Virus Definitions will not update on Symantec Endpoint Protection (SEP) client after a fresh installation using a package that did not include the virus definitions. Computer restarted and communicating adequately with the server.
# Sylink.log showing the "HTTP/1.1 400 Bad Request
" response from the SEPM server:
11/09 16:20:22.142 [112] <SendUrlAndReceiveResponse:>SMS return=400
11/09 16:20:22.142 [112] <ParseHTTPStatusCode:>400=>400 Bad Request
11/09 16:20:22.142 [112] [Content]<mfn_RequestLUContentInfo:>Content update response from manager: Moniker: {67F66706-F04B-4432-9947-F8354949D2A6} Sequence: 171108040 Response headers: HTTP/1.1 400 Bad Request
Date: Thu, 09 Nov 2017 08:20:22 GMT
Server: Symantec Endpoint Protection Manager
X-Content-Type-Options: nosniff
Connection: close
Content-Type: text/html
11/09 16:20:22.142 [112] [Content]<mfn_PrepareLUContent:>Manager returned HTTP_STATUS_BAD_REQUEST. Removing content update package from the queue.
11/09 16:20:22.142 [112] [Content]<RemoveFromLUFileList:>Removed existing content update queue entry: Moniker: {67F66706-F04B-4432-9947-F8354949D2A6} Sequence: 171108040
The Prevent clients from downloading full definitions packages option is enabled on the Symantec Endpoint Protection Manager server, which causes the response "HTTP/1.1 400 Bad Request" from the SEPM server in the sylink.log.
Disable the Prevent clients from downloading full definitions packages option on the SEPM server from:
Note: Enabling Prevent clients from downloading full definitions packages setting does not stop current downloads, but it does prevent any future downloads. If you enable this setting, make sure that you let your clients get protection updates from a LiveUpdate server. Otherwise, your clients do not get any updates.