Thursday, January 7, 2010

Symantec endpoint Troubleshooting liveupdate issues

imagebrowser image

Symptoms: Virus Definitions not updating
Solution:
This document will help you to understand in which direction you need to troubleshoot.
You can refer to the flowchart below to isolate the issue you are facing. There are explanatory points at the bottom of the document to elaborate a bit more on that subject.
Troubleshoot Communication issue:
1. Make sure that you are able to browse to the websites below:
a. Liveupdate.symantecliveupdate.com
b. Liveupdate.symantec.com
c. Symantec.com
2. Make sure that the perimeter firewall has exceptions for the websites above
3. Run a packet capture and contact support for analysis
Check Connectivity between SEP & SEPM:
1. Do a Secars test to Test Connectivity between SEP and SEPM
Testing Communication from an Endpoint Protection client to the Endpoint Protection Manager
[ http://service1.symantec.com/support/ent-security.... ]
2. Get the sylinkmonitor logs to check the communication for any errors
SylinkWatcher and SylinkMonitor - tools for real-time debugging of SPA 5.x and SEP 11.x
http://service1.symantec.com/support/ent-security....
Remove corrupt definitions
1. How to clear out corrupted definitions for a Symantec Endpoint Protection Client [ http://service1.symantec.com/support/ent-security.... ]
Check if SEPM has Latest Definitions:
1. Open SEPM->Admin->Servers->Local Site
2. Show Liveupdate Downloads
3. Make sure that the date for 32 bit and 64 Definitions for ‘Virus & Spyware Definitions’ is up-to-date.

0 Responses to “Symantec endpoint Troubleshooting liveupdate issues”