Symantec Endpoint Protection
minimizes the impact of client submissions on your network bandwidth

Symantec Endpoint Protection
throttles client computer submissions to minimize any effect on your network.
Symantec Endpoint Protection
throttles submissions in the following ways:
  • Client computers only send samples when the computer is idle. Idle submission helps randomize the submissions traffic across the network.
  • Client computers send samples for unique files only. If Symantec has already seen the file, the client computer does not send the information.
  • Symantec Endpoint Protection
    uses a Submission Control Data (SCD) file. Symantec publishes the SCD file and includes it as part of a LiveUpdate package. Each Symantec product has its own SCD file.
The SCD file controls the following settings:
  • How many submissions a client can submit in one day
  • How long to wait before the client software retries submissions
  • How many times to retry failed submissions
  • Which IP address of the Symantec Security Response server receives the submission
If the SCD file becomes out-of-date, then clients stop sending submissions. Symantec considers the SCD file out-of-date when a client computer has not retrieved LiveUpdate content in 7 days. The client stops sending submissions after 14 days.
If clients stop the transmission of the submissions, the client software does not collect the submission information and send it later. When clients start to transmit submissions again, they only send the information about the events that occur after the transmission restart.
More information