Before we upgraded our management console to SEP 12 RU4, we organized our GUP policies the following way
1. One group called GUPs has all the servers from each site --- they serve as GUPs and are defined as GUPs based on the registry key value
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\SYLINK\SyLink\CurrentGroup
where the value is equal the group name, i.e My Company\Servers\GUPs
2. Multiple groups for each site. Each group would have a separate LiveUpdate policy that said, "Your GUP is 10.10.10.100 server at this site". Because there are about 1,000 sites, I had to create indivial LiveUpdate policies, which took several week.
Now, I am told there is a MUCH easier way to implement GUPs and that I only need one LiveUpdate policy for the entire SEPM because of "Explicit Group Update Providers for roaming clients"
BUT here is the problem --- at each site, the network address 10.10.10.0 / 255.255.240.0 is separated into Virtual LANs (VLANs). The GUP 10.10.10.100 is on a separate VLAN 0, and the clients are on different VLANs 1 through 10.
I ignored the fact that there are on VLANs and followed Symantec's directions for creating Explicit GUPs for roaming clients.
Policies > LiveUpdate > GUP Policy > Server Settings > Group Update Provider > Configure Explicit Group Update Provider List > Add
Client Subnet Network Address: 10.10.10.0
Type: IP Address
IP Address: 10.10.10.100
Port: 2967
After waiting several hours, I go to Monitors > System Logs > Client Activity > Event Source: SYLINK
And the only clients that receive AV defs from GUP 10.10.10.100 is the GUP itself. In other words, the log shows that GUP 10.10.10.100 receive AV definitions from 10.10.10.100.
I'm testing 5 GUPs and they all show this same result, i.e. GUP receives AV definitions from itself!!!!
How to simplify the creation of GUP policies so that I don't have to create individual GUP policies for each site!!!!!!