Re: AMP Connector - auto-update?

JF53591 · ‎04-20-2021

It appears there is no way to set AMP to automatically update the client software connectors. Do I have that right?

We have a relatively small deployment of 25 machines and no dedicated IT department. We need the security software to stay current without human intervention, as much as possible. Hard to believe this isn't a feature included off-the-shelf!

What am I missing?

Ken Stieers · ‎04-20-2021

In your AMP console go to Management/Policies, and open a policy you're using, and click Edit.

On the left you'll see boxes labeled Modes and Engines, Exclusions, Proxy, Outbreak Contro, Product Updates, Advanced Settings

Click on Product Updates, change the product version, and set dates/intervals/reboot settings...

It will update the workstations to the version you tell it to...

You should probably start with a test policy and some test machines...

JF53591 · ‎04-20-2021

Thanks, but I understand how to update the versions via central control, but it is still a human-intervention. I am interested in a new feature that would automatically update all workstations (in that policy) to the "latest" version... whatever it is and whenever it is released. It is truly shocking that this is not part of the existing feature set. Even a large corporation would probably want a group of machines in a "rapid-release" type policy that would receive this. But small companies without a dedicated person to check and increment the version would absolutely hands-down REQUIRE this functionality.

Example: a recent version of the connector for Mac caused CPU spiking. The latest update resolved this. How was I to know? I don't spend my days checking the console? I found out the issue by happenstance.

Troja007 · ‎04-20-2021

Hello JF53591,
right, today Secure Endpoint does not include such a feature. As most customers have a strict deployment strategy, this also must not happen. I fully agree, that there are situations or customer needs, where such a feature would make sense.

What you can do today: You can subscribe to the console news, so you get informed if there is a new connector version available.

If you are using a single policy and we are updating the connector approx. once a quarter, this results into approx. 2min-5min. of work per quarter.
BTW, i would highly recommend to take a look into the console from time to time, as we are also release new security settings or new engines. New engines must be activated in the policy. To solve this, you may take a look at a Cisco partner (also MSSP) in your region, who does such checks for you.

Checked our Feature Request/Idea tool. As there are no request for such a feature, i added this as a new product idea.

Greetings,
Thorsten

PeterGr · ‎09-30-2024

Found this thread and it seems closest to my question - configure API call to update endpoint connectors. The API documentation seems conflicted between V1, V2, V3 being able to update connectors via API call. Does anyone have experience using the API to update endpoint connectors? We have hundreds of policies among different tenants and thousands of endpoints. Manually updating them is very time consuming.

Ken Stieers · ‎09-30-2024

I have a powershell script that will set all of the policies whose name matches a string to a version you give it (have to enter the full number)

https://github.com/KStieers/Scripts/tree/main

You want the Updatepoliciesclean.ps1