cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
zisagu
Level 8
Report Inappropriate Content
Message 1 of 14
‎01-24-2018 04:52 AM

VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

I have eight Windows Server 2012r2 servers on a local network, all of which have McAfee VirusScan Enterprise 8.8 installed. None of these machines are connected to the internet. I can keep the antivirus definitions updated by downloading the DAT files manually (from here) and copy them onto each server, but it's too much work since I have 8 servers.

So how can I do this easier?

I thought this could be achieved by placing the DAT files in a folder that is shared with all servers, add that folder to the repositories list on all servers but I get "unable to find a valid repository". So apparently that thing looks for more than just the dat files.

Tags (2)
0 Kudos
Reply
1 Solution

Accepted Solutions
zisagu
Level 8
Report Inappropriate Content
Message 10 of 14
‎02-01-2018 05:39 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

This system is isolated from any internet connectivity. No possibility of network shares with coputers that have internet connection either.

Anyway, I finally figured it out; I connected to ftp.nai.com and downloaded the entire commonupdater/ directory onto my computer, and then copied all its contents into the system's UNC share/mirror directory. Now all the machines in the system are able to get their updates from that directory (using the Mirror and Auto Update tasks).

Solved.

View solution in original post

Reply
13 Replies
mattw2
Level 10
Report Inappropriate Content
Message 2 of 14
‎01-24-2018 05:39 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

I suspect you do not have ePolicy Orchestrator in your environment ? If you do, can you not setup a route to allow the servers to talk to it, but otherwise retain the lack of internet access.

If not, and with no internet access, the only supported method is probably the one you are using, although you could attempt to automate it to an extent....

eg scheduled task that runs a batchfile / vbscript / powershell that (in the broadest of terms)

a) stops the relevant McAfee service(s)
b) copies the extracted DAT files from a central location over top of existing (perhaps first, backup existing).
c) restart McAfee service(s) stopped in step a.

- note this may very well not be an officially supported/sanctioned method itself.

Huge number of caveats though, including whether the Virusscan settings are configured to allow the services to be stopped, and are you happy manually downloading the DAT and extracting it (or can create a separate automated process that would handle that too).

Matt W

0 Kudos
Reply
dmcgeary
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 14
‎01-24-2018 07:31 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

Greetings,  Please see KB84118
It discusses the use of a Mirror task to creat a repository from which DAT updates can be pulled in the absence of a EPO server.
Hope this helps!

0 Kudos
Reply
zisagu
Level 8
Report Inappropriate Content
Message 4 of 14
‎01-26-2018 04:10 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

>in the absence of a EPO server.

I looked at KB84118. Looks to me like i still need to have  ePolicy Orchestrator installed.. Is there really no way around it?

0 Kudos
Reply
dmcgeary
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 14
‎01-29-2018 06:13 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

The KB shows the ingredients needed.
1. The Mirror Task (copies down the common updater contents)
2. How to specify a Update repository. 

Just confirmed it worked by trying it without using ePO to create a UNC repository.

The VSE running the mirror task will need to be able to reach the common updater site.  

Connecting the dots, the implementation setup may look something like this.
Using a system that can connect and update from valid repository run Mirror task.
The Mirror Task will build a valid update repository with everything needed. 
Use the 'Edit AutoUpdate Repository List' to specify the location to which the contents of the Mirror task are provided. 






 


 

0 Kudos
Reply
zisagu
Level 8
Report Inappropriate Content
Message 6 of 14
‎01-30-2018 05:09 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

Well I'm stuck on this step: "Create a UNC repository named mirror (...). For more information, refer to the ePolicy Orchestrator Product Guide for your product version.

For a full list of product documents, go to the ServicePortal at: http://support.mcafee.com. Click Knowledge Center, and select Product Documentation from the Knowledge Base list."

I've looked at several "ePolicy Orchestrator Product Guide" documents, none of which tell me how to "create a UNC repository" without having this ePO thing. Is it just a shared folder? What files do I put in it? If you could paste that exact step here (or refer me to a specific docuement) that'd be great.

0 Kudos
Reply
dmcgeary
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 14
‎01-30-2018 05:40 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

Just skip that step.

Use the VSE console to create a Mirror task. Part of that task creation requires you specify a location,
That location can serve as the share. 

0 Kudos
Reply
zisagu
Level 8
Report Inappropriate Content
Message 8 of 14
‎01-31-2018 06:45 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

What files do I place in the mirror directory? Just the three DAT files from avvdat-*.zip?

I keep getting "The Update failed" when I run the mirror task. MirrorLog.txt contains nothing useful.

0 Kudos
Reply
mattw2
Level 10
Report Inappropriate Content
Message 9 of 14
‎02-01-2018 05:20 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

The mirror task is what you create/setup on an internet connected system, so that it can download the update files in the relevant format and save to a specified local directory.

You then need to point your non-internet connected systems at that folder. Or, have the files then put somewhere (in same format/structure as downloaded) that the other systems can see. They would then use a normal Update task pointed at that folder.

 

0 Kudos
Reply
zisagu
Level 8
Report Inappropriate Content
Message 10 of 14
‎02-01-2018 05:39 AM

Re: VirusScan Enterprise 8.8: How to create a local repository for updating several servers?

Jump to solution

This system is isolated from any internet connectivity. No possibility of network shares with coputers that have internet connection either.

Anyway, I finally figured it out; I connected to ftp.nai.com and downloaded the entire commonupdater/ directory onto my computer, and then copied all its contents into the system's UNC share/mirror directory. Now all the machines in the system are able to get their updates from that directory (using the Mirror and Auto Update tasks).

Solved.

View solution in original post

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC