Antivirus update (Full Version)

All Forums >> [ISA 2006 Firewall] >> Access Policies



Message


isa_rooky -> Antivirus update (15.Jan.2010 8:37:13 AM)

Hi everybody,
I have a rule which allows access to the internet to all my users, but also in that same rule in the extension option I block the download of many extensions like .exe and many others. My antivirus uses the .exe to update the virus definitions and I have to remove the rule everytime I want the antivirus to update. Is there a way to allow only my antivirus to download this .exe extension?

Thanks in advance!!




IanC -> RE: Antivirus update (15.Jan.2010 10:04:44 AM)

You can create another access rule, used only for communication with AV servers.  Then place the new rule above your general Web access rule.

Ian 




isa_rooky -> RE: Antivirus update (15.Jan.2010 11:30:45 AM)

Hi Ian and thanks for your quick reply,
The AV I'm using is Microsoft Security Essentials and there's no specific address to communicate with the servers to update the antivirus definition file. What should I do in this case?




elmajdal -> RE: Antivirus update (15.Jan.2010 12:13:06 PM)

initiate an update and check the logs, there have to be a set of URLs that the software is getting its update from.




IanC -> RE: Antivirus update (15.Jan.2010 12:13:09 PM)

If a single server is used to download the definition file, you can use its IP address as the rule's source.  Otherwise, create a URL Set containing the AV site's URL and make this the destination.

Hope this helps.

Ian 




isa_rooky -> RE: Antivirus update (15.Jan.2010 2:16:55 PM)

Hi again Ian,
Each antivirus is installed individually on each machine and when the antivirus updates it doesn't show up the address from where it takes the definition file. I don't know what to do exactly. I want to use this antivirus because is working pretty well and is free.




TechFan -> RE: Antivirus update (21.Oct.2010 2:27:29 AM)

Did you find an answer. We are trying to figure out how to allow some Vista Home appliances we have that run security essentials to get their updates without full internet access. But, every time we tell it to check for updates, it fails. . .

I can't find a list of update servers anywhere and the one server we find in the logs has been permitted already. . .




isa_rooky -> RE: Antivirus update (21.Oct.2010 9:07:45 AM)

Hi guys and thanks for replying, but I decided to change my antivirus. Now I'm using Eset Nod 32 and works pretty well with ISA Server 2006 Standard Edition.




TechFan -> RE: Antivirus update (21.Oct.2010 9:49:42 AM)

Yes, we use Kaspersky's internal to the firewall without issues, but we have some appliance like devices that don't need our standard AV, so I would still like to get this working. . .




Everet -> RE: Antivirus update (23.Oct.2010 4:10:49 AM)

Use AV software.




TechFan -> RE: Antivirus update (23.Oct.2010 4:20:18 AM)

Thanks for the reply. . .not very useful though. We will still find a way. Managed AV for the appliances isn't a good option.




Page: [1]