Question/Issue:
You want to know how to update definitions for Symantec Endpoint Protection Manager using the. JDB file.

Symptoms:
When updating the SEPM antivirus definition content is not possible by running LiveUpdate (LUALL.exe) or scheduling LiveUpdate through the SEPM GUI, then manually updating the definitions content on the SEPM is the next preferred method.

Cause:
When the SEPM is behind a closed firewall/proxy or has no direct access to the Internet or an internal LiveUpdate server, the SEPM will not be able to retrieve content.

Solution:
The file *. JDB can be used to update the virus definitions for Symantec Endpoint Protection Manager.
Please note that the .JDB file only contains antivirus/antispyware definitions and will not provide updated content for the firewall component for the SEP clients.

Use the .JDB Daily Certified definitions or the .JDB Rapid Release definitions to update Symantec Endpoint Protection Manager content.
Please note that the consistent use of the Rapid Release definitions is not encouraged by Symantec and the use of the rapid release definitions is intended to be used on a case by case basis to mitigate a possible virus outbreak. Under normal conditions, Symantec strongly encourages it's customers to use the Daily Certified definitions for routine use.
If you are unsure as to which definitions set you should use, please contact Symantec Support for guidance.

To use the .JDB file to update definitions for Symantec Endpoint Protection Manager:

a. In a browser, go to the following URL: http://www.symantec.com/business/security_response/definitions.jsp
b. On the page presented, select "Download Definitions by Product".
c. Under the heading "Endpoint Protection" select "Symantec Endpoint Protection"
d. On the next web page presented "Symantec Endpoint Protection / Symantec Antivirus Corporate Edition"
e. There are multiple headings/product categories presented. Be aware that each set of definitions available are grouped by 32 bit or 64 bit product installation sets.

The definition set headings are divided in to 4 major categories:
1. Client installations on Windows Platforms (32-bit)
a. Symantec Endpoint Protection Client installations on Windows platforms (32-bit)
b. Symantec AntiVirus Corporate Edition Client installations on Windows platforms (32-bit)
2. Manager Installations on Windows Platforms (32-bit)
a. Symantec Endpoint Protection Manager installations on Windows platforms (32-bit)
b. Symantec Antivirus Server installations on Windows platforms (32-bit)
3. Client installations on Windows Platforms (64-bit)
a. Symantec Endpoint Protection Client installations on Windows platforms (64-bit)
b. Symantec AntiVirus Corporate Edition Client installations on Windows platforms (64-bit)
4. Manager Installations on Windows Platforms (64-bit)
a. Symantec Endpoint Protection Manager installations on Windows platforms (64-bit)
b. Symantec Antivirus Server installations on Windows platforms (64-bit)

f. Download the correct (32 bit or 64 bit) .JDB file as described in step (e.2.a) or (e.4.a) and save the file to the Windows desktop.
g. After downloading, rename the file extension from ".zip" to ".jdb". (Most browsers detect the file type and automatically change the extension. This must be changed back to .JDB for use in the SEPM.)
h. Copy the .JDB file to the "C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\inbox\content\ incoming" (The location listed in this line is the default installation location and is presented as an example only).
i. In a period of time from 30 seconds to a minute, the .JDB file will be processed. As the .JDB file is processed, all files and subfolders are removed from the "Incoming" folder.

Verify that the SEPM content is updated:
a. To verify that the SEPM content has been updated, look in the following folder:
"C:\Program Files\Symantec\Symantec Endpoint Protection Manger\Inetpub\content\{C60DC234-65F9-4674-94AE-62158EFCA433}"
b. Typically, there will be 3 numbered folders present. The folder naming convention is "ymmddxxx". For example "90721055". This is the date and build number of the definition set installed. Please note that the definition set installed may have been published the previous day and a set for the current day may not yet be available.
c. Looking inside the folder that matches the set downloaded and installed, There should be a folder named "Full" and a zip file named "Full.zip".
d. Looking inside the "Full" folder, there should be the files typically associated with a virus definition set.

Important Notes:
1. For the 32 bit Intelligent Updater files for clients, the file names end with "i32.exe" and the 64 bit client file names end with "i64.exe".
2. The Intelligent Updater file names for SAV clients end with "i32.exe" or "i64.exe".
3. The Intelligent Updater file names for SEP clients end with "v5i32.exe" or "v5i64.exe".
4. The Intelligent Updater file name that ends in "x86.exe" is only for certain products and should only be used with those products.
5. The SEPM updater files have a ".JDB" extension and do not otherwise have an easily identifiable 32 bit or 64 naming convention. Please ensure that you download and use the correct file.
6. The SAV Parent updater files have a ".XDB" extension and do not otherwise have an easily identifiable 32 bit or 64 naming convention. Please ensure that you download and use the correct file.

Additional Clarification:
The Intelligent Updater files are designed to update client installs for SEP or SAV only. These files do not contain the required files needed by a SEPM or SAV Parent to additionally update any clients attached.

How to manage the number of definitions maintained by the SEPM, see the following knowledge base document:
Title: 'How to change the number of downloaded content revisions that are kept in 11.0.2000 (MR2) or later.'
Document ID: 2008050210542148
> Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008050210542148?Open&seg=ent

References:
This document is available in the following languages:

• Brazilian-Portuguese: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/br_docid/20080314151739935
• French: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/fr_docid/20080318095038935
• German: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/de_docid/20080318103511935
• Italian: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/it_docid/20080318110106935
• Spanish: http://service1.symantec.com/SUPPORT/INTER/ent-securityintl.nsf/es_docid/20080317113114935

Document ID: 2007100820002048
Last Modified: 10/23/2009
Date Created: 10/08/2007
Product(s): Endpoint Protection 11
Release(s): Endpoint Protection 11 [All Releases]