Malware Signature Updates

Anti-Malware gets malware signature updates at regular intervals to make sure that it can scan for the newest threats.

These actions define the frequency of the signature updates and the source.

Action

Description

Check for malware signature updates every 4 hours

Signature updates occur every 4 hours from the Endpoint Policy Server and Check Point server.

Check for malware signature updates every 2 hours

Signature updates occur every 2 hours from the Endpoint Policy Server and Check Point server.

Double-click an Action to edit the Properties.

You can change these settings:

  • Check for updates every - Frequency, in hours, between client requests for malware signatures and scanning for engine updates.

  • Signature update will fail after - The connection timeout, after which the update source is considered unavailable.

  • Update Signatures From - The server or servers that the client gets updates from.

    • Signature Source:

      • External Check Point Signatures Server - Get updates from a dedicated, external Check Point server through the internet.

      • Local Endpoint Servers - Get updates from the Endpoint Security Management Server or configured Endpoint Policy Server.

      • Other External source - Get updates from an external source through the internet. Enter the URL.

      • Shared Signature Source - Get updates from a shared location on an Endpoint Security client that acts as a Shared Signature Server. This makes it possible to protect non-persistent virtual desktops in Virtual Desktop Infrastructure (VDI) environments. Each non-persistent virtual desktop runs an Endpoint Security Client, and gets the Anti-Malware signatures from a shared folder on the Shared Signature Server that is a persistent virtual machine. To learn more, see Shared Signature Server for Anti-Malware

    • If first update fails - Set a fallback update source to use if the selected update source fails. Select a different option than the first signature source.

    • If second update fails - Set a second fallback update source to use if the other sources fail.

Note - If only Update from Local Endpoint Servers is selected, clients that are disconnected from an Endpoint Security server cannot get updates.