McAfee TSA00M005PAA - Total Protection Service Product Manual page 23

Using the Client Software
Types of client software updates
Type of update
Automatic updates
Manual updates
Outbreak updates
Updates when no user is logged
on
McAfee Total Protection Service Product Guide
Description
The software on each client computer automatically connects to the Internet
directly or through a relay server and checks for updated components. Total
Protection Service checks for updates five minutes after a user logs on and at
regular intervals thereafter. For example:
• If a computer is normally connected to the network all the time, it checks
for updates at regular intervals throughout the day.
• If a computer normally connects to the network each morning, it checks
for new updates five minutes after the user logs on each day, then at
regular intervals throughout the day.
• If a computer uses a dial-up connection, the computer checks for new
updates five minutes after dialing in, then at regular intervals throughout
the day.
By default, computers check for new updates every 12 hours. You can change
this interval by configuring a policy setting.
NOTE: Automatic updates do not work:
• On computers where a CHAP or NTML proxy is set up in Internet Explorer.
• When no user is logged on to a computer without an Internet connection
that receives updates using a relay server.
Pre-installed and CD-based versions of Total Protection Service need to be
activated before automatic updates occur. See the online user help for more
information.
At times, users might want to check for updates manually. For example, when
a computer appears to be out-of-date in your administrative reports, users might
need to update manually as part of the troubleshooting process.
When an outbreak is identified by McAfee Avert Labs, they issue an outbreak
DAT, which is a special detection definition (DAT) file marked as Medium or
High importance. It is specially encoded to inform the first computer receiving
it to share the update immediately with other client computers on the network.
NOTE: In rare cases, McAfee might send an EXTRA.DAT file with instructions for
manually installing it.
For maximum protection, configure your policies to check for an outbreak DAT
file every hour. This feature is enabled by default.
In most scenarios, Total Protection Service supports terminal servers and the
Windows fast user switching feature. When an update occurs, one session is
designated as the primary update session. A pseudo user is defined, which
enables automatic updates to occur on computers where no user is logged on.
For certain configurations, automatic updates cannot occur. Total Protection
Service cannot create the pseudo user when:
• The computer is a domain controller.
• Local security policies, including password restrictions, prevent the user's
creation.
• The computer receives updates through a relay server and no one is logged
on.
When the pseudo user cannot be created, automatic updates do not occur. The
pseudo user also cannot update if the computer is behind an authenticating
proxy server or on computers where a CHAP or NTML proxy is set up in Internet
Explorer.
23