Security Agents on
unreachable networks, such as those on network segments behind a
NAT gateway, are almost always offline because the server cannot
establish direct connection with the agents.
As a result, the server cannot notify the agents to:
-
Download the latest components.
-
Apply agent settings configured from the web console. For example, when you change the Scheduled Scan frequency from the web console, the server will immediately notify agents to apply the new setting.
Unreachable agents therefore
cannot perform these tasks in a timely manner. They only perform
the tasks when they initiate connection with the server, which happens
when:
-
They register to the server after installation.
-
They restart or reload. This event does not occur frequently and usually requires user intervention.
-
Manual or scheduled update is triggered on the agent. This event also does not occur frequently.
It is only during registration, restart, or reload that the server
becomes "aware" of the agents’
connectivity and treats them as online. However, because the server
is still unable to establish connection with the agents, the server
immediately changes the status to offline.
Trend Micro Apex One provides the "heartbeat"
and server polling features to resolve issues regarding unreachable agents. With these
features, the server stops notifying agents of
component updates and setting changes. Instead, the server takes
a passive role, always waiting for agents to
send heartbeat or initiate polling. When the server detects any
of these events, it treats the agents as
online.
 |
NoteAgent-initiated
events not related to heartbeat and server polling, such as manual agent update and log sending,
do not trigger the server to update the unreachable agents’ status.
|