Symantec Corporate 9.0 Issue

J

JAW

Gawd
Joined
Feb 8, 2004
Messages
518
Some of the client computers are getting virus definitions not upto date warnings upon logon, even though the server and the client machine have newest matching definitions? Keep getting calls from people worried something is wrong, which is good i'd rather have them call me when something doesn't look right then to just ignore it :)
 
I was getting the same thing, if the machine is not on when the virus defs are scheduled to push out or the time of day update was after the PC had booted- even though it had already dl'ed the update from the master server or was about to do it during boot. My solution: turn off notifications, and check once a day for clients that were not up to date in the console. At first it was good that the clients were actually reading the message and putting a call in ( :surprised:) but it just became repetitive. Moving the time of day update earlier did not help. Any other solutions gladly accepted.
 
you don't have the server running live-update when the machines are on? or the server does not get around to pushing then out till later when they're off? i make my users leave their systems on all the time. that way i can run virus scans at night, run SUS updates at 3am, and increase my folding output by a good bit :D
 
Moving the time of day update earlier did not help. Any other solutions gladly accepted.
Click to expand...

I set the server to pull new definitions from Symantec once a day, but the clients to pull the definitions from our SAV server twice a day. That evened out the synchronization issue I was having.

- Qualm
 
Qualm said:
I set the server to pull new definitions from Symantec once a day, but the clients to pull the definitions from our SAV server twice a day. That evened out the synchronization issue I was having.

- Qualm
Click to expand...
so wait. how do you guys install your SAV? are you installing these as unmanaged clients? then you configure live update on each one to pull the updates from your SAV server?
 
No, they are managed clients, in the Symantec System Center I created a Group and set the parameters of the new Group to pull from the SAV server twice a day, then dragged the client computer names into the Group from the server listing ... those clients inherit the configuration of the Group. You can set up multiple groups with different configurations too if you want.

- Qualm
 
Are all of the machines on the same LAN as the SAV server? No routing? Sometimes the port it talks on can be blocked.
In the System Center, you have 'Update Virus Def's from parent server' clicked?
Right click the parent server -> All Tasks -> Symantec AV -> Virus Def. Manager

With the appropiate ammount of minutes under 'settings' ?

Sometimes when my clients are misbehaving, redropping grc.dat in c:\documents and settings\all users\application data\symantec\symantec antivirus\7.5
clears it up.
 
After thinking about it, I had the server pushing the updates at 8am. Well the people getting the error were the ones who came in at 9. It's because their computers weren't on for the push, i'll try setting two push times. The computers eventually get the update, so its more of an annoyance with the error msg then anthing. Thanks for the help guys :)
 
since you seem to have fixed your issue, i'm going to hijack this thread with (hopefully) a quick easy Q.

if i have symantec mail security for exchange running on my exchange server should i:
1) not run any other AV on the computer
2) run the usual symantec antivirus client and tell it to exclude the exchange directories from scanning

TIA
 
I've always done

2) run AV on the server and exclude SMS folders.

The exchange system itself has to be protected from viruses, JIC.

Also, i usually only run SMS on my exchange server as a secondary measure. Its common practices to let the dedicated smtp gateways to do all the antivirus checking, content filtering, etc. before its actually gets to your exchange server.
 
You must log in or register to reply here.
Back
Top