Hi there,
I'm starting to move things over from Endpoint protection to Avast For Business. Seem to be stuck on Mirror settings. I'm using the on-prem Management Console.
- I installed the AfB Management Console on the same server (we'll call it SERV01) currently running the Endpoint Protection console. Check.
- The first machine I installed the Client on was my own workstation (we'll call it PC01). I uninstalled Endpoint Protection on PC01, then installed AfB Agent using the offline installer generated through the AfB console. PC01 is in the correct client group and shows as online in the AfB console. Check.
- PC01 is unable to get definition updates. This is expected because my Fortinet firewall blocks Avast activity through AppSensor on my clients because I will have about 100 client PCs and want them to use an internal Mirror.
- I RTFM about mirrors. On SERV01 I uninstall the Endpoint Protection client and install AfB Agent. SERV01 shows online in the AfB console in the proper client group. On SERV01 I turn on the option for Local Update Server. I designate all of the other groups to use this mirror. Verify that none of the device settings are pending my clicking "apply." Check
- I wait some time, then on PC01 I try to update definitions through AfB agent. Still can't reach server.
- I review C:\Program Files (x86)\AVAST Software\Business Agent\log.txt on PC01 and SERV01 both. I see nothing indicating that PC01 was going out to SERV01 in it's attempt to get updates.
- For giggles, I open a web browser on PC01 and enter http://[SERV01_IP]:4158/. Of course nothing loads. But, when I review log.txt on SERV01 I can see the attempted connection from PC01. This tells me that it's not my network, rather PC01 doesn't seem to know yet that it is supposed to use the mirror
I have some questions around all this
? First, when I change device settings through the on-prem AfB Mgmt Console, how do the changes get to the Clients? Is it pushed from the console or pulled by the client? How often? Does the client talk directly to the local console?
? Second, if I add the mirror option to my environment after I've deployed the agent, does that mean my clients have to re-install the agent to utilize the mirror? If so, that's pretty inefficient.
? Third, How do I tell on the local client that it is using a mirror, is there an ini file or something somewhere on the client machine that points to the ip of the mirror?
? Fourth, the manual doesn't talk much about the mechanics of the mirror. Where on my server are the files for the mirror stored? It didn't prompt me for the location. I have an OS partition and a Data partition. Naturally I would want the mirror files on the Data partition.
? Fifth, with an on-prem AfB Console, and an on-prem mirror--do I need to allow my clients to communicate with avast.com in my firewall? Or in this scenario is all communication to Avast through the server running the AfB console?
? Lastly, email notifications--even if I make the SMTP settings in the AfB console *exactly* match the SMTP settings in the Endpoint Protection console (which function correctly), for some reason AfB says the SMTP test fails with no other helpful text. Is this failure logged somewhere so I can see what failed?