3 Replies Latest reply on Feb 9, 2018 9:33 AM by danpalewis

    Protect 9.3 - Patch Distribution to Offline Shavlik Consoles?

    danpalewis Rookie

      Hello all!

       

      I'm going through and trying to figure out the best setup for the way our machines are. We have one Shavlik console that has internet access, and that will have to distribute patches to another domain with 5 offline consoles. What is the recommended way to set this up?

       

      I have the following thoughts or questions about this, so if you can help answer them that would be appreciated!

       

      1. Distribution Servers Tab
        1. Online Console
          1. On the online console, setup a distribution server to the offline share in the other domain?
          2. After this distribution server is set, we would schedule automatic synchronization, so that the online server would sync patches with the offline share?
        2. All offline consoles
          1. All offline consoles need this same distribution set on their end right?
          2. Do I need to set automatic synchronization here? Or is this handled with the downloads portion?
      2. Downloads Tab
        1. Offline Consoles
          1. With Distribution Servers set, I presume my download source for the offline servers now becomes the distribution server right?
          2. Do I need a scheduled automatic download schedule set here?

       

      I guess my main question is, is any of this done automatically? Or is it based off of all of the schedules? If I scan a machine at site A, will it connect to the distribution server to acquire the patch first?


      Thanks!

        • 1. Re: Protect 9.3 - Patch Distribution to Offline Shavlik Consoles?
          brian.taylor.support SupportEmployee

          Hello,

           

          I'll go ahead and use your question structure to address these rather than reassembling your questions:

           

          1. Distribution Servers Tab
            1. Online Console
              1. On the online console, setup a distribution server to the offline share in the other domain? Correct
              2. After this distribution server is set, we would schedule automatic synchronization, so that the online server would sync patches with the offline share? Correct; you'll also want to make sure to set a job to sync the core engines and definitions so all of it is available on the offline share
            2. All offline consoles
              1. All offline consoles need this same distribution set on their end right? Correct
              2. Do I need to set automatic synchronization here? Or is this handled with the downloads portion? This is handled through the Downloads portion; you can't use it as a download source if you have a sync TO it scheduled as well
          2. Downloads Tab
            1. Offline Consoles
              1. With Distribution Servers set, I presume my download source for the offline servers now becomes the distribution server right? Correct
              2. Do I need a scheduled automatic download schedule set here? This is up to you; more below

           

          Once the offline consoles have the Distribution Server set up as their download source, you can update them as often as you want.  You can have automatic updates enabled, but you don't have to if you need to more tightly control your definitions version, for instance.  As long as they have a download source defined that they can reach, you can handle that in whatever way best meets your needs.

           

          Does that help?  Is there anything else I can clarify or answer?

           

          Thanks,

          Brian

          • 2. Re: Protect 9.3 - Patch Distribution to Offline Shavlik Consoles?
            danpalewis Rookie

            Thanks for the reply Brian. I was going through and setting up the offline consoles when I ran into an issue with the firewall.

             

            I'm trying to play this out in my head, so hopefully I can type this out correctly:

             

            First, a question: Does the online server just download the patches and sync them with the distribution server? Or does the distribution server make the request for which patch the online server needs to download?

             

            If the former, then does it operate as this: Online server downloads patches (hourly, in my case), then distributes to the offline servers, and the offline servers will pick up hourly based on the core definitions / files schedule I set? Or will it download the patches as it needs them?

             

            Thanks!

            • 3. Re: Protect 9.3 - Patch Distribution to Offline Shavlik Consoles?
              danpalewis Rookie

              Brian, another question:

               

              When I set the distribution server from the online server to the offline share, do we know approximately how many files it should copy over there? There appear to be significantly less than I would expect (high 200's).

               

              Thanks!