daily Certified or Rapid Release .jdb file can be used to update virus definitions for the SEP client. SEP clients will need to have third-party content management enabled before a .jdb can be applied.

1. In the Symantec Endpoint Protection Manager (SEPM), go to Clients.
2. Select the group in which the client or clients can be found that need to be updated manually.
3. Edit the LiveUpdate Settings policy.
4. In the LiveUpdate policy, choose Server Settings in the left pane.
5. In the right pane, under Third-Party Management, enable the option "Enable third-party content management".
6. On the SEP client, check the Policy serial number to ensure that it matches the serial number published by SEPM.
7. The 'inbox' directory is found at the following path:

Windows 32bit: %ALLUSERSPROFILE%\Symantec\Symantec Endpoint Protection\CurrentVersion\inbox

Windows 64bit: C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\inbox

1. Download the .jdb file from one of the following links:
   
   • Certified definitions 14.0 or later
   • Rapid Release definitions
   • Network-Based Protection for 14.0 or later
   • Behavior-Based Protection
     
     Note: The file extension may change to .zip upon download. If this is occurs, change it back to .jdb.
2. For each SEP client that needs to be updated, copy the .jdb file into the "inbox" folder noted in step 7.
3. After a few minutes the .jdb file will be automatically processed. When complete, the client should reflect new antivirus definitions.

Troubleshooting

If a third-party management update fails, the content copied to the inbox will be moved to a folder called "invalid". Possible reasons for failure include:

• Third-party management has not been enabled.
• The file type is not supported.
• The file structure is incorrect.
• The content being installed by third-party management is already installed or is older than what is installed.

For more details on third-party management and updates regarding clients, see Using third-party distribution tools to update client computers.

There are multiple versions of .jdb files for the different SEP client versions and installation types. Please be certain to choose the correct file by looking for the patterns below:

Standard client type (Default)
jdb/core3sds/vd??????core3sdsi64.jdb
Symantec Endpoint Protection 14.3 to 14.3 RU4 x64

jdb/core3sds/vd??????core3sdsn64.jdb
Symantec Endpoint Protection 14.3 RU5 and RU6 x64

Dark-Network client type
jdb/core15sds/vd??????core15sdsi64.jdb
Symantec Endpoint Protection 14.3 to 14.3 RU4 x64 (Dark-Network Client only)

jdb/core15sds/vd??????core15sdsn64.jdb
Symantec Endpoint Protection 14.3 RU5 and RU6 x64 (Dark-Network Client only)

To determine which client type is installed, please see: Verify which Endpoint Protection client type is installed (broadcom.com)