Is the process for applying Rapid Release definitions the same as in the SAV 10.x product?
How do I apply Rapid Release definitions to an unmanaged SEP client?
How do I apply Rapid Release definitions to the Endpoint Protection Manager (SEPM) so they will be distributed to all clients?
I have a new threat for which there are not yet Certified Definitions and I need to apply Rapid Release definitions in response.
The primary focus of Rapid Release definitions is the rapid detection of emerging threats. They are very useful to counter threat outbreaks and to scan incoming files at the company's perimeter (in a mail security product, for example). These Rapid Release definitions may be augmented later with more robust detection capabilities.
Rapid Release definitions are not fully certified, therefore must be manually applied to SEP clients or manually applied to the SEPM server as they cannot be applied via LiveUpdate.
For more information, please see Virus Definition Update FAQ.
Rapid Release virus definitions come in two formats:
- Intelligent Updater (IU) executable files - can be used to update individual SEP Clients
- JDB Rapid Release definition files - can be used to update the SEPM, which in turn will distribute the definitions to all the associated SEP clients.
Note: Before applying Rapid Release JDB definitions to your SEPM, it is advisable to test. Manually update some of your SEP clients with the Intelligent Updater executable to reduce the chance of False Positives.
To manually update a SEP client
- Go to the Rapid Release virus definition web site or FTP definition download site.
- Download the appropriate .exe file for your SEP version and Operating System
- symrapidreleasedefscore15-v5i32.exe for SEP installed on 32 bits OS
- symrapidreleasedefscore15-v5i64.exe for SEP installed on 64 bits OS
- Run the file on the clients you wish to update and follow the instructions on the screen.
- After a successful update you should see the following message:
- Open the SEP client and verify that the definitions date for the AntiVirus and AntiSpyware protection has changed.
If the Intelligent Updater executable fails, you can locally update managed SEP clients (clients which are associated with a SEPM) with the option "Third third party content management" and a JDB file. Please consult the document Download .jdb files to update definitions for managed Endpoint Protection clients for more information
To update your Symantec Endpoint Protection Manager
1. Go to the Rapid Release virus definition web site or FTP definition download site.
2. Download the JDB file
3. Follow the document Download .jdb files to update definitions for Endpoint Protection Manager to update your SEPM using the Rapid Release JDB file.
4. The SEP clients that update from this SEPM should apply the Rapid Release definitions in accordance with the SEPM's LiveUpdate Policy configuration.