Hi,
I've inherited SEP admin responsibilities within our company and trying to grasp the best way for remote staff to receive SEP update content while working offsite. Currently we have two locations setup by the original admin that are configured as such:
Location: Default
Shared LiveUpdate policy settings:
- Use the default management server is selected
- Use a LiveUpdate server is selected
- Use the default Symantec LiveUpdate server is selected
- Enable LiveUpdate Scheduling is NOT selected
This shared LiveUpdate policy is applied to all staff laptops group AND all server groups within the organization.
Location: VPN users
Non-shared LiveUpdate policy settings:
- Use the default management server is selected
- Use a LiveUpdate server is selected
- Use the default Symantec LiveUpdate server is selected
- Enable LiveUpdate Scheduling IS selected w/4-hr frequency
This location is configured with our VPN IP address range
As I understand the reason for the VPN location is so that: a) offsite workers receive their SEP updates, and b) receive them via their ISP's internet pipe and don't clog the VPN tunnel. My question, is the VPN location necessary? After reading much of the online Help docs it seems a client laptop located offsite would in fact receive updates via the external LiveUpdate server using the default location settings (not over the VPN tunnel but rather via their ISP's external connection.)
I would be interested to hear how other SEP admins set up their locations/policies for offsite workers.
Thanks