Solved

MS Security Essentials will not update wen firewall is scanning HTTPS Traffic

Posted on 2014-01-06
5
665 Views
Last Modified: 2016-02-25
Hello Experts,

I have installed MS Security essentials on a Windows 7 computer. This computer is behind a Sophos UTM firewall.

When I update MSE Virus definitions, it works fine if I DO NOT set the firewall to scan HTTPS traffic.

But when I do set the firewall to scan for HTTPS traffic for this client the MSE Virus updates fail (Same message as if the connection was broken)

I need to scan for HTTPS so cannot NOT scan for HTTPS traffic.

Does anyone know why having the fire wall scan for HTTPS traffic would cause the MSE updates to fail??

Thanks!
0
Comment
Question by:Saxitalis
5 Comments
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 125 total points
ID: 39761952
You would need to put the exception of microsoft website to let it update.

Details here:
http://windows.microsoft.com/en-US/windows-vista/Windows-Update-error-80072efd

Link need to add in HTTPS exception:
https://*.update.microsoft.com

Sudeep
0
 
LVL 20

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39762378
From:
http://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/45292-windows-update.html
If you're using the SSL scanner and transparent proxy... Thanks to [the] Flame Virus, Microsoft changed their update procedure slightly, where for some requests MITM (certificate exchange due [to] SSL scanning) isn't accepted anymore and makes windowsupdate fail.

The link above has suggestions for fixing it, but Sophos has apparently added their own fix to later versions of UTM:
http://www.astaro.org/closed-forums-read-only/utm-9-betas/utm-9-1-public-beta/46570-9-070-bug-windows-update.html
The new ISO 9.080 will deal with changing the default Windows Update exception to skip SSL scanning.

Multiple reports from customers, as well as our own internal testing, indicate that the Windows Update client fails to find available updates when SSL scanning is enabled.
0
 
LVL 23

Assisted Solution

by:Danny Child
Danny Child earned 125 total points
ID: 39767511
You may want to reconsider using MSE as a tool, as even MS have said that it's not really up to the job any more...

http://www.howtogeek.com/173291/goodbye-microsoft-security-essentials-microsoft-now-recommends-you-use-a-third-party-antivirus/
0
 
LVL 20

Assisted Solution

by:marsilies
marsilies earned 250 total points
ID: 39767761
I think that MS rep has been misquoted a bit, at least quoted out of context. From the original interview:
http://www.pcpro.co.uk/news/security/384394/microsoft-security-essentials-is-designed-to-be-bottom-of-the-antivirus-rankings
Previously, Microsoft would spend resources trying to improve Security Essentials' performance in tests... The company decided to stop that practice and put its effort elsewhere... "We had this group of folks start focusing on [emerging] threats and we saw that it increased our protection service level for our customers."

In practice, it means Microsoft is focusing on tracking emerging threats and sharing that data within the security industry, saying that's a more meaningful way to protect customers...

However, Stewart said offering antivirus firms that data, and no longer focusing on how well Security Essentials does in tests, will likely leave Microsoft's antivirus at the bottom of the charts.

"We’re providing all of that data and information to our partners so they can do at least as well as we are," she said. "The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen."
So the MS rep said that they switch from focusing on test performance to real-world performance, and sharing that data with other anti-virus providers.

That said, the most recent infection I had to clean was on a PC running MSE.

Also note that MSE is technically only licensed to be used on up to 10 devices in a business. If you have more than 10 PCs, you need to switch to another antivirus software, like Microsoft's Endpoint.
http://windows.microsoft.com/en-us/windows/security-essentials-eula
Home Use. If you are a home user, then you may install and use any number of copies of the software on your personal devices for use by people who reside in your household.

Small Business. If you operate a small business, then you may install and use the software on up to ten (10) devices in your business.

Restrictions. The software may not be used on devices owned by government or academic institutions.
0
 

Author Closing Comment

by:Saxitalis
ID: 39800469
Thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question