Advanced Settings Non-Persistent Desktops

This section shows how to configure clients manually for the Non-Persistent VDI solution in the Signature Server and Signature Server Consumers roles.

Use this approach if the "Policy Approach" is not available.

You can configure the Signature Server manually or with a script. To configure the Shared Signatures Server:

  1. Create a folder to store the shared signatures.
  2. Share the folder and grant read access to members of the Domain Computers' group.
    Note:
    On Workgroup machines, the "SYSTEM" account does not have network login rights. This configuration is not supported.
  3. Configure the value 0x01 for the key VdiSignatureServer (to configure the machine as "Shared Signatures Server"):
    • On 64-bit operating system:

      HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\Endpoint Security\Anti-Malware\VdiSignatureServer=(DWORD)0x01
    • On 32-bit operating system:

      HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\Endpoint Security\Anti-Malware\VdiSignatureServer=(DWORD)0x01
  4. Configure the path to the shared signatures folder in the key AVSharedBases:
    • On 64-bit operating system:

      HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\Endpoint Security\Anti-Malware\AVSharedBases=(SZ)"DISK:\\Path\\To\\Shared\\Folder"
    • On 32-bit operating system:

      HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\Endpoint Security\Anti-Malware\AVSharedBases=(SZ)"DISK:\\Path\\To\\Shared\\Folder"
    Important:

    If you do not configure the path, then the default shared folder is:

    C:\ProgramData\CheckPoint\Endpoint Security\Anti-Malware\bases\shared

    The default shared folder exists after the first successful update.

  5. Reboot the machine to restart the Anti-Malware blade.