cancel
Showing results for 
Search instead for 
Did you mean: 
zisagu
Level 8
Report Inappropriate Content
Message 1 of 14

VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

I have eight Windows Server 2012r2 servers on a local network, all of which have McAfee VirusScan Enterprise 8.8 installed. None of these machines are connected to the internet. I can keep the antivirus definitions updated by downloading the DAT files manually (from here) and copy them onto each server, but it's too much work since I have 8 servers.

So how can I do this easier?

I thought this could be achieved by placing the DAT files in a folder that is shared with all servers, add that folder to the repositories list on all servers but I get "unable to find a valid repository". So apparently that thing looks for more than just the dat files.

Tags (2)
1 Solution

Accepted Solutions
zisagu
Level 8
Report Inappropriate Content
Message 10 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

This system is isolated from any internet connectivity. No possibility of network shares with coputers that have internet connection either.

Anyway, I finally figured it out; I connected to ftp.nai.com and downloaded the entire commonupdater/ directory onto my computer, and then copied all its contents into the system's UNC share/mirror directory. Now all the machines in the system are able to get their updates from that directory (using the Mirror and Auto Update tasks).

Solved.

View solution in original post

13 Replies
mattw2
Level 10
Report Inappropriate Content
Message 2 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

I suspect you do not have ePolicy Orchestrator in your environment ? If you do, can you not setup a route to allow the servers to talk to it, but otherwise retain the lack of internet access.

If not, and with no internet access, the only supported method is probably the one you are using, although you could attempt to automate it to an extent....

eg scheduled task that runs a batchfile / vbscript / powershell that (in the broadest of terms)

a) stops the relevant McAfee service(s)
b) copies the extracted DAT files from a central location over top of existing (perhaps first, backup existing).
c) restart McAfee service(s) stopped in step a.

- note this may very well not be an officially supported/sanctioned method itself.

Huge number of caveats though, including whether the Virusscan settings are configured to allow the services to be stopped, and are you happy manually downloading the DAT and extracting it (or can create a separate automated process that would handle that too).

Matt W

McAfee Employee dmcgeary
McAfee Employee
Report Inappropriate Content
Message 3 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

Greetings,  Please see KB84118
It discusses the use of a Mirror task to creat a repository from which DAT updates can be pulled in the absence of a EPO server.
Hope this helps!

zisagu
Level 8
Report Inappropriate Content
Message 4 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

>in the absence of a EPO server.

I looked at KB84118. Looks to me like i still need to have  ePolicy Orchestrator installed.. Is there really no way around it?

McAfee Employee dmcgeary
McAfee Employee
Report Inappropriate Content
Message 5 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

The KB shows the ingredients needed.
1. The Mirror Task (copies down the common updater contents)
2. How to specify a Update repository. 

Just confirmed it worked by trying it without using ePO to create a UNC repository.

The VSE running the mirror task will need to be able to reach the common updater site.  

Connecting the dots, the implementation setup may look something like this.
Using a system that can connect and update from valid repository run Mirror task.
The Mirror Task will build a valid update repository with everything needed. 
Use the 'Edit AutoUpdate Repository List' to specify the location to which the contents of the Mirror task are provided. 






 


 

zisagu
Level 8
Report Inappropriate Content
Message 6 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

Well I'm stuck on this step: "Create a UNC repository named mirror (...). For more information, refer to the ePolicy Orchestrator Product Guide for your product version.

For a full list of product documents, go to the ServicePortal at: http://support.mcafee.com. Click Knowledge Center, and select Product Documentation from the Knowledge Base list."

I've looked at several "ePolicy Orchestrator Product Guide" documents, none of which tell me how to "create a UNC repository" without having this ePO thing. Is it just a shared folder? What files do I put in it? If you could paste that exact step here (or refer me to a specific docuement) that'd be great.

McAfee Employee dmcgeary
McAfee Employee
Report Inappropriate Content
Message 7 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

Just skip that step.

Use the VSE console to create a Mirror task. Part of that task creation requires you specify a location,
That location can serve as the share. 

zisagu
Level 8
Report Inappropriate Content
Message 8 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

What files do I place in the mirror directory? Just the three DAT files from avvdat-*.zip?

I keep getting "The Update failed" when I run the mirror task. MirrorLog.txt contains nothing useful.

mattw2
Level 10
Report Inappropriate Content
Message 9 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

The mirror task is what you create/setup on an internet connected system, so that it can download the update files in the relevant format and save to a specified local directory.

You then need to point your non-internet connected systems at that folder. Or, have the files then put somewhere (in same format/structure as downloaded) that the other systems can see. They would then use a normal Update task pointed at that folder.

 

zisagu
Level 8
Report Inappropriate Content
Message 10 of 14

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

This system is isolated from any internet connectivity. No possibility of network shares with coputers that have internet connection either.

Anyway, I finally figured it out; I connected to ftp.nai.com and downloaded the entire commonupdater/ directory onto my computer, and then copied all its contents into the system's UNC share/mirror directory. Now all the machines in the system are able to get their updates from that directory (using the Mirror and Auto Update tasks).

Solved.

View solution in original post

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community