ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Endpoint Protection Manager's reverse proxy is not caching LiveUpdate content


Article ID: 162031


Updated On:


Endpoint Protection


Symantec Endpoint Protection Manager's Apache server may be configured as a reverse proxy to provide LiveUpdate content to Mac and Linux clients. Clients receive updates, but the cache-root folder on the SEPM does not appear to be filling with cached LiveUpdate content. Or the SEPM Apache reverse proxy appears to be re-downloading the same content from Symantec LiveUpdate rather than storing it in the cache-root folder.


LiveUpdate content header properties may include directives that prohibit proxy caching.


When configuring SEPM Apache server as a reverse proxy to server Mac or Linux LiveUpdate content, ensure that the following lines are inserted into httpd.conf. These directives will override and caching prohibitions that may be in the LiveUpdate content headers:

CacheStoreNoStore On
CacheIgnoreCacheControl On
CacheStoreExpired On
CacheIgnoreHeaders Cache-Control Pragma

Additionally, on SEP Linux clients, edit the liveupdate.conf file (TECH123038, TECH228869) and set serverlogging=false.

Refer to HOWTO85034 for complete instructions; that article has been edited to include these steps.