Update Overview

All component updates originate from the Trend Micro ActiveUpdate server. When updates are available, the Security Server downloads the updated components and then distributes them to Security Agents and Messaging Security Agents (Advanced only).

If a Security Server manages a large number of Security Agents, updating may utilize a significant amount of server computer resources, affecting the server’s stability and performance. To address this issue, Worry-Free Business Security has an Update Agent feature that allows certain Security Agents to share the task of distributing updates to other Security Agents.

The following table describes the component update options for the Security Server and agents, and recommendations on when to use them:

Table 1. Update Options

Update Sequence

Description

Recommendation

  1. ActiveUpdate Server or custom update source

  2. Security Server

  3. Agents

The Trend Micro Security Server receives updated components from the ActiveUpdate server or custom update source and then deploys them directly to agents (Security Agents and Messaging Security Agents).

Use this method if there are no low-bandwidth sections between the Security Server and agents.

  1. ActiveUpdate Server or custom update source

  2. Security Server

  3. Update Agents, Messaging Security Agents, Security Agents without Update Agents

  4. All other Security Agents

The Trend Micro Security Server receives updated components from the ActiveUpdate server or custom update source and then deploys them directly to:

  • Update Agents

  • Messaging Security Agents

  • Security Agents without Update Agents

The Update Agents then deploy the components to their respective Security Agents. If these Security Agents are unable to update, they update directly from the Security Server.

If there are low-bandwidth sections between the Security Server and Security Agents, use this method to balance the traffic load on the network.

  1. ActiveUpdate Server

  2. Security Agents

Security Agents that cannot update from any source update directly from the ActiveUpdate server.

Note:

Messaging Security Agents never update directly from the ActiveUpdate server. If all sources are unavailable, the Messaging Security Agent quits the update process.

This mechanism is provided only as a last resort and requires the following:

Enable Use Trend Micro ActiveUpdate as a secondary update source under Update Privileges