Symantec endpoint protection client not updating definitions
Rapid Release definitions are most useful as a means of stopping fast-spreading threat outbreaks or preventing initial incursion of an attack at the gateway.
Several times each weekday, all new detections added as Rapid Release definitions go through the complete QA process, including testing for false positives and testing for full compatibility with Symantec Endpoint Protection.
Under normal conditions, Symantec recommends Certified definitions for routine use on enterprise Endpoint systems.
If you are unsure as to which definitions set you should use, please contact Symantec Support for guidance.
This document explains how to update Symantec Endpoint Protection definitions by running Live Update.
TEM managed clients should receive updates automatically from the server.
These clients are configured to receive their updates from their Symantec Endpoint Protection Manager (SEPM).
The SEPM shows old virus definitions in "Admin Server Activity logs may provide details on the nature of the failure.
Please note that using Rapid Release definitions regularly, on the endpoint instead of Certified definitions is not encouraged by Symantec.One possible cause is that old or corrupted virus definitions present on the SEPM prevent the SEPM's ability to update the SEP clients with new virus definitions.Use certified virus definitions, Network-Based Protection, or Behavior-Based Protection files to update content on the Symantec Endpoint Protection Manager when it cannot access either the Internet or a Live Update Administrator (LUA) server.Inside the Full folder are the files typically associated with a virus definition set.Notes Additional Clarification: The Intelligent Updater files are designed to update client installations for Symantec Endpoint Protection only.