Solved

MS Security Essentials will not update wen firewall is scanning HTTPS Traffic

Posted on 2014-01-06
5
653 Views
Last Modified: 2016-02-25
Hello Experts,

I have installed MS Security essentials on a Windows 7 computer. This computer is behind a Sophos UTM firewall.

When I update MSE Virus definitions, it works fine if I DO NOT set the firewall to scan HTTPS traffic.

But when I do set the firewall to scan for HTTPS traffic for this client the MSE Virus updates fail (Same message as if the connection was broken)

I need to scan for HTTPS so cannot NOT scan for HTTPS traffic.

Does anyone know why having the fire wall scan for HTTPS traffic would cause the MSE updates to fail??

Thanks!
0
Comment
Question by:Saxitalis
5 Comments
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 39761952
You would need to put the exception of microsoft website to let it update.

Details here:
http://windows.microsoft.com/en-US/windows-vista/Windows-Update-error-80072efd

Link need to add in HTTPS exception:
https://*.update.microsoft.com

Sudeep
0
 
LVL 19

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39762378
From:
http://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/45292-windows-update.html
If you're using the SSL scanner and transparent proxy... Thanks to [the] Flame Virus, Microsoft changed their update procedure slightly, where for some requests MITM (certificate exchange due [to] SSL scanning) isn't accepted anymore and makes windowsupdate fail.

The link above has suggestions for fixing it, but Sophos has apparently added their own fix to later versions of UTM:
http://www.astaro.org/closed-forums-read-only/utm-9-betas/utm-9-1-public-beta/46570-9-070-bug-windows-update.html
The new ISO 9.080 will deal with changing the default Windows Update exception to skip SSL scanning.

Multiple reports from customers, as well as our own internal testing, indicate that the Windows Update client fails to find available updates when SSL scanning is enabled.
0
 
LVL 23

Assisted Solution

by:Danny Child
Danny Child earned 125 total points
ID: 39767511
You may want to reconsider using MSE as a tool, as even MS have said that it's not really up to the job any more...

http://www.howtogeek.com/173291/goodbye-microsoft-security-essentials-microsoft-now-recommends-you-use-a-third-party-antivirus/
0
 
LVL 19

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39767761
I think that MS rep has been misquoted a bit, at least quoted out of context. From the original interview:
http://www.pcpro.co.uk/news/security/384394/microsoft-security-essentials-is-designed-to-be-bottom-of-the-antivirus-rankings
Previously, Microsoft would spend resources trying to improve Security Essentials' performance in tests... The company decided to stop that practice and put its effort elsewhere... "We had this group of folks start focusing on [emerging] threats and we saw that it increased our protection service level for our customers."

In practice, it means Microsoft is focusing on tracking emerging threats and sharing that data within the security industry, saying that's a more meaningful way to protect customers...

However, Stewart said offering antivirus firms that data, and no longer focusing on how well Security Essentials does in tests, will likely leave Microsoft's antivirus at the bottom of the charts.

"We’re providing all of that data and information to our partners so they can do at least as well as we are," she said. "The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen."
So the MS rep said that they switch from focusing on test performance to real-world performance, and sharing that data with other anti-virus providers.

That said, the most recent infection I had to clean was on a PC running MSE.

Also note that MSE is technically only licensed to be used on up to 10 devices in a business. If you have more than 10 PCs, you need to switch to another antivirus software, like Microsoft's Endpoint.
http://windows.microsoft.com/en-us/windows/security-essentials-eula
Home Use. If you are a home user, then you may install and use any number of copies of the software on your personal devices for use by people who reside in your household.

Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business.

Restrictions. The software may not be used on devices owned by government or academic institutions.
0
 

Author Closing Comment

by:Saxitalis
ID: 39800469
Thanks
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
OfficeMate Freezes on login or does not load after login credentials are input.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now