If you maintain strict control over Symantec content and product updates for your clients, you should consider changing your LiveUpdate policy for your remote clients.
For a remote location where users log in without a VPN, we suggest the following best practices:
Change the LiveUpdate policy setting to use the default Symantec LiveUpdate server. This setting allows the remote clients to update any time they connect to the Internet.
Change the LiveUpdate Schedule frequency setting to one hour to make it more likely that clients update their protection when they connect to the Internet.
For all other locations, it is a best practice to use the Symantec Endpoint Protection Manager to distribute product software and content updates. Update packages that are distributed through the management console are incremental rather than complete packages. The update packages are smaller than the packages that are downloaded directly from the Symantec LiveUpdate server.