OfficeScan Server

Vulnerability Protection can connect an OfficeScan server (version 10.6 SP2, or version 11 and higher) and synchronize the endpoints (computers) found on that server.

Vulnerability Protection supports synchronization with only one OfficeScan server at a time. Also, an OfficeScan server can only be synchronized with one Vulnerability Protection Manager.

To synchronize with an OfficeScan server:

  1. Install the Vulnerability Protection Deployment Tool in OfficeScan. For instructions, see Appendix J in the Vulnerability Protection Installation Guide.
  2. In Vulnerability Protection Manager, create an event-based task that applies rules to a new endpoint when it is added to Vulnerability Protection. For more information, see Event-Based Tasks.
  3. In Vulnerability Protection Manager, go to Administration > System Settings > Agents > Agent-Initiated Activation and select Allow Agent-Initiated Activation.
  4. Use the Add OfficeScan Endpoints wizard to set up synchronization between Vulnerability Protection and the OfficeScan Server. For instructions, see "Synchronize with an OfficeScan Server", below.
  5. In the Vulnerability Protection Deployment Tool, use the Server Settings screen to configure communication between the Vulnerability Protection Manager and Agents. For instructions, see Appendix J in the Vulnerability Protection Installation Guide.
  6. Use the Vulnerability Protection Deployment Tool to install and activate the Vulnerability Protection Agent on the endpoints. For instructions, see Appendix J in the Vulnerability Protection Installation Guide.
    Only one occurrence of a physical computer can be active in Vulnerability Protection Manager. If the OfficeScan synchronization adds a computer that is already being protected by Vulnerability Protection, the new occurrence of the computer will not be activated. To activate the occurrence that is part of the OfficeScan synchronization, right-click the old occurrence and click Actions > Deactivate. Then right-click the new occurrence and click Actions > Activate/Reactivate.

Synchronize with an OfficeScan Server

To synchronize with an OfficeScan Server:

  1. Go to the Computers page and click New > Add OfficeScan.
  2. On the first page of the Add OfficeScan Endpoints wizard, enter this information and then click Next:
    • Hostname or IP: Hostname or IP address of the OfficeScan server
    • Name: Name of the OfficeScan server. This field is populated automatically.
    • Description: Optional description of the OfficeScan server. The description will appear on the Computers page in Vulnerability Protection Manager.
    • OfficeScan Version: Choose either 10.6 or 11.
    • Protocol: If you are using OfficeScan 11, the protocol is set to https. If you are using OfficeScan 10.6, you can choose from http or https.
    • Port: Port used to connect to the OfficeScan server. The default value is 8080 for http, or 4343 for https.
    • Account: User name that Vulnerability Protection can use to access the OfficeScan server. Must be an OfficeScan Administrator.
    • Password: Password that Vulnerability Protection can use to access the OfficeScan server.
  3. The wizard will attempt to connect to the OfficeScan server. If you are prompted to accept the OfficeScan server's SSL certificate, click Accept.
  4. The wizard displays information about the number of computers that it was able to find on the OfficeScan server. Click Finish.
  5. The wizard displays a message, indicating that the OfficeScan server was added successfully. Click Close.

The OfficeScan server, along with the endpoints and groups that it contains, will appear on the Computers page in Vulnerability Protection Manager.

Synchronize an Existing Group with OfficeScan

If you have already added OfficeScan endpoints (computers) to Vulnerability Protection Manager and you want to enable synchronization with the OfficeScan server that they belong to, you can do so.

To synchronize a group with an OfficeScan server:

  1. On the Computers page, create a group that contains all of the endpoints.
    Be careful when creating this group. If it contains groups or endpoints that are not on the OfficeScan server, they may be deleted when the synchronization occurs.
  2. Right-click the group and select Sync group with OfficeScan.
  3. On the first page of the wizard, enter this information and then click Next:
    • Hostname or IP: Hostname or IP address of the OfficeScan server
    • Name: Name of the OfficeScan server. This field is populated automatically.
    • Description: Optional description of the OfficeScan server. The description will appear on the Computers page in Vulnerability Protection Manager.
    • OfficeScan Version: Choose either 10.6 or 11.
    • Protocol: If you are using OfficeScan 11, the protocol is set to https. If you are using OfficeScan 10.6, you can choose from http or https.
    • Port: Port used to connect to the OfficeScan server. The default value is 8080 for http, or 4343 for https.
    • Account: User name that Vulnerability Protection can use to access the OfficeScan server.
    • Password: Password that Vulnerability Protection can use to access the OfficeScan server.
  4. The wizard will attempt to connect to the OfficeScan server. If you are prompted to accept the OfficeScan server's SSL certificate, click Accept.
  5. The wizard will warn you that existing endpoints and groups may be deleted when the group is synchronized with the OfficeScan server. Click Finish.
  6. The wizard displays a message, indicating that the OfficeScan server was added successfully. Click Close.

Change Synchronization Settings

By default, Vulnerability Protection synchronizes with the OfficeScan server every 10 minutes. If you want to synchronize on a different schedule, turn off the default synchronization. On the Computers page, right-click the OfficeScan server and click Properties > Settings and clear the Enable Regular synchronization with OfficeScan server checkbox. Then you can create a "Synchronize Computers with OfficeScan" scheduled task. See Scheduled Tasks for more information.

To synchronize with OfficeScan immediately, go to the Computers page, right-click the OfficeScan server, click Properties, and then click Synchronize Now.

When Vulnerability Protection performs a synchronization with the OfficeScan server and discovers that a group or endpoint has been removed from the OfficeScan server, Vulnerability Protection Manager does not deactivate the computer (the Vulnerability Protection protection modules remain on the computer). This is done in case the endpoint is roaming and will return later. However, if you want Vulnerability Protection to remove groups and endpoints when they are not found during synchronization, go to the Computers page, right-click the OfficeScan server and then click Properties. On the Settings tab, select the Delete endpoints and groups when they are removed from the OfficeScan server checkbox.

Stop Synchronizing with an OfficeScan Server

  1. Go to the Computers page, right-click the OfficeScan server (not an endpoint) and select Remove OfficeScan.
  2. In the dialog box that appears, select one of these options and then click OK:
    • Remove the OfficeScan server and all of its subordinate endpoints and groups from Vulnerability Protection Manager: This option removes the OfficeScan server and everything under it in the tree structure.
    • Remove the OfficeScan server but retain the endpoint data and group hierarchy: This option ends the synchronization with the OfficeScan server. Any endpoints and groups that are currently listed under the OfficeScan server in the tree structure will be converted to regular Vulnerability Protection computers and groups and will continue to be monitored by Vulnerability Protection.
If you want to temporarily stop the synchronization but you do not want to remove the endpoints or convert them to regular managed computers, go to the Computers page, right-click the OfficeScan server and then click Properties. On the Settings tab, clear the Enable regular synchronization with OfficeScan server checkbox.