Signature Redistribution Jobs

  • Article

 

The signature redistribution job is used to deploy antimalware engine and signature updates, and antispam engine updates. These updates can be applied to all of the servers, or selected servers, in an environment. The most efficient way to update engine signatures on all your servers is to create a redistribution job to download them to the FPSMC, which will act as a single staging server. The FPSMC is then used as the retrieval point for all the other servers in the environment.

Running a signature redistribution job to update an engine on a server that does not contain that engine will not update the engine on that server. For example, a job that updates the Worm List engine on both FPE and FPSP servers will only update the Worm List engine on the FPE servers and not on the FPSP servers, as Worm List is not a recognized engine for FPSP. FPSMC will only support Kaspersky 8 updates. To enable Kaspersky 8 updates on FPE servers via FPSMC, either FPE RU1 with the LocalEngineMapping.cab file or FPE RU2 must be installed on the managed FPE server. FPE RU1 can be downloaded at Description of Hotfix Rollup 1 for Microsoft Forefront Protection for Exchange (https://go.microsoft.com/fwlink/?LinkId=204710) and the LocalEngineMapping.cab can be downloaded from How to enable the Kaspersky 8 engine for Forefront Protection for Exchange hotfix rollup 1 and Forefront Protection for SharePoint (https://support.microsoft.com/kb/2284024). Also, The Cloudmark Antispam engine pulls its updates directly from the Internet. If Cloudmark is enabled on an FPE server and the FPE server requires proxy information to access the internet, the FPE server must be configured with these proxy settings even though FPSMC is being used to redistribute all of the Engine and definition signature updates.

Note

On the server running FPSMC, engines are downloaded to C:\Program Files\Forefront Protection Server Management\Services\Redistribution\Cache\Engines.

To create a Signature Redistribution job

  1. Click Jobs, located in the Navigation Area under Job Management, to open the Jobs work pane.

  2. Select Signature Redistribution Jobs in the Jobs list.

  3. Click Create. The Signature Redistribution Job pane opens.

  4. Enter a name for the job in the Job name field.

  5. To configure the job to run on a set schedule, confirm that Schedule job is selected and indicate the frequency and start time. If you clear the Schedule job selection, you must manually run the job.

    Warning

    Multiple redistribution jobs must be configured to run at different times. If multiple redistribution jobs are scheduled for the same time, only one job will run and the others will fail due to a download timeout.

  6. Enter the email address of anyone who should receive the success or failure notification following the redistribution and click Add. Repeat this step for additional email addresses. For each email address you can choose to Edit, Delete, and Test the address. To change the email address click Edit, make your changes, and then click Update.

    Note

    You must configure the SMTP Server Settings in the Global Configuration work pane before you can test email addresses and before notifications are sent. For more information, see Configuring Global Configuration Settings

  7. Click Next. The Signature Redistribution Job Engine Selection pane appears.

  8. Select the engines for which the job will download signatures. You may update all of your engines using one job, create a different job to update each engine, or create multiple jobs to update various combinations of engines. The engine designations in the Name column are those that you would see in the notification logs. By default, no engines are selected.

  9. Click Next. The Assign Job work pane appears.

  10. Select the servers and server groups that the job will run on and click Finish. The new job will appear in the Signature Redistribution Jobs list.

    Important

    When you create a signature redistribution job for a server with only the Mailbox server role installed, do not select the Cloudmark engine. If an update job that includes the Cloudmark engine is run on a Mailbox-only server, the job will fail on that server, and no other engines associated with that job will update. Note that the failure will be on that server only, and for that job only. Additionally, jobs that target FPSP should not include the Cloudmark engine or WormList engine, as these are not applicable to FPSP.

You should also specify the main signature download location and, if necessary, the proxy information in the Download Configuration section of the Global Configuration work pane. For more information about setting the download location, see Configuring Global Configuration Settings.

Note

When you set up a signature redistribution job, the installed FPSMC agent on each FPE and FPSP server controls the URL where updates are retrieved from the FPSMC server. You do not have to configure this manually.
If your FPE and FPSP servers have internet access, you can create a fail-safe mechanism, in the case where the FPSMC server is unavailable, by not changing their default update URL and setting each server’s update frequency to once a day.

Once you have created a signature redistribution job you can edit it, copy it, delete it, run it, and check its status in the notification logs.