Endpoint Security Server and Antispyware updates

[Tommo]

Hi All,

Really just a bit of inside info that may save you some time.

I've got a VM Endpoint Server, using an Eval. While I was able to get my AV updates, I could not get any updates for the Antispyware software - I was always shown the current version as "N/A".

I believe all installs will do this at the moment due to the following error - spoke to one of the SE's the other day and he sent this. It's all approximate as the solution was not for the Endpoint GUI, but you should be able to follow, plus I'm using SPLAT too:

I think this could be a knows issue with _ not being a valid DNS char. Try the following and let me know, this should be resolved in the next HFA

In the meantime, you can do the following steps to fix it -


Log into the Endpoint Server (From the Window option in Dashboard). Once you can see the Overview page, press and hold CTRL + ALT, and click on the Endpoint logo in the top left 2 or 3 times. You should see a system properties tab in the hidden perperties page.


Change the value of the properties – Replace ‘upd_integrity.zonelabs.com’ with ‘upd.zonelabs.com’.


secsvcs.as.offline.update.urls - http://upd.zonelabs.com/zonealarm/on...128.241.220.72
secsvcs.as.update.url - http://upd.zonelabs.com/zonealarm/online/


Save the changes.


Go to folder “C:\Program Files\CheckPoint\EndpointSecurityServer\engine\web apps\ROOT\bin\updater\clientEngine” (or the equivalent server path) and rename the following files –


confZLToProduction.xml to confZLToProduction.old
confZLToStaging.xml to confZLToStaging.old


Stop the CPES 7.0 server and restart the server. Observe that new confZLToProduction.xml and confZLToStaging.xml are automatically generated with the new AS update url.


If you had offline antispyware updates turned on previously, you will need to toggle it ‘off’. Save the changes. And, then toggle it back to ‘on’. Save the changes. This will refresh the serverlist. All the endpoints will be notified the next time they heartbeat.