Managed Antivirus Threat Definitions - Update Mechanisms
When new malware threats are discovered in the wild they are analyzed by antivirus laboratories and an updated version of the virus signature database released containing the information required to detect these threats.
As threats constantly emerge and antivirus laboratories develop new detection methods there can be frequent virus signature definition database releases.
To ensure your computer is fully protected. Managed Antivirus automatically updates to the latest virus signature on a schedule configured in the Protection Policy. Downloading a new version when available.
There may be times when it is necessary to manually update the threat definitions. For example, before running an on-demand scan to ensure any newly identified malware threats are detected. Manual definition updates are actioned directly from the Dashboard and on the device itself. Dashboard initiated updates are available on devices running at least Windows Monitoring Agent 9.2.1 or Mac Agent 3.2.0.
- Select the target device(s) in the north pane. (Shift and left-click for a range or Control and left-click for specific Devices)
- Right-click on one of the selection (or from the Servers, Workstations or Devices drop-down)
- Go to Managed Antivirus Scan > Update Threat Definitions
The update option is only available when the selection uses the same antivirus engine.
The update command is sent to the Agent during the next upload cycle. Once the update command is actioned the Antivirus Update Check - Managed Antivirus reruns and subsequently reports the discovered threat definition on the Dashboard.
Bitdefender and VIPRE Engine Options
Managed Antivirus Agent
Opening the Managed Antivirus Agent's About page initiates a threat definition update for the Bitdefender engine. Logon to the device, to view the About page double-click the Managed Antivirus system tray icon to open the agent then select the i button at the foot of the console or right-click the system tray icon and choose About from the menu.
Logon to the device, double-click the Managed Antivirus system tray icon to open the agent then from the File menu choose Check for newer definitions, or press F5 when in the console to run the updater.
Antivirus Update Check - Managed Antivirus: Automatic Threat Definition Update (Agent 9.2.1 and later)
Managed Antivirus updates its threat definitions based upon the device's Protection Policy. Although there may be occasions where the threat definitions have not updated prior to the Daily Safety Check running, for example where the device was switched off overnight when the latest definitions were released and the Checks have run before the next scheduled update has taken place.
From Windows Monitoring Agent version 9.2.1 the behavior of the Antivirus Update Check - Managed Antivirus changed to automatically force an update of the Managed Antivirus threat definitions if the Check fails.
Where the Antivirus Update Check - Managed Antivirus discovers that the Managed Antivirus threat definitions are out-of date the Monitoring Agent instructs the Managed Antivirus Agent to update its threat definitions. When in this state the Antivirus Update Check - Managed Antivirus uploads along with the other Daily Safety Checks and is displayed on the Dashboard as a soft failure (yellow tick) with no failure notification sent.
Once the threat definition update is complete, only the Antivirus Update Check - Managed Antivirus re-runs. Where the threat definitions are updated the Check is reported as passed, otherwise the Check is reported as failed with an Alert sent (if configured).
What do you want to do?
- Review the Managed Antivirus Quick Start Guide
- View Managed Antivirus URLs
- Enable Managed Antivirus on individual servers and workstations or on all servers and workstations at a client or site
- Automatically remove installed Antivirus products
- Configure Managed Antivirus Policies. Includes scan schedules, remediation action (default threat action), end-user interaction
- Look at actions for information on the end user authorization required on macOS High Sierra (10.13) and later
- Manage Quarantined items
- Start and Cancel on-demand scans
- Remotely update Managed Antivirus Threat Definitions
- Analyze Managed Antivirus Reports, these cover the provided level of protection