Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
845
Views
0
Helpful
3
Replies

Problem with local update server anti virus and anti spam update

orba00001
Level 1
Level 1

‎07-31-2015 04:18 AM

We have a couple of Ironport devices on a closed network without Internet access. I have been attempting to get anti-virus and anti-spam updates onto them, but have not succeded. I have a guide that have been written for us that involves downloading http://downloads.ironport.com/as/case.ini and http://downloads.ironport.com/av/sophos.ini and then downloading some files with the version information from those two. These files are then uploaded to the local web-server on the closed network with the appropriate paths. The problem is that when I tell the Ironport devices to update anti-virus or anti-spam it simply says "no updates available".

Other then the guide that has been written for us by the company that installed these Ironports I have been unable to find a detailed description of how this should be done. I can't find anything in logs etc. about why the Ironports can't find any updates. I tried to set the log level og updater_logs to the highest level. On that level it prints the server manifest which it gets from the web-server:

"Fri Jul 31 10:23:58 2015 Debug: Server manifest acquired: <?xml version="1.0" encoding="iso-8859-1"?>

<server_manifest version="2">

......."

And some other log lines that seem unrelated:

"

Fri Jul 31 10:23:58 2015 Debug: Received remote command to get application status

Fri Jul 31 10:24:00 2015 Trace: command session starting

Fri Jul 31 10:24:00 2015 Debug: Received remote command to get update counters.

"

Does anyone have some experience making this work?

Labels:
0 Helpful
3 Replies 3

Peter Dowker
Cisco Employee
Cisco Employee

‎08-03-2015 08:03 AM

Please open a ticket with TAC and ask to speak to the Off Line Updater team.

0 Helpful

Robert Sherwin
Cisco Employee
Cisco Employee

‎08-04-2015 12:49 PM

Most likely you upgraded AsyncOS to a version that does not support the local updater process.  In which case, as Michael indicated, open a support case and work direct w/ the process to get re-engaged with proper updates.

-Robert

Cheers,
Robert Sherwin
0 Helpful

exMSW4319
Level 3
Level 3

‎08-07-2015 09:19 AM

An internal community that is so secure that it requires air-gap network segregation and so large that it requires subdivision by ESGs? Sounds exciting!

If on the other hand this sequestration is some nonsense server room rule from management, have you tried pointing out where the e-mails came from / are going to?

If you're worried about viruses, that network isn't as isolated as some think. It isn't worth giving up the live feed for AV updates. I'd campaign for a firewall loophole to just the relevant hosts.

0 Helpful
Customers Also Viewed These Support Documents