Updating

The ePO database contains Host Intrusion Prevention security content data, such as signatures, which is displayed in Host intrusion Prevention policies. Host Intrusion Prevention supports multiple versions of agent content and code, with the latest available content appearing in the ePO console. New content is always supported in subsequent versions, so content updates contain mostly new information or minor modifications to existing information.

Updates are handled by a content update package. This package contains content version information and updating scripts. Upon check-in, the package version is compared to the version of the most recent content information in the database. If the package is newer, the scripts from this package are extracted and executed. This new content information is then passed to agents at the next agent-server communication.

 

Host Intrusion Prevention content updates must be checked into the ePO Repository for distribution to agents. Host Intrusion Prevention agents should obtain updates only through communication with the ePO server, and not directly through FTP or HTTP protocols.

The basic process includes checking in the update package to the ePO Repository, and then sending the updated information to the agents.

Copyright © 2006 McAfee, Inc. All Rights Reserved.