You can also update content on Symantec Endpoint Protection Manager with a file.
Download files to update definitions for Endpoint Protection Manager Additionally, if you use replication, you can replicate content and policies between the local site and the partner site. By default, Windows client computers get content updates from the management server.
Do not exclude a type of content unless you are certain that you do not need it.
See Choosing which content and which content revision to update on client computers. Symantec Endpoint Protection Manager updates policies to clients when you assign a new policy to a group or when you edit an existing policy.
The Gateway Anti Virus, Intrusion Prevention Service, Application Control, Data Loss Prevention, Botnet Detection, and Geolocation security services use a frequently-updated set of signatures to identify the latest viruses, threats, and applications.
You can configure these services to update signatures automatically.
Malware Prevention In-line malware prevention is automatically enforced, stopping malware delivery and installation through our proprietary payload-based signatures, which are updated through daily content updates.
Payload-based signatures do not rely on easily changed attributes, instead detecting patterns in the body of the file that can be used to identify future variations of the malware, even if the content has been slightly modified.
For streams of packets, intrusion prevention can remember the list of patterns or partial patterns from previous packets.
It can then apply this information to subsequent packet inspections.
Other delivery methods include Group Update Providers, internal Live Update servers, or third-party tool distribution.
You may need to change the delivery method to support different client platforms, large numbers of clients, or network limitations.
By default, Symantec Endpoint Protection Manager downloads all types of content from the public Symantec Live Update servers.