Symantec endpoint definitions not updating
They assist you in evaluating clients against posture policies, and as well as enforce clients to meet requirements that are required for compliance with your organization's security policies.The posture service checks the state (posture) of the clients for compliance with your corporate security policies before the client gains the privileged network access.If the client is not able to download the definition from the GUP due to the amount of time it takes or if the GUP is unavailable, it will then default to pulling definitions from the SEPM.This is to insure that definitions are available to the client even if GUPs are unavailable.Symantec’s Security Technology and Response organization is the division responsible for the innovation and development of Norton’s security technologies that provide protection in five layers: file based (antivirus), network based (firewall), behavior (SONAR), reputation, and remediation.The Security Technology and Response (STAR) is a worldwide team of security engineers; threat analysts and researchers.Once clients have been installed and operating normally the definition updates are normally between 40kb-200kb.These updates occur roughly three times a day on average.
For information on the posture service in detail, see the "Understanding the Posture Service" section.
Our STAR team monitors malicious code reports from more than 130 million systems across the Internet, receives data from 240,000 network sensors in more than 200 countries and tracks more than 25,000 vulnerabilities affecting more than 55,000 technologies from more than 8,000 vendors. The technology collaborates and operates more efficiently and effectively to discover if a given situation is malicious or not.
As each technology learns different things about a process or a file, it will share what it learns with the other technologies.
The GUP technology in SEP allows administrators to designate client systems within the environment to distribute client definitions in a peer fashion.
In an environment where a GUP is configured, clients designated to use GUPs will reach out on port 2967/TCP to see if there is a definition update available.
Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.