How to configure regular Ivanti Antivirus Pattern File updates

Version 9

    Verified Product Versions

    LANDESK Management Suite 9.6LANDESK Management Suite 2016.xLANDESK Endpoint Manager 2017.x

    Introduction

     

    This article will discuss the methods that can be used to set a regular schedule to update the client pattern files for Ivanti Antivirus.  Several methods are discussed.  This also addresses using Patch Manager to ensure your pattern files are up to date.

     

    In order for Ivanti Antivirus to be most effective, the Core Server and Clients must be configured to update the Antivirus pattern files regularly.

     

    This article discusses these steps.

     

    Configuring scheduled pattern file updates on the LANDESK Core Server

    1. Within the Ivanti Endpoint Manager console, open the Patch and Compliance tool from within the Security and Compliance tool group
    2. Select the Download Updates button in the Patch and Compliance tooolbar.
      DownloadUpdatesToolbarButton.png
    3. Select --> Windows --> Security --> Antivirus --> Ivanti Antivirus Updates --> Ivanti AV 10 (or older if you are still using that)
    4. Ensure that no other categories are selected in the tree.
    5. Click "Schedule Download".  This will open a "Scheduled update information" window listing "Ivanti Antivirus Updates" and "Ivanti AV 10.0".  If this window lists content from any other categories, close the window, go back to the tree list of definition content types and remove the undesired content.
    6. Give the task name something more intuitive such as "Ivanti Antivirus Pattern files"
    7. Click "OK"
    8. This will create a scheduled task and open the "Schedule Task" window where you can select your delivery time (recommended at least daily) and other options.

    It is recommended to create a "Server Maintenance Tasks" folder in the Scheduled Tasks window.  This folder will house regular maintenance task such as "Download Microsoft Updates", "Run Gather Historical Information", "Download Ivanti Antivirus pattern files", etc.

     

     

     

    Turning on a regular pattern file update on the clients

     

    In order for the the Antivirus Pattern File updates to happen on a regular basis, they must be turned on in the Ivanti Antivirus Settings

    1. In the Ivanti Endpoint Manager Console, open the Agent Settings tool.
    2. Drill down to All, Public or My agent settings, open the Security folder, and then open the "Ivanti Antivirus" setting
    3. Select the Antivirus behavior that the affected clients are using and select "Edit".
    4. Go to the Scheduled Tasks section, select "Update" and then "Change Schedule".
    5. Set a time of day or a time range that you want the Virus Definition Updates to take place and click "Save"

     

    The Ivanti Antivirus settings will automatically update the next time a Vulnerability Scan runs on the clients.

     

    To verify that the scheduled pattern file updates are configured on a client you can look at the local scheduler task.

     

    The scheduled pattern file update creates a local scheduler task on the client computer:

     

    To view the local scheduler task, do the following:

     

    From \Program Files\LANDESK\LDClient\ (or Program Files (x86)\LANDESK\LDClient for 64-bit computers) type:

    localsch /tasks | more

     

    LDAVUpdateTask.png

     

    You should have a task in the list (as shown above outlined in red) that runs LDAV.EXE /UPDATE.

     

    Verify that Start Date and Time and that this task exists.