Solved

MS Security Essentials will not update wen firewall is scanning HTTPS Traffic

Posted on 2014-01-06
5
690 Views
Last Modified: 2016-02-25
Hello Experts,

I have installed MS Security essentials on a Windows 7 computer. This computer is behind a Sophos UTM firewall.

When I update MSE Virus definitions, it works fine if I DO NOT set the firewall to scan HTTPS traffic.

But when I do set the firewall to scan for HTTPS traffic for this client the MSE Virus updates fail (Same message as if the connection was broken)

I need to scan for HTTPS so cannot NOT scan for HTTPS traffic.

Does anyone know why having the fire wall scan for HTTPS traffic would cause the MSE updates to fail??

Thanks!
0
Comment
Question by:Saxitalis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 30

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 39761952
You would need to put the exception of microsoft website to let it update.

Details here:
http://windows.microsoft.com/en-US/windows-vista/Windows-Update-error-80072efd

Link need to add in HTTPS exception:
https://*.update.microsoft.com

Sudeep
0
 
LVL 20

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39762378
From:
http://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/45292-windows-update.html
If you're using the SSL scanner and transparent proxy... Thanks to [the] Flame Virus, Microsoft changed their update procedure slightly, where for some requests MITM (certificate exchange due [to] SSL scanning) isn't accepted anymore and makes windowsupdate fail.

The link above has suggestions for fixing it, but Sophos has apparently added their own fix to later versions of UTM:
http://www.astaro.org/closed-forums-read-only/utm-9-betas/utm-9-1-public-beta/46570-9-070-bug-windows-update.html
The new ISO 9.080 will deal with changing the default Windows Update exception to skip SSL scanning.

Multiple reports from customers, as well as our own internal testing, indicate that the Windows Update client fails to find available updates when SSL scanning is enabled.
0
 
LVL 23

Assisted Solution

by:Danny Child
Danny Child earned 125 total points
ID: 39767511
You may want to reconsider using MSE as a tool, as even MS have said that it's not really up to the job any more...

http://www.howtogeek.com/173291/goodbye-microsoft-security-essentials-microsoft-now-recommends-you-use-a-third-party-antivirus/
0
 
LVL 20

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39767761
I think that MS rep has been misquoted a bit, at least quoted out of context. From the original interview:
http://www.pcpro.co.uk/news/security/384394/microsoft-security-essentials-is-designed-to-be-bottom-of-the-antivirus-rankings
Previously, Microsoft would spend resources trying to improve Security Essentials' performance in tests... The company decided to stop that practice and put its effort elsewhere... "We had this group of folks start focusing on [emerging] threats and we saw that it increased our protection service level for our customers."

In practice, it means Microsoft is focusing on tracking emerging threats and sharing that data within the security industry, saying that's a more meaningful way to protect customers...

However, Stewart said offering antivirus firms that data, and no longer focusing on how well Security Essentials does in tests, will likely leave Microsoft's antivirus at the bottom of the charts.

"We’re providing all of that data and information to our partners so they can do at least as well as we are," she said. "The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen."
So the MS rep said that they switch from focusing on test performance to real-world performance, and sharing that data with other anti-virus providers.

That said, the most recent infection I had to clean was on a PC running MSE.

Also note that MSE is technically only licensed to be used on up to 10 devices in a business. If you have more than 10 PCs, you need to switch to another antivirus software, like Microsoft's Endpoint.
http://windows.microsoft.com/en-us/windows/security-essentials-eula
Home Use. If you are a home user, then you may install and use any number of copies of the software on your personal devices for use by people who reside in your household.

Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business.

Restrictions. The software may not be used on devices owned by government or academic institutions.
0
 

Author Closing Comment

by:Saxitalis
ID: 39800469
Thanks
0

Featured Post

SuperAntiSpyware Licenses Discounted by 25% !

Exclusive offer to Experts Exchange Members!
Buy SuperAntiSpyware License(s) from us and save 25% on the regular purchase price.
- Includes Full SuperAntiSpyware Vendor Support Entitlements
- Your Subscription does not begin until you activate your license
- Buy for your friends

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
An article on effective troubleshooting
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question