Re: symantec antivirus can not auto update behind isa 2004
From: Alberto Dallagiacoma (Alby_at_Home)
Date: 09/16/04
- Previous message: Rick Dilley: "Re: symantec antivirus can not auto update behind isa 2004"
- In reply to: Rick Dilley: "Re: symantec antivirus can not auto update behind isa 2004"
- Next in thread: tomding: "Re: symantec antivirus can not auto update behind isa 2004"
- Reply: tomding: "Re: symantec antivirus can not auto update behind isa 2004"
- Reply: Rick Dilley: "Re: symantec antivirus can not auto update behind isa 2004"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 16 Sep 2004 21:02:02 +0200
Hi Rick,
Tomding asked me a step-by-step guide about my suggestion, and i did. ;-)
However, my way may not be the only one...
Looking at your scenario, my Symantec Antivirus polices are very similar to
yours (ony one server downloads new definitions, all clients update
definition from this server).
But, if you scheduled the updates from System Center, you had at least to
add an allow rule on the ISA server that permits outbound traffic to this
server... Or have you an "allow everything to everyone" rule?
If you haven't any allow rule on the ISA, how can the Antivirus Server
connect to the Symantec Server?
Regarding the scheduled task, I chosen this way because i need to run
liveupdate more than once a day, and the SSC schedule allow only once-a-day
run (at least in version 8.x).
I found this information here:
http://service1.symantec.com/SUPPORT/ent-security.nsf/9d94c8571a91ba4788256bf3007f62b5/7126f085b9e9a62d88256e7b006f5eef?OpenDocument&prod=Symantec%20AntiVirus%20Corporate%20Edition&ver=8.x&src=ent&pcode=sav_ce&dtype=corp&svy=&prev=&miniver=sav_8_ce
Alberto, Italy
"Rick Dilley" <RDilley@tesslerweiss.com> wrote in message
news:Opujr9AnEHA.3196@TK2MSFTNGP10.phx.gbl...
> Alberto,
>
> I believe that you did not understand Stuart's suggestion.
>
> I have SBS2000 with ISA2000 and dual NIC configuration.
>
> I use SSC to administer Symantec Antivirus Corporate Edition version 8.x
>
> I have loaded SAVCE onto the SBS2K DC and told the server to obtain
> updates
> "continuously" directly from Symantec at 60 minute intervals.
>
> I have configured the SAVCE clients to obtain updates from MY SERVER
> "continuously" at 30 minute intervals.
>
> It was necessary to tell the server configuration to use the proxy
> server(ISA) to access Symantec's Update servers.
>
> I do not have any SAV scheduled events.
> I did not have to create any ISA policies
>
> It all works fantastically. Bandwidth is minimal. Protection is
> Maximum...every desktop has an update in less than 90 minutes from
> Symantec's release.
>
> Perhaps, you might consider this scenario?
>
> RickD
>
>
>
> "Alberto Dallagiacoma" <Alby@Work> wrote in message
> news:#7yjoO9mEHA.3296@TK2MSFTNGP10.phx.gbl...
>> Hello,
>> Here's how I solved the problem:
>>
>> 1. I created a new computer object called "Antivirus Server" with the
>> corresponding IP address.
>> 2. I created a domain set called "Symantec liveupdate" corresponding to
>> *.symantecliveupdate.com
>> 3. I created the following access rule: Action: allow, Protocols: HTTP,
>> From: Antivirus Server, To: Symantec liveupdate, Users: "All Users" and
>> "System and Network Service", Schedule: Always, Content: all content
>> types
>> 4. I disabled the schedule in the Symantec System Center and I scheduled
> the
>> liveupdate activity with a scheduled taks executing the following
>> command:
>> "C:\Program Files\SAV\VPDN_LU.exe" /silent.
>> The security context of the scheduled task is NT AUTHORITY\SYSTEM
>>
>> HTH,
>> Alberto, Italy
>>
>>
>> "tomding" <tomding1968@163.com> ha scritto nel messaggio
>> news:ugRgORsmEHA.1716@TK2MSFTNGP12.phx.gbl...
>> > thanks for reply.
>> > I find more people meet the problem as me.Could you describe the two
> ways
>> > step by step?
>> > I allow all domain users to access internet by all protocols in isa
>> > 2004
>> > server.
>> > I scheduled LiverUPdate into Symantec System Center,but I can not
>> understand
>> > you saying "you have to change
>> > the security context of the 'Symantec Antivirus Server' service,
>> > setting
>> an
>> > user that have an allow rule on the ISA Server."
>> >
>> > I find "Symantec AntiVirus Definition Watcher service" started by
>> > localsytem,and I create an allow rule on ISA Server for the "System and
>> > Network Service" group,but it does not work still.
>> >
>> > BTW,I find all windows os behind isa 2004 can not autoupdate as the
>> > symantec. it is hard work to modify all servers and clients config
> behind
>> > isa 2004.so I hope to find a way in isa 2004 server to resolve all
>> > autoupdate or scheduled update problems.
>> >
>> > "Alberto Dallagiacoma" <Alby@Work> дÈëÓʼþ
>> > news:%233N9wOlmEHA.4004@TK2MSFTNGP10.phx.gbl...
>> > > Hi,
>> > > How didi you schedule LiveUpdate?
>> > > If you created a scheduled task, you have to add an allow rule for
>> > > the
>> > user
>> > > you assiged to the scheduled task.
>> > > If you scheduled LiverUpdate into Symantec System Center, you have to
>> > change
>> > > the security context of the "Symantec Antivirus Server" service,
> setting
>> > an
>> > > user that have an allow rule on the ISA Server.
>> > > In the scheduled task case, you may set SYSTEM as accoutndesignated
>> > > to
>> run
>> > > the task and create an allow rul on ISA Server for the "System and
>> Network
>> > > Service" group.
>> > >
>> > > HTH,
>> > > Alberto, Italy
>> > >
>> > > "tomding" <tomding1968@163.com> ha scritto nel messaggio
>> > > news:ePIRGohmEHA.2968@TK2MSFTNGP14.phx.gbl...
>> > > > My symantec antivirus Server and clients are behind ISA 2004 stand
>> > > version.I
>> > > > can manually run Live Update but the scheduled updates fail with an
>> > event
>> > > ID
>> > > > 16, saying "Download of virus definition file from LiveUpdate
>> > > > server
>> > > failed.
>> > > > 00000001." Does this have something to do with the ISA server?Do I
>> need
>> > to
>> > > > create a custom packet filter? Or is there another issue
>> > > > going on? Thanks.
>> > > >
>> > > >
>> > >
>> > >
>> >
>> >
>>
>>
>
>
- Previous message: Rick Dilley: "Re: symantec antivirus can not auto update behind isa 2004"
- In reply to: Rick Dilley: "Re: symantec antivirus can not auto update behind isa 2004"
- Next in thread: tomding: "Re: symantec antivirus can not auto update behind isa 2004"
- Reply: tomding: "Re: symantec antivirus can not auto update behind isa 2004"
- Reply: Rick Dilley: "Re: symantec antivirus can not auto update behind isa 2004"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
