Another day, another hour trying to update my three workstation and 1 server network with Symantec Anti-Virus.

1. It turns out that the when you renew your corporate server, which is called “gold maintenance” you receive a new serial number, different than the one you are “renewing” or “upgrading”. This is the number that must be used for generating the serial license file. I began to suspect a flaw in the renewal process when, after renewing and then going online to generate the license file, I noticed that the expiration date was the same as before, rather than in another year.

2. When communicating with the Symantec management Server software which is installed on the network server, workstations that have been updated with Windows XP service pack 2 will have the workstation firewall installed and turned on by default. This blocks ports used to install the updates from the server. After poking around on the Symantec web site to determine the ports that needed to be open, I found that there at least a half-dozen, depending on the products and versions that you used. It was simpler just to reactivate each anti-virus client on the workstation, after I opened a couple ports, and nothing happened. And I was going to turn off the firewall all together, but then found that is controlled by a group policy.

There are several issues with the renewal process, none of which are obvious:

1. When you want to renew your anti-virus definitions for another year, they don’t say that is what you are doing, they say, you are renewing “gold maintenance”.
2. Although you renew, and pay, you then have to go online and download the product. Or rather, when you start downloading, you don’t download a new license file….you download the product i.e. Symantec Anti-Virus 10.1…not the license file required to activate the product.
3. But you already have the product….you just want to renew! That is another trip to their site to dig around and find the license file generation site. To do this, you need to have the serial number of the upgrade/renewed product.
4. You then get an eMail for the product which contains the renewal license. This gets copied to a shared folder on the server, where it can be used to update clients either from the System Center (if you don’t have local firewalls installed), or from individual clients.

Woof.