Frog_1337
asked on
MS ForeFront Virus Definitions
I have been given the task of creating a script that will check the MS ForeFront virus definitions to make sure they are up to day. The problem is I cannot find where this information is stored for ForeFront. I know on our old McAfee boxes there were registry keys with the "DAT" date and version. Can someone please help
ASKER
Im sorry it is ForeFront for Exchange and TMG
You know that you can click a button on the FPE 2010 gui which displays already the status and similarly in TMG? Thought I'd ask before checking the sdk.
ASKER
Yeah, the task assigned to me is to create a script to implement an HP Openview Policy that will monitor the age of the virus definition files. This will keep us from having to log in all the time to the servers and check the gui.
I guessed you were going to say that <sighs> lol
Let me see what I can knock up.
Let me see what I can knock up.
Totally agree with Keith, you can get all needed info from the dashboard of the products as follow:
FPE2010 :
Go to the dashboard---> Go To Engine----> Chlick Show Details and this will show you the health and refresh rate of the engine.
If you want more info about every engine just click engine summary and you will get all what you need.
FPE2010-02.jpg
FPE2010 :
Go to the dashboard---> Go To Engine----> Chlick Show Details and this will show you the health and refresh rate of the engine.
If you want more info about every engine just click engine summary and you will get all what you need.
FPE2010-02.jpg
Post my comment too late :)
I've not worked previously with Open view but with FPE2010, you can set and enable email notification for engine update wheteher in success or failed status and this will make it easier.
Hope this may helps.
Hope this may helps.
ASKER
Okay where are the email notifications setup at? I am a total noob to this product! But I think if I was able to setup a success/fail email they would accept that
ASKER
Okay nevermind I need to have it run through openview which leads me back to my first question
Open the FBE2010 GUI and go to configuration then notification and enable the notification you will need to send you an email
FPE2010.jpg
FPE2010.jpg
ASKER
The openview policy I can create its just a matter of writing a vbs to parse the info and tell it what to do. I just need to find where the dates for the virus definitions are stored. I have checked the registry and cant seem to pinpoint it
All updates are gets stored on the following location: %windir%\softwaredistribut
Also, I noticed that the only dates appeared is for the data modified update file named mpam-d of the anti-malware which is updated in specific times and saved on the following location :
%windir%\softwaredistribut
Hope this may helps and will try to find out more details about your request.
Also, I noticed that the only dates appeared is for the data modified update file named mpam-d of the anti-malware which is updated in specific times and saved on the following location :
%windir%\softwaredistribut
Hope this may helps and will try to find out more details about your request.
ASKER
I still have not had any luck in findhing the virus definition dates in server 2008R2 for ForeFront for Exchange. I am about to beat my head against the wall
HKLM/SOFTWARE/MICROSOFT/MI
The preceding was for XP... should get you close
ASKER
Nothing similar to the above key I am sorry
If this doe's not apply excuse (no 2008 w/fcs available)
Try this... add an exclusion path pointing to some seldom used path, then search registry for that path.
Try this... add an exclusion path pointing to some seldom used path, then search registry for that path.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
no answer to be found as of yet
Protection for Sharepoint? For Exchange? For client? For TMG?