Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 7228 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IDE column and Definition verification

SheilaNewman

What is the IDE under the Tamper protection column. I am looking for a reliable way to verify that the Virus definitions on our pc are in fact the most current version. I have been unable to get a good gasp on the downloading the file name, size, and other details, how does this verify the current version unless the file name changes every time there is a new update. Any good explanations out there?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    Can I ask what you mean by:

    What is the IDE under the Tamper protection column

    Where are you looking?  At the client, in the database, in SEC?

    Are you trying to understand up to dateness from a SEC/DB point of view or from the client?  

    Regards,

    Jak

  • 0 in reply to jak

    QC is correct. What is that number identifying. Is there anyway (or thought) that Sophos could update the console with an Identifier for the current definitions that would show on the console. It seems somewhat inefficient to have to compare file properties instead of just using to Admin console.

  • 0 in reply to SheilaNewman

    The number presented under the IDEs column is a count of .ide files on the endpoint. These are the identities the clients download through the day.  The ide list is sent up from the client in a status message and the ide count is calculated on the server side.  This same status message fills in other information such as SAV Version, Detection Data, Virus Engine; essentially what you see in SEC.

    I guess it's the union of all these fields that gives you a single reference point with regard to the protection version.

    The up to dateness you see in SEC is, in effect, a comparison between what SUM has downloaded to the distribution points and what the clients are reporting back to SEC. Are you saying you don't trust the up to dateness status in SEC?  

    Are you trying to get this data out of the SEC database and into another system?

    There is no "number' hosted centrally, say on Sophos.com representing the latest combination that you can compare an endpoint to.

    Regards,

    Jak

Reply
  • 0 in reply to SheilaNewman

    The number presented under the IDEs column is a count of .ide files on the endpoint. These are the identities the clients download through the day.  The ide list is sent up from the client in a status message and the ide count is calculated on the server side.  This same status message fills in other information such as SAV Version, Detection Data, Virus Engine; essentially what you see in SEC.

    I guess it's the union of all these fields that gives you a single reference point with regard to the protection version.

    The up to dateness you see in SEC is, in effect, a comparison between what SUM has downloaded to the distribution points and what the clients are reporting back to SEC. Are you saying you don't trust the up to dateness status in SEC?  

    Are you trying to get this data out of the SEC database and into another system?

    There is no "number' hosted centrally, say on Sophos.com representing the latest combination that you can compare an endpoint to.

    Regards,

    Jak

Children
No Data
Unfiltered HTML