Register endpoint protection with live update

To use this feature, you must set up a Symantec Endpoint Protection Manager to use as a staging server for content. This staging server does not require the clients that are connected to it.

Configure the server to download updates on a periodic schedule. If you use continuous, the server downloads the latest updates when they are posted. By default, the updates appear in the Default client groups content outbox, which is organized by content type. You can then pick up one or more content packages from the content outbox and deliver it to the clients inbox directory. To ensure that only third-party management tools update client computers, disable the other LiveUpdate server options on this panel.

Use this panel to specify how often to push updates from LiveUpdate servers to clients in the groups to which this policy is applied. The Continuous setting causes the client computers that are infrequently powered on or that infrequently communicate with a management server to get the latest updates. They get the latest updates when they connect to the network and authenticate to a Symantec Endpoint Protection Manager.

This panel lets you specify the control to give end users with using LiveUpdate on client computers. You must understand the relationship between these settings and product updates. Lets users manually perform LiveUpdate on client computers. Disable this setting as a best practice for managed clients. Conflicts can occur if a scheduled LiveUpdate session is running when a user manually starts a LiveUpdate session. If the LiveUpdate Settings policy specifies that clients download updates from a Symantec Endpoint Protection Manager or Group Update Provider, the updates are in the form of microdefs.

This setting lets you control client software versions. When this setting is disabled, client software can only be manually updated with the Symantec Endpoint Protection Manager Console. When the Symantec Endpoint Protection Manager downloads and processes patches, it creates a microdef, which automatically appears as a new package. The new package appears in the Client Install Packages pane. You can then select the package, and use the Upgrade Groups with Package feature.

Install the definition update To install the saved definition update file: If your computer is running Windows Vista or Windows 7, browse to the folder where you saved the definition file. When you are prompted for an administrator password or confirmation, type the password or provide confirmation, and then wait while the definition files are installed.

If your computer is running any other Windows operating system, you must be logged on as an administrator to install the latest definition file. Note: If you do not have an administrator account on the computer, ask an administrator to log on and install the definitions file for you. If your hardware came with a Microsoft Windows x64 edition already installed, your hardware manufacturer provides technical support and assistance for the Windows x64 edition.

In this case, your hardware manufacturer provides support because a Windows x64 edition was included with your hardware. Your hardware manufacturer might have customized the Windows x64 edition installation by using unique components. Unique components might include specific device drivers or might include optional settings to maximize the performance of the hardware.

Microsoft will provide reasonable-effort assistance if you need technical help with a Windows x64 edition. However, you might have to contact your manufacturer directly. Your manufacturer is best qualified to support the software that your manufacturer installed on the hardware.

If you purchased a Windows x64 edition such as a Microsoft Windows Server x64 edition separately, contact Microsoft for technical support. Need more help?

Expand your skills. Get new features first. Was this information helpful? In most cases with accidentally deleted machines less than 90 days ago they still show up in Recover Tamper Protection Passwords report is to either do 1 disable tamper protection through endpoint interface 2 run SophosSetup.

On a Mac, how would it possible to force the endpoint to get a brand new endpoint ID from Central? I have an open support ticket to resolve endpoints that have duplicate endpoint ID with other endpoints. If you override the name as per Installer command-line options for Mac sophos.

However, it states that "You can only use this option for a new installation. I have tried this option by running these commands new computer name is johndoe-sdafda. The new computer name is displayed on the Sophos Central. However, the endpoint ID is still the same. For Macs, it can occur due to other reasons as well, detailed here:.

Windows also warns and flags if it sees another system with the same name on the network NetBios. So the issue becomes with a common system name 1 , a common domain name 2 , and an FQDN that is the same on an internal system it would be system name 1.

The only way to prevent this fully is to tackle 1. Make sure the system is renamed before installing Sophos, which is a workflow change. Now what are we Sophos , doing about this. We are enabling detection of the condition of multiple endpoints using the same ID in Central, referred to as Endpoint De-duplication. This is currently being tested as of mid-September This detects when multiple different systems are using the same ID to communicate to Central, locks out that ID, and forces all systems trying with that ID to re-register with a flag for a new ID only.

This will split them out. It unfortunately does not remediate any groups of duplicate users, but it will them prevent more from being created as the underlying problem has been corrected. These can be removed manually from Central by the customer after systems have been split out.

Now answering your question - in order for the machine to get new UUID those exact steps absolutely need to be followed no workaround :.