The local installation and update processes in Endpoint Protection (walupg and walupd*) use a certain logic to detect whether the necessary installation or update files are available on another agent on the network.
This way, the solution will get the installation or update files from another computer on the network instead of downloading them from the Internet. This logic is known as P2P functionality, or rumor, and its main objective is to reduce bandwidth consumption.
The local installation and update processes are:
walupg: Local process for installing and upgrading the protection.
walupd: Local process for updating the signature files.
When a Windows computer downloads a file from the Internet, it can serve it to other computers so that they don’t need to connect to the Internet to get it.
When the computer finishes updating the virus signature file or the protection, it broadcasts information about the available files to the other computers on the network.
When a computer needs a file, it will first try to obtain it using P2P. If this fails, it will try to download it from the Internet.
For a computer to serve files to other computers via P2P, it must have at least 128 MB of RAM.
The Endpoint Protection Windows agent includes proxy functionality, which allows the solution to work on computers without access to the Internet. This feature lets the solution access the Internet through an agent installed on another computer with an Internet connection.
To act as a proxy for other agents, the computer must meet the following requirements: Have at least 128 MB of RAM and a direct Internet connection. Additionally, the computer must not be blacklisted and the installation sequence must have finished.
This system will only be used when it is not possible to access the Internet directly.
The agent detects it cannot access the Internet, and broadcasts a request to find the computers that can act as a proxy.
These computers are listed in a file called Proxy.dat (with a maximum of 10 computers).
The next time the agent cannot access the Internet directly, it will try the first computer on the list.
Every request sent to the Proxy.dat file will be addressed at a different computer, to avoid using the same computer all the time.
Also, proxies have an availability indicator. When an agent on the proxy list cannot be accessed, its level of availability will decrease. The initial availability value is 3. Once it reaches 0 the computer is removed from the Proxy.dat list.
If you want all access to the Internet to be made through a specific computer chosen by the administrator, instead of dynamically through certain computers, the communications agent offers the possibility to specify which computer you want to act as a proxy.
The computer that acts as a static proxy must meet the following requirements:
It must have an agent installed (version 6.0 or later).
It must have direct Internet access.
It must have at least 128 MB of RAM.
It must have established a connection to the server in the last 72 hours.
The computer must not be blacklisted and the protection installation sequence must have finished.
If, at any time, the computer set to work as a static proxy ceases to meet some of the requirements to act as such, the proxy option will be disabled in the console, the name of the computer will disappear, and a message will be displayed indicating the requirement that was not fulfilled.
You can select another computer to work as a static proxy.
If a computer stops acting as a static proxy because it has been blacklisted, but is then whitelisted, it must be configured again to work as a static proxy so that all communications with the server pass through it.
To configure a static proxy, go to Edit profile – Advanced settings (Settings > Profiles (select a profile) > Windows and Linux > Advanced settings > Server connection settings)