Updating policies and content on the client using push mode or pull mode

Deciding whether to use pull mode or push mode to connect between
Symantec Endpoint Protection Manager
and the clients
When you configure policies on the management server, you need to have the updated policies downloaded to the client computers. In the console, you can configure client computers to use either of the following update methods:
Pull mode
The client computer connects to the management server periodically, depending on the frequency of the heartbeat setting. The client computer checks the status of the management server when the client connects.
Push mode
The client computer establishes a constant HTTP connection to the management server. Whenever a change occurs in the management server status, it notifies the client computer immediately.
In either mode, the client computer takes the corresponding action, based on the change in the status of the management server. Because it requires a constant connection, push mode requires a large amount of network bandwidth. Client computers that are configured to use pull mode require less bandwidth.
The heartbeat protocol defines the frequency at which client computers upload data such as log entries and download policies. The first heartbeat occurs immediately after the client starts. The next heartbeat occurs at the heartbeat frequency that you set.
The heartbeat frequency is a key factor in the number of clients that each
Symantec Endpoint Protection Manager
can support. If you set a heartbeat frequency to 30 minutes or less, it limits the total number of clients that
Symantec Endpoint Protection Manager
can support. For deployments of 1,000 clients or more, Symantec recommends that you set the heartbeat frequency to the maximum length of time possible. Symantec recommends that you use the longest interval that still meets your company’s security requirements. For example, if you want to update policies and gather logs on a daily basis, then you might set the heartbeat frequency to 24 hours. Assess the proper configuration, hardware, and network architecture necessary for your network environment.
You can also update polices manually on a client computer.
Configuring push mode or pull mode for a group
You can specify whether
Symantec Endpoint Protection Manager
pushes the policy down to the clients or that the clients pull the policy from
Symantec Endpoint Protection Manager
. The default setting is push mode. If you select pull mode, then by default, clients connect to the management server every 5 minutes, but you can change this default heartbeat interval.
You can set the mode for a group or for a location.
For 12.1.6.6 or earlier, use pull mode when you have more than 100 clients and you install
Symantec Endpoint Protection Manager
on a desktop operating system. Since desktop operating systems support a limited number of concurrent connections, push mode can quickly overwhelm those available connections.
  1. To configure push mode or pull mode for a group, in the console, click
    Clients
    .
  2. Under
    Clients
    , select the group for which you want to specify whether to push or pull policies.
  3. Click
    Policies
    .
  4. Uncheck
    Inherit policies and setting from the parent group "
    group name
    "
    .
  5. Under
    Location-independent Policies and Settings
    pane, under
    Settings
    , click
    Communications Settings
    .
  6. In the
    Communications Settings for
    group name
    dialog box, under
    Download
    , verify that
    Download policies and content from the management server
    is checked.
  7. Do one of the following tasks:
    • Click
      Push mode
      .
    • Click
      Pull mode
      and under
      Heartbeat Interval
      , set the number of minutes or hours.
  8. Click
    OK
    .
  9. To specify push mode or pull mode for a location, in the console, click
    Clients
    .
  10. Under
    Clients
    , select the group for which you want to specify whether to push or pull policies.
  11. Click
    Policies
    .
  12. Uncheck
    Inherit policies and setting from the parent group "
    group name
    "
    .
  13. Under
    Location-specific Policies and Settings
    , under
    Location-specific Policies
    for the location you want to modify, expand
    Location-specific Settings
    .
  14. Under
    Location-specific Settings
    , to the right of
    Communications Settings
    , click
    Tasks
    and uncheck
    Use Group Communications Settings
    .
  15. To the right of
    Communications Settings
    , click
    Local - Push
    or (
    Local - Pull
    ).
  16. Do one of the following tasks:
    • Click
      Push mode
      .
    • Click
      Pull mode
      and under
      Heartbeat Interval
      , set the number of minutes or hours.
  17. Click
    OK
    .