HOW TO change the LiveUpdate source of an unmanaged Windows Symantec Endpoint Protection 12.1 Client
Last Updated September 26, 2012
You would like to configure an unmanaged (also known as "self-managed") Symantec Endpoint Protection 12.1 client to a different LiveUpdate source server instead of the Internet-based defaults. How can this be accomplished by dropping a "Settings.Hosts.LiveUpdate" file that was exported from Symantec LiveUpdate Administrator 2.x (LUA 2.x)?
Please use the following steps to export, and copy the LiveUpdate settings to an unmanaged Symantec Endpoint Protection 12.1 client:
Open the Symantec LiveUpdate Administrator console and login using an administrator account
Click on "Configure", then click on "Client Settings"
Click on the "Export Windows Settings" button and save the settings file to disk.
NOTE: Please review (and edit) the settings prior to exporting the settings.
Before you can copy the the Settings.Hosts.LiveUpdate file to the client, make sure that Tamper Protection is temporarily disabled on the target machine. Symantec Endpoint Protection will block you from copying the file unless Tamper Protection is disabled. To disable Tamper Protection, please follow these steps:
Open Symantec Endpoint Protection 12.1
Click on "Change Settings"
Next to Client Management, click on "Configure Settings"
Select the "Tamper Protection" tab
Un-check "Protect Symantec security software from being tampered with or shut down"
Click on OK
Close Symantec Endpoint Protection 12.1
Copy the Settings.Hosts.LiveUpdate file you exported earlier to the client. The target folder varies by operating system, and also includes the exact version number (For example 12.1.671.4971.105) of the Symantec Endpoint Protection client that is installed:
Windows XP / Windows 2003
"C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Config\"
Note: If SEP 12.1's Tamper Protection is not disabled before attempting to copy settings.hosts.liveupdate to this location, permissions-related errors will be displayed. SEP 12.1 will log these attempts to its Tamper Protection log:
After the settings.hosts.liveupdate file has successfully been copied, do not forget to re-enable SEP's Tamper Protection!
Do not use the steps in this article for SEP 12.1 clients that are managed by a Symantec Endpoint Protection Manager (SEPM) in the organization. Clients correctly managed by a SEPM will receive a LiveUpdate policy that directs them to retrieve content from an internal LUA 2.x server's Distribution Center.
Imported Document ID: TECH166129
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe