Solved

MS Security Essentials will not update wen firewall is scanning HTTPS Traffic

Posted on 2014-01-06
5
645 Views
Last Modified: 2016-02-25
Hello Experts,

I have installed MS Security essentials on a Windows 7 computer. This computer is behind a Sophos UTM firewall.

When I update MSE Virus definitions, it works fine if I DO NOT set the firewall to scan HTTPS traffic.

But when I do set the firewall to scan for HTTPS traffic for this client the MSE Virus updates fail (Same message as if the connection was broken)

I need to scan for HTTPS so cannot NOT scan for HTTPS traffic.

Does anyone know why having the fire wall scan for HTTPS traffic would cause the MSE updates to fail??

Thanks!
0
Comment
Question by:Saxitalis
5 Comments
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 39761952
You would need to put the exception of microsoft website to let it update.

Details here:
http://windows.microsoft.com/en-US/windows-vista/Windows-Update-error-80072efd

Link need to add in HTTPS exception:
https://*.update.microsoft.com

Sudeep
0
 
LVL 19

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39762378
From:
http://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/45292-windows-update.html
If you're using the SSL scanner and transparent proxy... Thanks to [the] Flame Virus, Microsoft changed their update procedure slightly, where for some requests MITM (certificate exchange due [to] SSL scanning) isn't accepted anymore and makes windowsupdate fail.

The link above has suggestions for fixing it, but Sophos has apparently added their own fix to later versions of UTM:
http://www.astaro.org/closed-forums-read-only/utm-9-betas/utm-9-1-public-beta/46570-9-070-bug-windows-update.html
The new ISO 9.080 will deal with changing the default Windows Update exception to skip SSL scanning.

Multiple reports from customers, as well as our own internal testing, indicate that the Windows Update client fails to find available updates when SSL scanning is enabled.
0
 
LVL 23

Assisted Solution

by:DanCh99
DanCh99 earned 125 total points
ID: 39767511
You may want to reconsider using MSE as a tool, as even MS have said that it's not really up to the job any more...

http://www.howtogeek.com/173291/goodbye-microsoft-security-essentials-microsoft-now-recommends-you-use-a-third-party-antivirus/
0
 
LVL 19

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39767761
I think that MS rep has been misquoted a bit, at least quoted out of context. From the original interview:
http://www.pcpro.co.uk/news/security/384394/microsoft-security-essentials-is-designed-to-be-bottom-of-the-antivirus-rankings
Previously, Microsoft would spend resources trying to improve Security Essentials' performance in tests... The company decided to stop that practice and put its effort elsewhere... "We had this group of folks start focusing on [emerging] threats and we saw that it increased our protection service level for our customers."

In practice, it means Microsoft is focusing on tracking emerging threats and sharing that data within the security industry, saying that's a more meaningful way to protect customers...

However, Stewart said offering antivirus firms that data, and no longer focusing on how well Security Essentials does in tests, will likely leave Microsoft's antivirus at the bottom of the charts.

"We’re providing all of that data and information to our partners so they can do at least as well as we are," she said. "The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen."
So the MS rep said that they switch from focusing on test performance to real-world performance, and sharing that data with other anti-virus providers.

That said, the most recent infection I had to clean was on a PC running MSE.

Also note that MSE is technically only licensed to be used on up to 10 devices in a business. If you have more than 10 PCs, you need to switch to another antivirus software, like Microsoft's Endpoint.
http://windows.microsoft.com/en-us/windows/security-essentials-eula
Home Use. If you are a home user, then you may install and use any number of copies of the software on your personal devices for use by people who reside in your household.

Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business.

Restrictions. The software may not be used on devices owned by government or academic institutions.
0
 

Author Closing Comment

by:Saxitalis
ID: 39800469
Thanks
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now