Stu, I am curios why the recommendation is to set the update server to be primarily the internal VIPRE, especially for the first definition updates.
On our broadband connection we only get 384K upload speeds, and that first definition update after installing is quite large, isn't it? Is there any real reason the laptops shouldn't get their definition updates directly from Sunbelt as a first choice? Ralph -----Original Message----- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2008 5:33 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops OK, here is the answer from Product Management on this topic. It can be done and here is how: In order to enable VIPRE agents on a computer connected to the Internet without VPN access to function normally and connect to VIPRE Enterprise in a private network, the administrator will need to do the following: 1. Install the VIPRE Enterprise service on a server. 2. Set up a NAT between the servers public IP address and private address so that all incoming connections on port 18082 are automatically forwarded to the VIPRE server. (tcp traffic) 3. Create a policy specifically for agents connecting via the Internet 4. Port usage is configured by policy (Agent Settings tab), the default port is 18082 for all communication between the agent and the service 5. Some firewalls may block SOAP over HTTP. You will need make sure your firewall allows this communication type. 6. Configure your policy (Agent settings tab) to contain the public IP address for both the Policy and Update servers (in this instance we recommend they are the same server). Also, check the box to save the address as the IP address. 7. Creating an agent is done by running the deployment wizard on the policy in question and selecting the radio button for Deployment Package, then selecting the type of installer desired. Either an MSI or Self Extracting Executable is recommended for this process. 8. The administrator will then need to distribute this installer to their clients by whatever method required by their company. 9. The client should install the agent while connected to the Internet. At install time, the agent needs to communicate with the VIPRE Enterprise service in order to obtain the full policy and initial threat definitions Some Considerations when configuring the policy: 1. You may not be able to ping the agents in the wild, therefore the Agent status heartbeat every xxxx minutes interval needs to be set to a value acceptable to the administrator. The agent will only be able to obtain a policy change when it makes periodic hello calls back into the service. Initially when the agents are first deployed the administrator may want to set this to a lower value until the policy is configured to the administrator's satisfaction. At this time, the administrator may want to increase that interval in order to decrease the traffic between the agent and the service. 2. Threat database updates, the agent will be able to obtain threat database updates directly from the server, if for some reason it is unable to connect to that server the agent can be configured to obtain threat database updates directly from Sunbelt. Simply check the box (Download via the Internet if local updates are unavailable) on the Agent Settings tab of the policy. 3. Throttling the threat database updates will be very important as well to keep from saturating the connection to the Internet with threat db update traffic. By default, the application is set with a 100ms interval between 67KB chunks of data sent to the agent. This delay interval can be set anywhere from 0 all the way up to 60,000ms or 60 seconds between chunks. Therefore, even if you have very narrow network pipe you should still be able to satisfy the threat database update requests without saturating your network. Warm regards, Stu -----Original Message----- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:55 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Another option maybe - if the AV product can be forced to check in though a script(can VIPRE?), and you can set up a VPN with something like OpenVPN or Cisco VPN client command line, you could create a script to run once a day that connects the VPN, forces the AV to check in, then disconnects the VPN. Just thinking out loud. -----Original Message----- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -----Original Message----- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -----Original Message----- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet if internal servers are not availble. Works very well... Shook ________________________________________ From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote: > I went through all of the emails, and didn't see much on this ... what > A/V solutions work OK with distributed clients, meaning someone who's > never been inside the firewall or VPN'd so that Group Policy could > install it? > > > We have a lot of laptops that never set foot in our office, and I'd like > to protect them centrally to reduce ownership costs, make > troubleshooting easier, and allow us to proactively spot things like > common infections. > > > > So far Trend's OfficeScan and Panda are about the only ones that seem to > do that. > > > > Stu, or anyone else - does anything else work OK for traveling laptops > (no VPN)? > > > > == John == > > > From: Devin Meade [mailto:[EMAIL PROTECTED] > Sent: Friday, August 22, 2008 11:46 AM > To: NT System Admin Issues > Subject: Re: Corporate antivirus recommendation > > > > I have to agree on number four. We have more and more laptops and this > is key. Question - will VIPRE do this? If so, its on our short list in > a few months with Trend expires. > > > > Devin > > > > > > On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]> > wrote: > > Regarding understanding tech's, I think that's anywhere these days. > > > > My top three requirements would be: > > > > 1) Excellent threat detection record and frequent updates to threat > definitions. > > 2) Good admin interface with easy and reliable remote installs. > > 3) Good deep scanning ability of clients with a real-time scan that > doesn't hog resources. > > > > For our needs I'd add: > > 4) Ability for external laptops that have never been in the office to > get updates > > Panda says they do 4, but I evaluated it and it didn't seem to be as > well integrated as Trend. Every time I've evaluated our situation I've > stuck with Trend. Some of our users revolt and purchase Symantec > because "it's the standard". *sigh* > > We're a consulting company and 95% of our users have never stepped foot > in the office, so I need something that works well outside the firewall. > > == John == > > > From: James Kerr [mailto:[EMAIL PROTECTED] > Sent: Friday, August 22, 2008 9:12 AM > > > To: NT System Admin Issues > > Subject: Re: Corporate antivirus recommendation > > > > I want to dump trend just so I don't have to hear their horrendous hold > song anymore. That and the more then one hour hold times to speak to a > tech then when I get a tech there is a 50/50 chance I wont be able to > understand him or her. > > > > James > > > > > > > > > > > -- > Devin > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ Confidentiality Notice: ---------------------------------- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ .. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ Confidentiality Notice: ---------------------------------- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ Confidentiality Notice: ---------------------------------- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~