Dr.Web ES Agent establishes connection fileto the central protection server (for example, to Dr.Web Enterprise Server), which allows the network administrator to implement common security policy within the network, in particular, configure the same scanning settings and reaction on threat detection for all network stations and servers. Moreover, the central protection server also performs a role of an internal update server on the network, as it stores up-to-date virus databases, components (in this case, updating is performed via Dr.Web ES Agent, Dr.Web Updater component is not used).
When connecting Dr.Web ES Agent to the central protection server, the agent ensures receipt of up-to-date settings for program components and license key file, which are then transmitted to configuration daemon Dr.Web ConfigD for applying them to managed components. Moreover, the component also receives tasks to scan file system objects on the station (including scheduled tasks).
|
Please note that the current version of the Dr.Web for UNIX File Servers suite is not fully implements the central protection mode: central protection server cannot manage operation settings of the product components and cannot send scan tasks for the suite. |
Dr.Web ES Agent collects and sends the server statistics on detected threats and applied actions. The operation scheme is shown in the picture below.
Picture 40. Component operation scheme
To connect Dr.Web ES Agent to the central protection server, the password and identifier of the host are required, as well as the public encryption key file, which is used by the server for authentication. Instead of the host identifier, you can specify the identifier of the main and tariff groups where the station is to be included. For required identifiers and public key file, contact the administrator of your anti-virus network.
Moreover, if this option is allowed on the server, you can connect a file server host as a "newbie". In this case, after the administrator confirms the request to connect, the central protection server automatically generates an identifier and a password, and sends them to the Agent for future connections.
It is possible (but not recommended) to allow the Agent Dr.Web ES Agent to connect to the central protection server without using a server public key or using an invalid key. For details, refer to the description of esconnect command of Dr.Web Ctl utility.