Configure an unmanaged (also known as self-managed) Symantec Endpoint Protection (SEP) client to a different LiveUpdate source server instead of the Internet-based defaults.
How can this be accomplished by dropping a Settings.Hosts.LiveUpdate file that was exported from Symantec LiveUpdate Administrator 2.x (LUA 2.x)?
Please use the following steps to export, and copy the LiveUpdate settings to an unmanaged Symantec Endpoint Protection client:
Open the Symantec LiveUpdate Administrator console and login using an administrator account
Click on "Configure", then click on "Client Settings"
Click on the "Export Windows Settings" button and save the settings file to disk.
NOTE: Please review (and edit) the settings prior to exporting the settings.
Before you can copy the Settings.Hosts.LiveUpdate file to the client, make sure that Tamper Protection is temporarily disabled on the target machine. Symantec Endpoint Protection will block you from copying the file unless Tamper Protection is disabled. To disable Tamper Protection, please follow these steps:
Open Symantec Endpoint Protection
Click on "Change Settings"
Next to Client Management, click on "Configure Settings"
Select the "Tamper Protection" tab
Un-check "Protect Symantec security software from being tampered with or shut down"
Click on OK
Close Symantec Endpoint Protection
Copy the Settings.Hosts.LiveUpdate file you exported earlier to the client. The target folder varies by the operating system, and also includes the exact version number of the Symantec Endpoint Protection client that is installed:
Windows XP / Windows 2003
"C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\(SEP Installed Version)\Data\Config\"
Note: If SEP Tamper Protection is not disabled before attempting to copy settings.hosts.liveupdate to this location, permissions-related errors will be displayed. SEP will log these attempts to its Tamper Protection log:
After the settings.hosts.liveupdate file has successfully been copied, do not forget to re-enable SEP's Tamper Protection!
Do not use the steps in this article for SEP clients that are managed by a Symantec Endpoint Protection Manager (SEPM) in the organization. Clients correctly managed by a SEPM will receive a LiveUpdate policy that directs them to retrieve content from an internal LUA 2.x server's Distribution Center.
Imported Document ID: TECH166129
Subscribing will provide email updates when this Article is updated. Login is required.