However, if your relay-enabled agent cannot to connect to the Update Server over the Internet, you'll need to set up a relay in your demilitarized zone (DMZ) that can obtain the security updates, which you can then copy to your air-gapped relays. In a typical environment, at least one relay-enabled agent is configured and able to download updates from the Trend Micro Update Server and the rest of the agents and appliances connect to that relay-enabled agent for update distribution. Special case: configure updates on a relay-enabled agent in an air-gapped environment To perform security updates on specific agents and appliances, go to Computers, select the agent or appliance, then right-click and select Actions > Download Security Update. You can also manually initiate security updates:įor a system-wide update, go to Administration > Updates > Security, and click the Check For Updates and Download button. For details, see Schedule Deep Security to perform tasks The recommended way to check for security updates is to set up a "Check for Security Updates" scheduled task that performs a check on a regular basis. Therefore, you cannot enable or disable engine updates directly on a relay. Relays always receive the latest Anti-Malware engine updates in order to keep the relay's local protection and engine update source for the same relay group up-to-date. Next to Automatically update anti-malware engine, select Yes from the drop-down menu. Go to Computers or Policies and double-click the computer or policy you want to update.To turn the Anti-Malware engine update on: By default, this setting is turned off and appears as N/A in the Is Latest section on Computer Details > Updates > Advanced Threat Scan Engine. You can choose to automatically update the Anti-Malware engine separately from the Deep Security Agent for more secure protection. Click Administration > System Settings > Alerts and change the value for Length of time an Update can be pending before raising an Alert. You can configure amount of time that can pass between an instruction to perform a security update being sent and the instruction being carried out before an alert is raised. > Settings > General window and changing theĪutomatically send Policy changes to computers setting in the Send Policy To change the settings for a computer, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). To change the settings for a policy, go to the Polices page and double-click the policy that you want to edit (or select the policy and click Details). You can change this behavior by opening a Computer or Policy editor You can change these settings for a policy or for a specific computer. If this option is not selected, you will have to manually apply downloaded rule updates to policies from the Administration > Updates > Security page by clicking on the Apply Rules to Policies button.īy default, changes to policies are automatically applied to computers. The Automatically apply Rule Updates to Policies setting determines whether updated rules will automatically be applied to Deep Security policies. Trend Micro will occasionally issue an update to an existing Deep Security rule. You may want to deselect this option on computers where you do not want to risk a potentially problematic security update when the computer is not in contact with a manager and therefore possibly far away from any support services. When Allow Agents/Appliances to download security updates when Deep Security Manager is not accessible is selected, even though an agent cannot communicate with the Deep Security Manager, it will continue to download updates from its configured source. Normally, the Deep Security Manager instructs agents or appliances to download pattern updates.To allow agents to use the update source specified in the previous step when their relay group is not available. But if you have agents installed on roaming computers that are not always in contact with a Deep Security Manager or relay, you can select Allow Agents/Appliances to download security updates directly from Primary Security Update Source if Relays are not accessible Normally, agents connect to a relay-enabled agent to get security updates.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |