Symantec Endpoint Protection throttles client computer submissions to minimize any effect on your network. Symantec Endpoint Protection throttles submissions in the following ways:
Client computers only send samples when the computer is idle. Idle submission helps randomize the submissions traffic across the network.
Client computers send samples for unique files only. If Symantec has already seen the file, the client computer does not send the information.
The SCD file controls the following settings:
How many submissions a client can submit in one day
How long to wait before the client software retries submissions
How many times to retry failed submissions
Which IP address of the Symantec Security Response server receives the submission
If the SCD file becomes out-of-date, then clients stop sending submissions. Symantec considers the SCD file out-of-date when a client computer has not retrieved LiveUpdate content in 7 days. The client stops sending submissions after 14 days.
If clients stop the transmission of the submissions, the client software does not collect the submission information and send it later. When clients start to transmit submissions again, they only send the information about the events that occur after the transmission restart.