PM Imports may now fail, or you need to know information for allowlisting the Patch Management Import (PM Import) process.

Certain updates from vendors or all updates from some vendors fail to download.

Please note the changes that may affect you in the article Patch Metadata Import HTTPs Support for 8.5.x

For PMImport, this may be caused by recent changes to the storage location for the PM Import data files (i.e. allowlisting by IP address)

For update download issues, this is caused by one or more network configurations (i.e. firewall, proxy, security software, etc.)

The Import Patch Management for Windows (PMImport) data location recently changed from an Akamai Server Farm, which managed the download of the primary cab and associated files. The default URL has not changed (http://www.solutionsam.com/imports/7_1/patch/windows/pmimport.cab), but allowlisting by IP addresses is now possible.

The current IP Address is 192.19.145.79 

Advisory: The Symantec Management Platform (SMP) Server uses Anonymous Authentication (IUSR) when calling the PMImport download and when downloading Software Bulletins from vendors to the SMP Server.

The targeted sites do not recognize any local SMP Server's specific User Credentials and a specific User Credential is not called on the scheduled process. The System Account (Anonymous) is going to need to have clearance through network security from the SMP Server to the specified Vendor Sites. 

Note: If the Admin account is able to hit the URL in a browser; this shows that their account has permissions for their user credentials to access the SolutionSam site or URL for downloading the Software Update; this does not validate that the platform is able to access SolutionSam through your network. This only validates that the SolutionSam site is operational.