Security Server Updates

Automatic Updates

The Security Server automatically performs the following updates:

  • Immediately after installing the Security Server, it updates from the Trend Micro ActiveUpdate server.

  • Whenever the Security Server starts, it updates the components and the Outbreak Defense policy.

  • By default, scheduled updates run every hour (the update frequency can be changed from the web console).

Manual Updates

You can run manual updates from the web console if an update is urgent.

Server Update Reminders and Tips

  • After an update, the Security Server automatically distributes the component updates to agents. For details on the components distributed to agents, see Updatable Components.

  • A pure IPv6 Security Server cannot perform the following tasks:

    • Obtain updates directly from the Trend Micro ActiveUpdate server or a pure IPv4 custom update source.

    • Distribute updates directly to pure IPv4 agents.

    Similarly, a pure IPv4 Security Server cannot obtain updates directly from a pure IPv6 custom update source and distribute updates to pure IPv6 agents.

    In these situations, a dual-stack proxy server that can convert IP addresses, such as DeleGate, is required to allow the Security Server to obtain and distribute updates.

  • If you use a proxy server to connect to the Internet, set the correct proxy settings in Preferences > Global Settings > Proxy tab to download updates successfully.

Component Duplication

Trend Micro releases pattern files regularly to keep client protection current. Since pattern file updates are available regularly, the Security Server uses a mechanism called component duplication that allows faster downloads of pattern files.

When the latest version of a full pattern file is available for download from the Trend Micro ActiveUpdate server, incremental patterns also become available. Incremental patterns are smaller versions of the full pattern file that account for the difference between the latest and previous full pattern file versions. For example, if the latest version is 175, incremental pattern v_173.175 contains signatures in version 175 not found in version 173 (version 173 is the previous full pattern version since pattern numbers are released in increments of 2). Incremental pattern v_171.175 contains signatures in version 175 not found in version 171.

To reduce network traffic generated when downloading the latest pattern, the Security Server performs component duplication, a component update method where the server downloads only incremental patterns. To take advantage of component duplication, be sure that the Security Server is updated regularly. Otherwise, the server will be forced to download the full pattern file.

Component duplication applies to the following components:

  • Virus Pattern

  • Smart Scan Agent Pattern

  • Damage Cleanup Template

  • IntelliTrap Exception Pattern

  • Spyware Pattern