Solved

MS Security Essentials will not update wen firewall is scanning HTTPS Traffic

Posted on 2014-01-06
5
660 Views
Last Modified: 2016-02-25
Hello Experts,

I have installed MS Security essentials on a Windows 7 computer. This computer is behind a Sophos UTM firewall.

When I update MSE Virus definitions, it works fine if I DO NOT set the firewall to scan HTTPS traffic.

But when I do set the firewall to scan for HTTPS traffic for this client the MSE Virus updates fail (Same message as if the connection was broken)

I need to scan for HTTPS so cannot NOT scan for HTTPS traffic.

Does anyone know why having the fire wall scan for HTTPS traffic would cause the MSE updates to fail??

Thanks!
0
Comment
Question by:Saxitalis
5 Comments
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 39761952
You would need to put the exception of microsoft website to let it update.

Details here:
http://windows.microsoft.com/en-US/windows-vista/Windows-Update-error-80072efd

Link need to add in HTTPS exception:
https://*.update.microsoft.com

Sudeep
0
 
LVL 19

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39762378
From:
http://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/45292-windows-update.html
If you're using the SSL scanner and transparent proxy... Thanks to [the] Flame Virus, Microsoft changed their update procedure slightly, where for some requests MITM (certificate exchange due [to] SSL scanning) isn't accepted anymore and makes windowsupdate fail.

The link above has suggestions for fixing it, but Sophos has apparently added their own fix to later versions of UTM:
http://www.astaro.org/closed-forums-read-only/utm-9-betas/utm-9-1-public-beta/46570-9-070-bug-windows-update.html
The new ISO 9.080 will deal with changing the default Windows Update exception to skip SSL scanning.

Multiple reports from customers, as well as our own internal testing, indicate that the Windows Update client fails to find available updates when SSL scanning is enabled.
0
 
LVL 23

Assisted Solution

by:Danny Child
Danny Child earned 125 total points
ID: 39767511
You may want to reconsider using MSE as a tool, as even MS have said that it's not really up to the job any more...

http://www.howtogeek.com/173291/goodbye-microsoft-security-essentials-microsoft-now-recommends-you-use-a-third-party-antivirus/
0
 
LVL 19

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39767761
I think that MS rep has been misquoted a bit, at least quoted out of context. From the original interview:
http://www.pcpro.co.uk/news/security/384394/microsoft-security-essentials-is-designed-to-be-bottom-of-the-antivirus-rankings
Previously, Microsoft would spend resources trying to improve Security Essentials' performance in tests... The company decided to stop that practice and put its effort elsewhere... "We had this group of folks start focusing on [emerging] threats and we saw that it increased our protection service level for our customers."

In practice, it means Microsoft is focusing on tracking emerging threats and sharing that data within the security industry, saying that's a more meaningful way to protect customers...

However, Stewart said offering antivirus firms that data, and no longer focusing on how well Security Essentials does in tests, will likely leave Microsoft's antivirus at the bottom of the charts.

"We’re providing all of that data and information to our partners so they can do at least as well as we are," she said. "The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen."
So the MS rep said that they switch from focusing on test performance to real-world performance, and sharing that data with other anti-virus providers.

That said, the most recent infection I had to clean was on a PC running MSE.

Also note that MSE is technically only licensed to be used on up to 10 devices in a business. If you have more than 10 PCs, you need to switch to another antivirus software, like Microsoft's Endpoint.
http://windows.microsoft.com/en-us/windows/security-essentials-eula
Home Use. If you are a home user, then you may install and use any number of copies of the software on your personal devices for use by people who reside in your household.

Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business.

Restrictions. The software may not be used on devices owned by government or academic institutions.
0
 

Author Closing Comment

by:Saxitalis
ID: 39800469
Thanks
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
wondershare 17 56
How do I stop a PC from shutting down 6 41
Shutdown Inactive Server- Script 4 18
Driver Error when Starting Win 7 Setup 28 47
You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
How to record audio from input sources to your PC – connected devices, connected preamp to record vinyl discs, streaming media, that play through your audio card: Vista, Windows 7, Windows 8, Windows 8.1 and Windows 10 – both 32 bit & 64.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question