Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7251
Views
20
Helpful
3
Replies

AMP Connector - auto-update?

JF53591
Level 1
Level 1

‎04-20-2021 12:01 PM

It appears there is no way to set AMP to automatically update the client software connectors.  Do I have that right?

 

We have a relatively small deployment of 25 machines and no dedicated IT department.  We need the security software to stay current without human intervention, as much as possible.  Hard to believe this isn't a feature included off-the-shelf!

 

What am I missing?

Labels:
3 Replies 3

Ken Stieers
VIP
VIP

‎04-20-2021 12:40 PM

In your AMP console go to Management/Policies, and open a policy you're using, and click Edit.

On the left you'll see boxes labeled Modes and Engines, Exclusions, Proxy, Outbreak Contro, Product Updates, Advanced Settings

Click on Product Updates, change the product version, and set dates/intervals/reboot settings...



It will update the workstations to the version you tell it to...



You should probably start with a test policy and some test machines...




0 Helpful

JF53591
Level 1
Level 1
In response to Ken Stieers

‎04-20-2021 12:57 PM

Thanks, but I understand how to update the versions via central control, but it is still a human-intervention.    I am interested in a new feature that would automatically update all workstations (in that policy) to the "latest" version... whatever it is and whenever it is released.  It is truly shocking that this is not part of the existing feature set.  Even a large corporation would probably want a group of machines in a "rapid-release" type policy that would receive this.  But small companies without a dedicated person to check and increment the version would absolutely hands-down REQUIRE this functionality.  

 

Example: a recent version of the connector for Mac caused CPU spiking.  The latest update resolved this.  How was I to know?  I don't spend my days checking the console?  I found out the issue by happenstance.  

Troja007
Cisco Employee
Cisco Employee

‎04-20-2021 10:19 PM

Hello JF53591,
right, today Secure Endpoint does not include such a feature. As most customers have a strict deployment strategy, this also must not happen. I fully agree, that there are situations or customer needs, where such a feature would make sense.

 

What you can do today: You can subscribe to the console news, so you get informed if there is a new connector version available.

If you are using a single policy and we are updating the connector approx. once a quarter, this results into approx. 2min-5min. of work per quarter.
BTW, i would highly recommend to take a look into the console from time to time, as we are also release new security settings or new engines. New engines must be activated in the policy. To solve this, you may take a look at a Cisco partner (also MSSP)  in your region, who does such checks for you.

 

Checked our Feature Request/Idea tool. As there are no request for such a feature, i added this as a new product idea.

Greetings,
Thorsten 

Customers Also Viewed These Support Documents