Scan Engine on Server 2008 64-bit an Intelligent Updater shadowing
I am currently investigating, with Ben C Smith, an issue where IU shadowing does not work on Server 2008 64-bit version. The location where AV defs are stored on 64-bit 2008 is C:\ProgramData\Symantec\Definitions but the setup-iu.bat builds the definitions in the C:\Program Files(x86)\Common Files\Symantec Shared folder. When I run IntelligentUpdater, either i32 or i64, it doesn't see a product tpo update. Trying to figure out where Scan Engine's shadowing process looks for defs to convert and if this will work if we just change the batch file to look in the right place.
UPDATE: Shadowing seems to be working once I installed SEP onto the server. Will uninstall all products and runt eh modified version of the setup-iu.bat file and see if it can build a VirusDefs folder that the Intelligent Updater will see and update.
About Security Community Blog
The Security Community Blog is the perfect place to share short, timely insights including product tips, news and other information relevant to the Security community. Any authenticated Connect member can contribute to this blog.
Comments
UPDATE: Here is a workaround.
UPDATE: Here is a workaround. Apparently Scan Engine's CSAPI shadowing engine does check C:\Program Files\Common Files\Symantec Share\VirusDefs, no matter the OS. So, if you manually extract the rapid release defs to this folder, SSE will pick them up. Here are the steps:
1. Run 'C:\Program Files (x86)\Symantec\Scan Engine\Definitions\setup-iu.bat enable'
2. Download Rapid Release defs, symrapidreleasedefsi32.exe.
3. Run, 'symrapidreleasedefsi32.exe /EXTRACT /Q C:\Program Files\Common Files\Symantec Shared\VirusDefs\CSAPIDefs'
4. Give Scan Engine a minute or two then open the browser and confirm that the defs have been updated.
Would you like to reply?
Login or Register to post your comment.