Chapter 4 Updating Scan Engines

Applies to: Forefront Server Security Management Console

Updating your scan engines in a timely fashion is critical in the fight against viruses and spam. Microsoft Forefront Server Security Management Console (FSSMC) simplifies management by centralizing downloads of signature updates and proactively distributing them to your Forefront server environment.

In this chapter

Create a signature redistribution job

Run a signature download and distribution job manually

Create a signature redistribution job

Use the signature redistribution job to update antivirus signatures on all (or selected) managed servers in an environment. You may update all of your engines using one job, create a different job to update each engine, or create several jobs to update various combinations of engines.

The most efficient way to update antivirus signatures is to create a redistribution job to download them to a single staging server. The staging server then downloads the updates and deploys them to the other servers.

To create a signature redistribution job

1. Under Job Management at screen left, click Jobs.

2. In the Manage Jobs work pane, click Signature Redistribution Jobs, and then click Create.

3. In the Signature Redistribution work pane, type a Job Name.

4. In the Schedule Download section, set the update schedule.

   These settings will control when and how often the Forefront Server Security Management Console polls the download Web site for new signatures.

   • Set the Download Frequency to indicate how often you want to check for updates.
     The most frequent interval is every 15 minutes.

     Note

     If you do not want updates to be downloaded and distributed to all managed servers automatically, check Do not schedule. In this case, if the job is not scheduled, you must run it manually, following the instructions in Run a signature download and distribution job manually.

   • Set a Start Time.

   • Set the Number of Retries.
     This enables Forefront Server Security Management Console to poll the Microsoft site again if it encounters a problem during a download.

   • Set the Retry Delay.
     This is the number of minutes Forefront Server Security Management Console will wait before attempting another download.

5. In the Download Configuration section, select the main signature download location. If you’re using a proxy server, enter information about it here.
   Forefront Server Security Management Console will download signatures from this site.

6. In the E-mail Notification section, type the e-mail address of the person who should receive notice of the success or failure of an update job, and then click Add.

   Enter as many addresses as you want, one at a time. Use the Test button to make sure the address is correct.

7. Click Next to continue.

8. In the Engine Selection section, check the licensed engines for which you want to download signatures. Make sure to update the Worm List (for Forefront 10), a critical source of protection.

   

   The engines listed under Names are those you’ll see in Notification and Alert Logs.

   Note

   There is a difference in engines between Antigen Enterprise Manager and Forefront Server Security Management Console. For example:

   • Worm List. There is both an Antigen Worm List and a Forefront Worm List. If you have a mixed environment, make sure you download both versions of these engines. If you have only Antigen or only Forefront, simply download the one that's appropriate for your environment.
   • Kaspersky Engine. There are different versions of the Kaspersky Engine for Antigen 9 and for Forefront 10. If you have a mixed environment, make sure you download both versions of these engines. If you have only Antigen or only Forefront, simply download the one that's appropriate for your environment.
   • SpamCure Engine is ONLY available for Antigen 9; it is NOT available for Forefront Security for Exchange. If you’re using only Forefront Security for Exchange, you won't need to download the SpamCure Engine.

9. Click Next to continue.

10. In the Assign Job work pane, select the servers and server groups that the job will run on.

11. Click Finish.

    The new job appears in the Signature Redistribution Jobs list.

Run a signature download and distribution job manually

If you have scheduled the signature redistribution job, it will start automatically at the scheduled time. If it has not been scheduled or if you want to download the latest signatures immediately after you create a signature distribution job (rather than wait for the scheduled start time), follow the steps below.

To run a signature download and distribution job manually

1. In the Signature Redistribution Jobs section of the Manage Jobs work pane, select the new job.

2. Click Run Now.

3. In the Start Job Now work pane, click Start Download.

   A new window opens to show you the status of the downloads. As soon as the download of the new signatures is complete, distribution to the various servers begins.

   

4. Click Close after all the distributions have ended.

   Note

   The Start Distribution button on the Start Job Now work pane allows you to distribute already downloaded updates (usually to newly added servers) without checking for new updates. While this is faster, it’s always a better practice to check for new updates first.