You would like to have more information on the GUP functionality.
Group Update Provider Overview
The Group Update Provider was a feature request to support designating a particular client to serve as a computer that will get content updates and publish them. This is designed to provide functionality vaguely similar to configuring a legacy Symantec AntiVirus client as a secondary server.
The computer that is downloading and publishing the content is referred to as the “Group Update Provider.” The computers in the client group will use the designated “Group Update Provider” as a local proxy for content updates.
Scenario that will be addressed by adding a GUP
Customers with Branch offices
Think of situations where you would use a Secondary Server in Symantec AntiVirus 10.x, but where this was not an ideal solution. Typical a branch office.
The office has from 2 to 20 computers, often toward the lower number. One of these computers may be a server (A pharmacy or a grocery store for example), or there may only be workstations, as in banks. The network to the branch office does not have a large amount of bandwidth. This is what drives the need to proxy identical content.
In Symantec AntiVirus 10.x some customers might use a Secondary Server in this situation however, secondary servers with clients download an "XDB" file to provide virus definitions for the clients. The "XDB" file is around 12 MB in size, sometimes larger. The secondary server sends the clients a file with changes to the definitions at a size of 50 KB to 100 KB. The arithmetic is against the secondary server scenario or any automatic download of full content by the GUP. A secondary server would download far more content over the small amount of bandwidth than all of the clients combined. Break-even is around 200 computers.
This implies that the GUP provider will not download full content unless it is requested by a client, at which point it is hopefully of use to the other clients as well.
Challenges by adding a GUP
Using a GUP in every group
This will improve the performance of content distribution significantly, and greatly reduce the load on the server. The measurements in the lab showed that all significant load on the server comes from distributing content. The server is capable of directly processing logs, state updates, and handing index and profile requests at more than 200 clients per second with no strain. It does not generate much network traffic.
This meets the basic need for the secondary servers to offload the main server. For the primary need of distributing content this provides a better solution than Symantec AntiVirus Corporate Edition 10.
Using a GUP in a large group
We will have issues when the group gets large, i.e larger than 200. Certainly if a dedicated server is set as the proxy we can handle quite a bit of content. This is what secondary servers are today.
GUP Design Details
How does the GUP get defined?
When a client becomes the GUP
Files and Registry
GUP and Firewall Rules
There is no need to create specific Firewall Rules on the Symantec Endpoint Protection 11.0 clients, but Firewall Rules will be necessary for 3rd party Firewalls.
This document is available in the following languages:
Login to Subscribe
Please login to set up your subscription.
Get support for your product, with downloads, knowledge base articles, documentation, and more.
Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.
Set default language
Do you wish to save this as your future site?