Operating Principles

Top  Previous  Next

Dr.Web ES Agent establishes connection to the central protection server (for example, to Dr.Web Enterprise Server), which allows the network administrator to implement common security policy within the network, in particular, configure the same scanning settings and reaction on threat detection for all network stations and servers. Moreover, the central protection server also performs a role of an internal update server on the network, as it stores up-to-date virus databases, components (in this case, updating is performed via Dr.Web ES Agent, Dr.Web Updater is not used).

When connecting Dr.Web ES Agent to the central protection server, the agent ensures receipt of up-to-date settings for the program components and the license key file, which are then transmitted to the Dr.Web ConfigD configuration daemon for applying them to managed components. Moreover, the component also receives tasks to scan file system objects on the station (including scheduled tasks).

Note that the current version of Dr.Web for UNIX Internet Gateways does not fully implement the central protection mode: the central protection server cannot manage operation settings of the program components.

 

Dr.Web ES Agent collects and sends the server statistics on detected threats and applied actions. The operation scheme is shown in the figure below.

Figure 18. Diagram of the components’ operation

To connect Dr.Web ES Agent to the central protection server, the password and identifier of the host (“station” in terms of the Central protection server) are required, as well as the public encryption key file, which is used by the server for authentication. Instead of the station identifier, you can specify the identifier of the main and tariff groups where the station is to be included. For required identifiers and public key file, contact the administrator of your anti-virus network.

Moreover, if this option is allowed on the central protection server, you can connect your host with the protected server (“workstation”) as a “newbie”. In this case, after the administrator confirms the request to connect, the central protection server automatically generates an identifier and a password, and sends them to the agent for future connections.