This has been occuring for the past 5 days and I'm not aware of any major changes having occured. It's isolated to just one location in Asia--this location has 1000-1500 clients. We have one SEPM server in the US and one GUP in the Asia location. It appears 25 clients at a time about 8 times a day with different clients, are trying to pull full definitions and I'm not sure why they are doing this.
Using the Symantec Content Distribution Manager (SEPM Monitor), I see that under "Latest versions available" the Virus/Spyware type had an outdated revision so I manually ran liveupdate on SEPM to update. Under "Operation status of all GUPs" it has a green checkmark but Virus/Spyware revision was showing an older one and text was red. After going to GUP and running liveupdate, now this is green showing 2016-10-25 rev.002
Error I'm receiving:
25 requests for Virus and Spyware full definitions received in the past 10 minutes. This situation could indicate a potential network overload. You can block any future requests for full definitions. In the management console, go to Admin > Servers > Server Properties > Full Definitions Download tab, and check Prevent clients from downloading full definition packages.
- I'm receiving these messages multiple times through out the day--like 8 times spread over the day.
- This is only happening at our remote site that's in Asia
- The Asia site uses a GUP and the GUP contacts the SEPM in the US for content
- I get about 25 clients trying to get full definition requests at a time
- Revisions are set to 90 days
- Clients show this almost always in the Client Activity Log:
- Cannot assign a client authentication token. There was a general communication failure.
- [Client authentication token request] Submitting information to Symantec failed.
- [Intrusion prevention submission] Submitting information to Symantec failed.
