Symantec Endpoint Protection Manager's reverse proxy is not caching LiveUpdate content

book

Article ID: 162031

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection Manager's Apache server may be configured as a reverse proxy to provide LiveUpdate content to Mac and Linux clients. Clients receive updates, but the cache-root folder on the SEPM does not appear to be filling with cached LiveUpdate content. Or the SEPM Apache reverse proxy appears to be re-downloading the same content from Symantec LiveUpdate rather than storing it in the cache-root folder.

Cause

LiveUpdate content header properties may include directives that prohibit proxy caching.

Resolution

When configuring SEPM Apache server as a reverse proxy to server Mac or Linux LiveUpdate content, ensure that the following lines are inserted into httpd.conf. These directives will override and caching prohibitions that may be in the LiveUpdate content headers:

CacheStoreNoStore On
CacheIgnoreCacheControl On
CacheStoreExpired On
CacheIgnoreHeaders Cache-Control Pragma

Additionally, on SEP Linux clients, edit the liveupdate.conf file (TECH123038, TECH228869) and set serverlogging=false.

Refer to HOWTO85034 for complete instructions; that article has been edited to include these steps.