cancel
Showing results for 
Search instead for 
Did you mean: 

Client definition size

AWE
Not applicable

We are getting killed on bandwidth because the anti virus clients, about a thousand, are pulling a 48 mb update file from the parent server. Is this normal? I thought that the update files were normally around 2 mb.

 

We are using version 10.1.6.6000 if anyone has any thoughts.

7 REPLIES 7

pete_4u2002
Level 5
Employee Accredited

Hi,

i guess even 2 MB which you have mentioned is on higher side, ofcourse it varies on daily basis ( based on threat discovered).

How are clients getting definition, if it is VDTM update the server ( parent server) with xdb rather than intelligent updater.

Did you run monitoring tool to come to this value 48 MB?

 

Pete!

 

Ajit_Jha
Level 6
Partner Accredited
The size depends and for the liveupdate we will have to take care of the network bandwidth as well as you can GUP.

M_Samir0n
Level 4
Yes usually it depends & varry on a daily basis. You can not fix the size in your own. but you can setup your antivirus server to distribute updated defenation once on a daily basis. I think this will freeup your network bandwidth.

shp
Level 3

U can modify/Create the following registry values.

HKLM\Soffware\Intel\LanDesk\Virusprotection6\

"UpdateClientsByNetOrSubnet" set the value to 1
"IpSubnetMask" set the value to ur subnet mask in hex (for 255.255.255.0 it is ffffff00)
(names are case sensitive)

This reduces one thread per subnet and traffic from one subnet will be less.


 

 

shp
Level 3
More information

Update Client based on Network or subnet with Symantec AntiVirus

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/17ea35e0c69f22da88256c860061cfdd?OpenDocument

 

Julio_Kim
Not applicable

There is another possible tuning: Increase of the number of incremental updates to clients

As default, SAV10 uses only 5 microdefs incremental virus definition file to deploy to its clients. Many times when U have >45MB files through network, is that the clients are outdated for more than 5 days. So you can expand its capability to get incremental updates to 20. 

'How to change the number of virus definition (.vdb) files that a Symantec AntiVirus Corporate Edition server keeps'http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2001120412343448?Open&seg=ent have applied both tunings (subnet + microdefs increase) but I still can't tell if they are effective. Does anybody dis these configs already and have results to share (and how to determine if they are effective)

Thanks
I

Document ID: 2001120412343448

> Web URL:

 

mxu
Not applicable

We have the same issue, the clients downloaded 45-60MB definations to the folder C:\program files\commonshare\symantecshare\virusdef

I just cannot find a log on SEPM. I checked Moniotrs ---logs --system --cleitn activities but I just cannot see the size of  download files.

Which files are really the download files in that folder?