How to use Patch and Compliance Manager to Manage Ivanti Antivirus and Other Antivirus Vendor Software

Version 15

    Verified Product Versions

    LANDESK Management Suite 9.6LANDESK Management Suite 2016.xLANDESK Endpoint Manager 2017.x

    Description

     

    Using Ivanti Security Suite, you have the ability to manage Antivirus software from various vendors.    This includes ensuring the following:

     

    • Ensure virus scanner is installed
    • Ensure real-time scanning engine is enabled
    • Ensure antivirus pattern files are up to date.

     

    The following Antivirus software is fully supported including updating Pattern files updates (business versions only):

     

    Ivanti Security Suite can also ensure that a virus scanner is installed and that a real-time scanning engine is enabled for the following products, but cannot provide pattern files:

     

    When downloading 3rd-party (Non-Ivanti) Antivirus updates within Patch Manager, you must first accept an agreement that you own and are adequately licensed for the software you are downloading updates for.

     

    There are various Antivirus definitions within Patch Content that can be used to help manage the Antivirus programs in your environment.  These definitions serve various purposes.

     

                  (Click either image for full-size)

    AV-1XX definitions.png AV-1XX-Sorted by Title.png

              Sorted by ID                    Sorted by Title

     

    Currently, as of this writing, Ivanti Patch and Compliance Manager can manage

     

    • Avast
    • AVG
    • Avira
    • Bitdefender
    • Bullguard
    • eScan
    • Eset
    • Gdata
    • Kaspersky
    • McAfee
    • Microsoft Forefront
    • Microsoft Windows Defender
    • Panda
    • Shavlik
    • Sophos
    • Symantec
    • Trend Micro
    • VIPRE

     

    AV-100 will check to see if there is a virus scanner installed.  (All supported Antivirus vendors).

    AV-101 will check to see if the real-time scanning engine is enabled.  (All supported Antivirus vendors).

     

    The following "DATEDIFF" definitions check to see if the vendor's pattern files are up to date within the last N days (As can be specified in the Custom Variables tab within the definition properties).

    AVDateDiff.png

    Note: additional supported Antivirus software may be added prior to this document being updated.   Always view your list to see if there is anything new, or contact LANDESK Support.

     

    If the pattern files are out of date, they can be downloaded and applied using Ivanti Endpoint Manager  These can be set to autofix to ensure that Patch and Compliance Manager checks and downloads updated pattern files as soon as they fall out of date.

     

     

    The vulnerability scan category "Antivirus Updates" must be enabled in the Scan Options tab of the Distribution and Patch settings for these definitions to be operational.

     

    Note: LDAVHLPR.DLL is used as an add-on to the Vulnerability Scanner and Inventory scanner to gather Antivirus information from end clients.  It is possible when vendors update their product that LDAVHLPR.DLL will need to be updated to accurately gather information.  This updated LDAVHLPR.DLL is typically made available in the Ivanti Updates category within Patch and Compliance Manager.  If the information is not gathered correctly, contact Ivanti support.