[ngw] McAfee NetShield Users

Douglas Rodriguez DRodriguez at counciltravel.com
Tue Dec 18 17:28:20 UTC 2001


My question here is: how do the peripheral servers get the update. Is that communication process start from the peripheral or from the central server?  

 Douglas Rodriguez
Technical Support @ CT


>>> brandon at kmsd.edu 12/18/01 12:02PM >>>
We only allow selected services in (http, smtp, etc. to respective servers).  However, we allow all services to go out (including FTP) at the PIX level.  We handle all filtering of outgoing services at the router level.

You do not have to allow any FTP services into your network for this to work.  You must allow outgoing FTP:21 access for your server at your firewall or wherever you implement your service filtering.

Brandon Kostolni
Network Manager
Kettle Moraine Schools

>>> William.Holman at co.sherburne.mn.us 12/18/2001 9:52:31 AM >>>
As far as the PIX is concerned, what do you allow in? We don't want to allow all FTP:21 into the network, we were hoping to get only McAfee's FTP in and all others blocked. 
(We have some savvy users)

Thanks for the Info! gives me something to work with.

>>> brandon at kmsd.edu 12/18/01 09:14AM >>>
Here is our update/distribution information.  Hope it helps.

Central Server (Netware 5.1)
- Netshield v4.50 Licensed
- PIX configured to allow all outgoing traffic.
- Netshield Distribution Options
   - 2am nightly download
   - Provide update to all other IPX/SPX servers
   - Download from FTP site:  ftp.nai.com/virusdefs/4.x 
   - Use anonymous FTP login
   - Replace old data files automatically

Periphery Servers (Mix of Netware 5.0 and 5.1)
- Netshield v4.50 Licensed
- Netshield Distribution Options
  - 2:15am nightly update (all other servers update at 2 minute intervals - 2:17am, 2:19am, etc.)
  - Accept update from other IPX/SPX servers
  - Replace old data files automatically

Thats it.  Have had no problems since initial configuration.

Brandon Kostolni
Network Manager
Kettle Moraine Schools

>>> Donwil at mgc-mbc.com 12/18/2001 8:47:08 AM >>>
Please advise your configuration on how you get this to work.

>>> brandon at kmsd.edu 12/18/01 08:39AM >>>
Our Netshield auto-update works fine.  We sit behind a Cisco PIX.  I have one server set to auto-update nightly via FTP to the Mcafee site and the other 13 update from this server later.  

Brandon Kostolni
Network Manager
Kettle Moraine Schools

>>> William.Holman at co.sherburne.mn.us 12/18/2001 7:59:56 AM >>>
I have gone in circles with McAfee techs on this, I finally found one tech that said that the "auto-update" feature will NOT work with NetWare. It is an issue with the servers trying to get to the FTP site, and it's due to it having to go through a firewall, not that it's being blocked, but that it has to go through it.
I only have a few servers to update, and have concluded that we have to wait for the new version coming out in late December/January.... 
Sorry I couldn't bring good news, but...try the Beta and see if it works for you, I don't have any test servers to play with so I can't try it.

>>> DRodriguez at counciltravel.com 12/17/01 05:44PM >>>
Does anybody know how to automate, Netshield 4.5 virus definition update automatic process into multiple remote servers from one location.
I have to setup the automatic virus definition update process to about 80 remote servers, but it seems to be very time consuming to do it one by one through McAfee Netware Console.
Here is another one. How do you quickly effectively deploy a new virus definition update to multiple remote servers?  
Since we are new using McAfee Any information that you will provide will be highly appreciated.  

Thank you

Douglas Rodriguez
Technical Support @ CT



--
Visit http://www.ngwlist.com for help with the list.
Visit http://www.concentrico.net for GroupWise, NDS, or DirXML development needs and product information.


--
Visit http://www.ngwlist.com for help with the list.
Visit http://www.concentrico.net for GroupWise, NDS, or DirXML development needs and product information.




--
Visit http://www.ngwlist.com for help with the list.
Visit http://www.concentrico.net for GroupWise, NDS, or DirXML development needs and product information.


--
Visit http://www.ngwlist.com for help with the list.
Visit http://www.concentrico.net for GroupWise, NDS, or DirXML development needs and product information.




More information about the ngw mailing list