eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

Revision as of 06:48, 12 October 2010; view current revision
←Older revision | Newer revision→
Jump to: navigation, search

Index

Updating eScan Virus Signature Database

  1. How frequently is eScan's Virus Database updated?
  2. How does eScan performs updates?
  3. Can we configure the frequency of update-checks?
  4. Can eScan download updates via FTP or HTTP? Will it work through my normal Proxy or SOCKS Proxy Server?
  5. Can eScan download updates through my Firewall?
  6. How eScan does performs updates?
  7. How much time does eScan take to update?
  8. How do eScan Clients get updated?
  9. Does eScan updates flow across different networks, sub-networks?
  10. How can I download updates for my eScan clients version 9 from an eScan Server version 10?
  11. How can I check that eScan has recently updated?
  12. Does eScan gives total virus protection from all latest viruses?
  13. I receive lots of SPAM emails which is not detected by eScan. How can I update the eScan Anti-Spam database?
  14. How does Client Live Updater in eScan Management Console work?
  15. How do I get cumulative updates for eScan & MailScan?
  16. How does eScan get updates from ISA Proxy Server?
  17. How often does the eScan Management server download updates from internet?
  18. How can I schedule download of updates by eScan Clients from eScan Server?
  19. My eScan clients are unable to get updates from eScan server, once I log out from eScan server?



  1. How frequently is eScan's Virus Database updated?

    Answer:
    The Web and FTP sites are normally updated once every day.
    On certain occasions, they may be updated more frequently, in response to a virus epidemic (eg. the Love-Bug virus).
  2. How do we update eScan with the latest virus updates?

    Answer:
    eScan automatically keeps its virus database updated.
    It checks for availability of the Internet connection. If it detects that Internet connectivity is present, it then checks to see if a new update is available.
    If new updates are available, they are downloaded and implemented automatically.
    The default frequency for update checks is currently set at 1-hour intervals, but can be manually configured for other periods as per the customer's requirements.

  3. Can we configure the frequency of update-checks?

    Answer:
    Yes.

  4. Can eScan download updates via FTP or HTTP? Will it work through my normal Proxy or SOCKS Proxy Server?

    Answer:
    Yes.

  5. Can eScan download updates through my Firewall?

    Answer:
    Yes. Either using HTTP downloads or using Passive FTP.

  6. What size update files does eScan have?

    Answer:
    eScan uses an incremental update process. This allows it to only download the new virus signatures and append it to the existing anti-virus database.
    This is normally a very fast operation with minimal impact on your Internet connection bandwidth and is a huge advantage when compared to other products that must re-download the entire anti-virus database file each time.

  7. How much time does eScan take to update?

    Answer:
    Due to the nature of incremental updates, the download files required by eScan is very small in size.
    Hence, it would not take more than 5-10 minutes for a complete download on a (slow) modem connection. But it also depends on your connectivity to the Internet.

  8. How do eScan Clients get updated?

    Answer:
    As soon as an eScan Client starts, it will look for (poll for) an eScan Server. This operation is similar to how a DHCP Client looks out for a DHCP Server.
    As soon as the Client receives the IP address of the eScan Server, it will send update requests to the eScan Server at pre-specified time intervals.

  9. Does eScan updates flow across different networks, sub-networks?

    Answer:
    Yes, provided you install atleast one eScan Server in each of the other networks OR install the eScan Server on the Gateway PC.
    If you have installed eScan Servers on multiple networks, then you should configure one eScan Server as the Master eScan Server. The other eScan Servers can then be configured to pick up their updates from the Master eScan Server.
    This will reduce the impact on your Internet connection's bandwidth, and also the load on the main eScan Server.

  10. How can I download updates for my eScan clients version 9 from an eScan Server version 10?

    Answer:


    To download updates for eScan clients version 9 from an eScan Server version 10, follow the steps below:

    a. Open the eupdate.ini of the eScan Server from \Program files\escan\ directory or the eScan installed directory,
    b. search for "DoNotAllowDownload=" entry.
    c. Default entry will be
    DoNotAllowDownload=*.avc,*.avx,*.set,*.key,*.vnd,update.txt,*.dt,kerupd.upz
    d. You have to remove all the values and save the eupdate.ini file. The value should be
    DoNotAllowDownload=
    e. And start downloading the udpates.
    f. It will store Verion 9 updates in \pub\update folder (share name is escanupd$)
    g. And the Version 10 updates will be stored under \pub\avx folder (share name is escanavx$ )
    h Whenever a eScan client or server version 9 will download the updates from eScan version 10 server it will choose the \pub\update path which is default one. And version 10 client will choose the \pub\avx path to download the other signatures.
    Note: The Above Changes is to be implemented Only when Client OS are Below Windows XP.

  11. How can I check that eScan has recently updated?

    Answer:
    In eScan version 9, if you right click on " 'e " icon in the system tray, there is an option of "View log files".Click on the "View Download Log" option to check the status of the updates. Or place the mouse pointer on the " e " icon (on the taskbar). Here it will display the date when the software was last updated.

    In eScan version 10, open the eScan Protection Center and click on Update. In this window, you can see the date of the Last Database updated. Also, you can click on View Log (under Report in the same window) to check the AV-signature files downloaded. Or just move the mouse cursor over the Red Color eSan Monitor icon, which will display the information.

  12. Does eScan gives total virus protection from all latest viruses?

    Answer:
    Yes, since eScan is updated on a daily basis with all the latest virus information, it gives you round-the-clock 100% protection.

  13. I receive lots of SPAM emails which is not detected by eScan / Mailscan. How can I update the eScan Anti-Spam database?

    Answer:
    Forward the emails considered to be spam to spam@escanav.com. After the Lab analysis of the email, we shall update our Antispam database and will be available in our next daily updates.

    NOTE: Select the "Forward as an attachment" option in your email clients to send the email.

  14. How does Client Live Updater in eScan Management Console work?

    Answer:


    The Parent/Primary server will get live event alerts, like processes executed on the client system, in the Client Live Updater tab of the eScan Management console.It will receive live alerts from:

    a. Client belonging to Parent/Primary server.
    b. Secondary/Child server
    c. Client of Secondary/Child server. (these client alert will also be available in the Secondary/Child server)


    Overall, such event alerts in a network can be viewed from Primary/Parent server.

    image



    Alerts can be customized as per the Event ID generated by Live Alert:

    • Open the Eupdate.ini file from \Program files\eScan folder and search for the below entries:
    IgnoreEventIds= 

    (This entry will stop / ignore a particular event id to be broadcasted from the client system to the eScan server. Note:-The settings should be done on the system of which the event is required to be stopped).

    eg: IgnoreEventIds= 102,152

    [The local system will not broadcast the Endpoint security (Event id=102) & File AntiVirus(Event id=152) to the eScan Server].



  15. SendOnlyEventIds=
    

    (This entry will only broadcast a particular event id to the eScan Server. Note:-The settings should be done on the system of which the event is required to be broadcasted).

    eg: SendOnlyEventIds=102,152
    The local system will broadcast only the Endpoint security (Event id=102) & File AntiVirus(Event 
    id=152)events to the eScan Server). 
    



    IgnoreEventIdsServToServ=
    

    (This entry is valid for stopping the broadcast of a particular event alerts from one eScan server to another eScan Server. For instance from a secondary eScan server to a primary eScan server. Note:-The settings should be done on the system of the eScan server of which the event is required to stopped).

    IgnoreEventIdsServToServ=102,152
    



    SendOnlyEventIdsServToServ=
    

    (This entry is valid for broadcasting a paritcular event alerts only from one eScan server to another eScan Server. Note:-The settings should be done on the local system of the eScan server of which the event is required to be broadcasted).

    SendOnlyEventIdsServToServ=102,152
    
    For multiple event id's to be added in the above entry (,)as a separator should be used.

eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers