簡介
本文檔介紹如何手動更新思科郵件安全裝置(ESA)的防病毒流程。
如何立即強制下載Sophos或McAfee防病毒更新?
雖然防病毒更新按照裝置服務更新的配置定期進行,但如果您在等待更新,則可以自行啟動防病毒更新。 依預設,更新程式服務會每五分鐘檢查一次更新。 Cisco建議將此設定保留為預設更新間隔。
您可以透過GUI Security Services > Service Updates檢視裝置服務更新。 從CLI運行updateconfig。 這將列為更新間隔。
要直接更新防病毒程式,請選擇以下方法之一:
GUI
從GUI中可以從Security Services > Anti-Virus啟動更新,然後選擇Sophos或McAfee。 在當前防病毒檔案表中,按一下立即更新按鈕。
例如,使用Sophos防病毒:
CLI
從CLI中,可以使用CLI命令antivirusupdate立即啟動病毒更新,並選擇您獲得許可的防病毒過程:sophos或mcafee。
> antivirusupdate
Choose the operation you want to perform:
- MCAFEE - Request updates for McAfee Anti-Virus
- SOPHOS - Request updates for Sophos Anti-Virus
[]> sophos
Requesting check for new Sophos Anti-Virus updates.
在CLI中,還可以透過antivirusupdate force命令強制執行完整更新。 完整的更新是指當ESA聯絡思科更新伺服器並拉出完整且最新的IDE,同時拉出完整且最新的防病毒引擎,然後在裝置後台重新應用此更新。
> antivirusupdate force
Sophos Anti-Virus updates:
Requesting forced update of Sophos Anti-Virus.
McAfee Anti-Virus updates:
Requesting update of virus definitions
驗證
您可以從ESA上的CLI檢視我運行的防病毒更新tail updater_logs的進程。這可以確保裝置與Cisco更新伺服器和清單的通訊,並允許您檢視更新完成。
Wed Jul 23 09:38:58 2014 Info: Server manifest specified an update for sophos
Wed Jul 23 09:38:58 2014 Info: sophos was signalled to start a new update
Wed Jul 23 09:38:58 2014 Info: sophos processing files from the server manifest
Wed Jul 23 09:38:58 2014 Info: sophos started downloading files
Wed Jul 23 09:38:58 2014 Info: sophos waiting on download lock
Wed Jul 23 09:38:58 2014 Info: sophos acquired download lock
Wed Jul 23 09:38:58 2014 Info: sophos beginning download of remote file
"http://updates.ironport.com/sophos/ide/1406116201"
Wed Jul 23 09:39:03 2014 Info: sophos released download lock
Wed Jul 23 09:39:03 2014 Info: sophos successfully downloaded file "sophos/ide/1406116201"
Wed Jul 23 09:39:04 2014 Info: sophos waiting on download lock
Wed Jul 23 09:39:04 2014 Info: sophos acquired download lock
Wed Jul 23 09:39:04 2014 Info: sophos beginning download of remote file
"http://updates.ironport.com/sophos/libsavi/1402438439"
Wed Jul 23 09:41:07 2014 Info: sophos released download lock
Wed Jul 23 09:41:07 2014 Info: sophos successfully downloaded file
"sophos/libsavi/1402438439"
Wed Jul 23 09:41:07 2014 Info: sophos started applying files
Wed Jul 23 09:41:08 2014 Info: sophos updating component ide
Wed Jul 23 09:41:12 2014 Info: sophos updating component libsavi
Wed Jul 23 09:41:12 2014 Info: sophos updated engine,ide links successfully
Wed Jul 23 09:41:12 2014 Info: sophos cleaning up base dir /data/third_party/sophos
Wed Jul 23 09:41:12 2014 Info: sophos sending version details {'sophos': {'version': '5.01',
'ide': '2014072303'}} to hermes
Wed Jul 23 09:41:13 2014 Info: sophos verifying applied files
Wed Jul 23 09:41:13 2014 Info: sophos updating the client manifest
Wed Jul 23 09:41:13 2014 Info: sophos update completed
Wed Jul 23 09:41:13 2014 Info: sophos waiting for new updates
您將需要確保看到上面突出顯示的行,這些行將指示請求的防病毒更新請求和更新的成功。
思科鼓勵啟用Sophos防病毒掃描的客戶在Sophos站點(即http://www.sophos.com/virusinfo/notifications/)訂購Sophos警報。直接訂閱接收Sophos的警報可確保您瞭解最新的病毒爆發及其可用的解決方案。
相關資訊