Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Host Checker auto download new SEP definitions to PC

SOLVED
Go to solution
sean.giroux_
New Contributor
‎05-06-2014 10:50:AM
‎05-06-2014 10:50:AM

Host Checker auto download new SEP definitions to PC

I have HostChecker working in my lab environment so that it automatically remediates an out of date Symantec Endpoint Virus definitions.  However, I have noticed the below message just runs all day with no actual update occuring. I have logging turned on my firewall in the lab and really do not see traffic leaving my remediation network to untrust. If you fail host checker you are put on a "visitors" network by default.

 

That said, does anyone know what the traffic flow is? Does the PULSE client locally on the system go out to the interenet to Symantec to grab the latest defs or does the IC initiate the communication out to Symantec and then passes along that data to the client?

 

We use Sep 11.x and will be upgrading to Sep 12.x later this year. If anyone uses this in their envirnoment and has aooutomatic remediation working, I would love the input.

 

Also if anyone has a better way of updating virus defs once laptop/PULSE client fails host checker... Is there a way to kick off a script automatically or add a link to a local script on my network (which can be accessed from my visitors network) that the end user will click on to either go to Symantec to donwload the defs or to our in house SEPM server. I do know there is a script floating around for SEP 12.x, but from my understanding can only be used as a logon scrtipt.

 

I am running IC4500 with code level 4.3r4.4. and eap version 2.6.1. The virus signatures are being downloaded from Juniper with no issue.

 

Auto_Remediation.JPG

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
kalagesan_
Super Contributor
‎05-07-2014 08:48:PM
‎05-07-2014 08:48:PM

Re: Host Checker auto download new SEP definitions to PC

Hi Sean,

 

Thanks for the response.

 

I have n't come across any scripts that customers use  on their end client PC's for AV definition update for remediation however I have seen customers using using the customer URL"s as part of customer instructions where they instruct user to intsall the updates.

 

However on this case I see the pulse client get  stuck during remediation, we need to check the pulse debug logs at detailed level to understand  what is happening during this time. Since its log analysis to confirm whether there is any issue at pulse or hostchecker side I recommend you to open a JTAC Case for further support.

 

Hope this helps.

 

Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

 

Regards,
Kannan

View solution in original post

0 Kudos
4 REPLIES 4
kalagesan_
Super Contributor
‎05-06-2014 08:09:PM
‎05-06-2014 08:09:PM

Re: Host Checker auto download new SEP definitions to PC

Hi Sean,

 

I understand your issue.

 

With Host Checker antivirus remediation, we can prompt the endpoint to download the latest virus signature files, turn on antivirus protection, and initiate an antivirus scan.

 

Hope you have Download latest virus definition files check box option enabled as part of remediataion for SEP 11.x in IC admin GUI in Hostchecker AV policy configuration.


Enabling this will enforce client to download the AV definition files which are missing however the SEP AV installed on the machines should also been enabled to download the AV definitions.

 

If possible you can get the URL for virus definition update URL from SEP and you can add this URL for users who are remediating by enabling Customer instructions . This is part of remediation cofig in IC HD rule.


Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

 

Regards,
Kannan

0 Kudos
sean.giroux_
New Contributor
‎05-07-2014 05:58:AM
‎05-07-2014 05:58:AM

Re: Host Checker auto download new SEP definitions to PC

Kannan,

I do have "Download Latest Virus Definitions" selected as part of the remediation process on the IC. And machines are enabled to do LiveUpdate from Symantec (as well as from SEPM).  I understand how to use the custom instructions and providing a link for end users to follow to download the latest defs.

 

I guess my question is more along the lines as to why that pulse message/screen from my original post takes so long to actually download and install the latest definitions. Our internet pipe is more than large enough to handle the size of the download (150MB fiber).

 

Based on you post, it sounds like the machine/client PC that fails host checker goes out to the internet via LiveUpdate in the backround (possible by triggering Symantecs command line LUALL -s).

 

You have answered my questions to my liking, however was hoping for some more insight on my other questions about scripts and other ways company's remediate their clients if they fail hostchecker for out of date defs.

 

thank you

sean

0 Kudos
kalagesan_
Super Contributor
‎05-07-2014 08:48:PM
‎05-07-2014 08:48:PM

Re: Host Checker auto download new SEP definitions to PC

Hi Sean,

 

Thanks for the response.

 

I have n't come across any scripts that customers use  on their end client PC's for AV definition update for remediation however I have seen customers using using the customer URL"s as part of customer instructions where they instruct user to intsall the updates.

 

However on this case I see the pulse client get  stuck during remediation, we need to check the pulse debug logs at detailed level to understand  what is happening during this time. Since its log analysis to confirm whether there is any issue at pulse or hostchecker side I recommend you to open a JTAC Case for further support.

 

Hope this helps.

 

Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!

 

Regards,
Kannan

0 Kudos
kalagesan_
Super Contributor
‎05-08-2014 11:30:PM
‎05-08-2014 11:30:PM

Re: Host Checker auto download new SEP definitions to PC

Thanks Sean, I am glad that the suggestion provided helped you

 

Regards,

Kannan

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.