Endpoint Protection for Mac is not updating definitions when a proxy is in use
Last Updated May 07, 2019
Symantec Endpoint Protection (SEP) for Mac does not update definitions when a proxy is in use. The SEP clients fail to authenticate or are unable to connect to Symantec LiveUpdate servers.
Proxy settings may not be configured correctly. SEP 14.2 unmanaged Mac clients do not correctly use macOS system proxy settings. This is a known issue addressed in SEP 14.2 RU1.
Follow these steps if updating to SEP 14.2 RU1 is not possible:
By default, SEP uses proxy settings within the Mac operating system'. Configure the proxy settings on the Mac operating system to allow access to the following URLs:
http://[server]:[port]/[directory](add this exception when an LUA server is in use)
Allow HTTP traffic on port 80 (or the LUA server port)
Allow FTP traffic on ports 20 and 21 (if accessing an FTP site).
If the proxy caches or scans content, exclude the same locations above.
Test the proxy configuration by accessing http://liveupdate.symantec.com/livetri.zip via a web browser. This will download the livetri.zip. Examine the ZIP file contents of the ZIP file to verify it contains a series of files with grd/sig/tri suffixes.
SEP 12.1 and later: Add SEP specific proxy/server information for your managed Mac clients through Symantec Endpoint Protection Manager (SEPM). In SEPM, navigation to Clients > Policies > Location-independent Policies and Settings > Settings > External Communications Settings, then click on the Proxy Server (Mac) tab. If policy inheritance is disabled, you must configure these settings on every group containing Mac clients.
Note: NTLM authentication is supported in SEP 12.1.x for Mac, and in SEP 14.2 RU1 and newer. If you configure proxy username and password at the SEPM, specify the username in DOMAIN\username or username@domain format for NTLM authentication.