If the computer uses a proxy server to connect to the Internet, you must configure the product to use the right proxy server.
This configuration is established in the Endpoint Protection console and is downloaded together with the installer, in the generalInformations.plist file.
The agent can send the following types of messages to the Endpoint Protection server:
Integration message
Message to obtain configuration policies
User validation
Status information
Detection reports
Additionally, the solution connects to its own file server to download the signature files required by the protection.
When Endpoint Protection is installed and running, the following processes will be running:
This process displays the graphical interface of the scans performed by the permanent file protection and the scheduled scans.
This process shows the “Installing Panda Endpoint Agent” window during installation. This window displays the following steps and checks them off as they are completed: connect to the server, obtain configuration, download signature files and send information to the server.
This process handles the permanent file protection scans.
This process detects malware items.
This process manages log files.
This process manages background tasks, such as scheduling.
This process manages communications with the server.
This process manages product configuration.
The integration message is sent after product installation, when the install sequence starts.
If there are any problems that prevent computer integration, the server will return an error code, and the integration progress window will display one of the following errors.
1300 - The specified client does not exist
1301 - The client's licenses have expired
1302 - The client does not have sufficient licenses
1303 - The administration agent version is no longer supported
1304 - The group of computers no longer exists
1305 - The maximum number of installations per group has been exceeded
1298 - Integration error
Every 12 hours, the system checks to see if the status information has changed. If it has, it will send the report. Even if the information hasn't changed, the solution will send at least a status message every day.
The solution sends full status reports only, not reduced reports.
The format of the status message is the same as for the protection for Windows and Linux computers.
User validation follows the same logic as with Windows computers. The frequency of checks against the server depends on the computer situation:
Every 15 days, when there are over 30 days left before license expiration.
Every time the validation process is run, during the 30 days before and after the license expiration date.
Every 5 days if more than 30 days have passed from the expiration date and during 165 days after the expiration date.
Every 5 days if the computer is on the blacklist.
There is no user validation if more than 165 days have passed since the expiration date.
If the user is invalid or the computer is on the blacklist, Endpoint Protection won’t be able to operate normally, that is, it won’t be possible to send messages to the server or update the signature files. Only if the user becomes valid again will the system be able to recover normal operation.
The solution checks to see if there has been a change in the policies every 4 hours by default.
The protection for OS X uses its own signature file system. The product updates the signature files it needs automatically.
The solution checks to see every hour if the signature files need updating.