My F-SecurePM infractructure after upgrade to PM13 is, central FSPM13.00 serwer and few FSPMProxy13 serwers (CentOS) at Branch Offices (it is shown at admin guide https://help.f-secure.com/product.html#business/policy-manager/latest/en/concept_4EF977315A09441EAC0...)
Question about Centralized management of Policy Manager Proxy and Software Updates
Branch Offcie (BO) has own FSPMProxy13, that is visible at new icon in Centrel FSPM13 tree. Hosts in Branch office have FSCSPrem13.00. In FSPM13 I've set AutomaticUpdates for hosts in this BO to local FSPMProxy13, Software Updates set to 'From AUA configuration' (= local FSPMProxy13).
So if for this hosts setting 'Download software updates from Policy Manager' is set to 'Always' or 'If possible' then clients will download this updates using FSPMProxy13 or directly from FSPM13 (Central PM) ???
Here is help from explain setting 'Download software updates from Policy Manager'
This setting defines if managed hosts should download software update packages for third-party software from Policy Manager.
The default setting is to try to download the update package from Policy Manager first, and if the package is not available there, the host downloads it from the Internet. If you select “Always”, managed hosts do not connect to the Internet even if the update package is not available from Policy Manager. If you select “Never”, managed hosts always download the update packages from the Internet. This setting only applies to hosts connected to Policy Manager.
Object identifier: 188.8.131.52.4.1.2184.108.40.206.100
Clients download Software updates from the Policy Manager Proxy (in your case local FSPMProxy13), but Software updates DB is downloaded directly from the Master Policy Manager.
Software updates DB - is it just a list of Updates that FSPMS/FSPMProxy can download and Clients can install ?
I've done Report at local FSPMProxy13, and there is no Download updates, no Distributet updates, no Used Space
Mayby I set something wrong?
Clients, PMS, PMProxy are in 13.00 version. Software Updates are enable and set to If possible, instal Critical updates, Dayly, at 12:00, Force restart. In advanced wiev - Communication - Use HTTP - From AUA config. in AUA is one Policy manager Proxy http://IP_Addres_local_FSPMProxy13, Enabled, 443
is it OK?
Software updates DB - yes, exactly what Clients can install.
Your configuration seems to be ok. Empty counters also may be explained: for instance software on your hosts did not have critical updates since proxy installation. To make sure configuration is ok, you can check c:\ProgramData\F-Secure\Logs\fsoftupd\fssua.log and search for "Preparing to download patches from Policy Manager".
If you see that there were deployments and updates were downloaded from the internet, please collect fsdaigs from PM, PMProxy and Client computers - I will check for the reason.
in FSPMServer -> Automatic Updates (Settings) should be checked "Use HTTP Proxy" User defined/or From browser?
In Remote Offices I dont have/dont use any proxies to internet connection
You can use any you wish. AFAIK, AUA falls back to direct connection if connection via HTTP proxy fails. In case remote offices, I'd prefer From browser - it will avoid unnecessary attempt to use HTTP proxies.
I've got some probelm with getting AV updates on hosts from PMProxy. I'm testing diffrent configurations with local PMProxy13, hosts have settings:
1st - Use HTTP Proxy: NO, uncheck
2d- Use HTTP Proxy: From Browser
both don't have check two fields Allow falling back to PMS/FSecure Update
and this hosts have virus definition version 2017-11-13_3 (just after upgrade to FSCSPremium13)
- How to check this hosts from where they try to download AV updates
- How to check date of downloaded signatures at local PMProxy13?. Report shows Installation packages 82MB, Software Updater 2017-11-15, Downloaded 7GB, Distributed 29GB
- on clients (windows) where are logs from connection to PMProxy, FSecure update, PMServer?
- on PMProxy (linux) where are clinet conection logs?
Each end-point logs AUA activity to the file c:\ProgramData\F-Secure\Logs\FSAUA\fsaua.log. It has entries like:
Connecting to http://PMProxy13/guts2/ (no http proxy)
Update check completed successfully. No updates are available.
Policy Manager Proxy reports own status to the Policy Manager, select your PMProxy13 host in the domain tree, switch Status page to the Advanced view and find F-Secure Policy Manager Proxy -> Statistics -> Virus definitions. It contains DB version on PMP host, release date of last update and used disk space (separately for old BackWeb protocol and new GUTS2).
You can also check downloaded content at PMP host c:\Program Files (x86)\F-Secure\Management Server 5\data\guts2\updates at Windows or /var/opt/f-secure/fspms/data/guts2/updates at Linux.
If you notice old DB versions or empty folders, check for the reason in fspms-download-updates.log (c:\Program Files (x86)\F-Secure\Management Server 5\logs or /var/opt/f-secure/fspms/logs).
Notice: GUTS2 updates are downloaded on-demand, so if clients did not request updates, PM does not download them.
Policy-status related activities on end-points are logged to c:\ProgramData\F-Secure\Logs\fspmsupport\nrb.log
Client requests at PM/PMP side are logged to request.log (c:\Program Files (x86)\F-Secure\Management Server 5\logs or /var/opt/f-secure/fspms/logs).
I don't find file: FSAUA\fsaua.log - win10
ive got logs
[ 1612]Fri Nov 17 09:23:02 2017(2): Connection to PMS denied without PMProxy by policy (1)
[ 1612]Fri Nov 17 09:23:02 2017(3): Update check failed. There was an error connecting http://IP_PMS/guts2/ (Unspecified error) - becouse I deny that traffic
Fri Nov 17 09:23:02 2017(3): Connecting to http://IP_PMSPROXY13_local/guts2/ (no http proxy)
[ 1612]Fri Nov 17 09:23:03 2017(3): Update check failed. There was an error connecting http://IP_PMSPROXY13_local/guts2/ (Connection refused)
Then in PMS I've change PMProxy IP addres format to http://IP_PMSPROXY13_local:443
Fri Nov 17 09:33:28 2017(3): Connecting to http://IP_PMSPROXY13_local:443/guts2/ (no http proxy)
[ 1612]Fri Nov 17 09:33:28 2017(3): Update check failed. There was an error connecting http://IP_PMSPROXY13_local:443/guts2/ (Connection lost)
Updates doesen't work
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support and get answers to your questions