Configure the Gateway AntiVirus Update Server

Gateway AntiVirus downloads signature updates from an update server. Gateway AntiVirus, IntelligentAV, IPS, Application Control, and Data Loss Prevention all use the same update server. When you configure the update server for any of these subscription services, the settings apply to all of these services.

In Fireware v12.2 and higher, when Gateway AntiVirus is configured for signature updates, any Gateway AntiVirus engine updates are also delivered to the Firebox automatically. This updates the Gateway AntiVirus engine without a Fireware OS upgrade.

The size of the Gateway AntiVirus signature set depends on your Firebox hardware platform and software version. For more information, go to Gateway AntiVirus signature set sizes.

To make sure that the Firebox can connect to the update server, you must add at least one DNS server to your network configuration. The Firebox uses DNS to resolve the update server URL to an IP address. For more information on adding DNS servers, go toConfigure Network DNS and WINS Servers.

To download and receive signature file updates, the Firebox must have access to both services.watchguard.com and cdn.watchguard.com.

Configure Signature Updates

To configure signature updates, from Fireware Web UI:

  1. Select Subscription Services > Gateway AV.
  2. Click Settings.
    The Gateway AntiVirus settings page appears.

Screen shot of the Gateway AV Settings page

  1. To enable automatic signature updates, select the Enable automatic update check box. This option is enabled by default.
  2. From the Interval drop-down list, enter the number of hours between automatic updates.
  3. Select the Gateway AntiVirus Signatures check box to automatically update signatures at the selected update interval.
  4. Select the IntelligentAV Updates check box to automatically get engine updates at the selected update interval.

To configure signature updates, from Policy Manager:

  1. From Policy Manager, select Subscription Services > Gateway AntiVirus > Configure.
  2. Click Update Server.
    The Update Server dialog box appears.

Screen shot of the Update Server dialog box

  1. To enable automatic signature updates, select the Enable automatic update check box. This option is enabled by default.
  2. From the Interval drop-down list, enter the number of hours between automatic updates.
  3. Select the Gateway AntiVirus Signatures check box to automatically update signatures at the selected update interval.
  4. Select the IntelligentAV Updates check box to automatically get engine updates at the selected update interval.

Connect to the Update Server Through an HTTP-Proxy Server

If your Firebox must connect to the update server through an HTTP-proxy, you must add information about the HTTP-proxy server to your update server configuration.

  1. In the HTTP Proxy Server section, select the Connect to Update Server with an HTTP Proxy Server check box.
  2. In the Server Address section, type the IP address or host name of your HTTP-proxy server.
  3. (Optional) To specify which port number to use to connect to your HTTP-proxy server, in the Server Port text box, type the port number.
    Most HTTP-proxy servers accept requests on port 8080. You must only specify a different port if your server does not use port 8080.
  4. From the Server Authentication drop-down list, select the type of authentication your HTTP-proxy server uses.
    • If your HTTP-proxy does not require authentication, select No Auth.
    • If your HTTP-proxy server requires NTLM or Basic authentication, in the text boxes, type your User Name, Domain, and Password.
  5. Save your configuration.

Update Signatures Manually

For information about how to see the status of signature updates, and how to manually force an update to the most current signatures, see Subscription Services Status and Manual Signatures Updates.

Offline Signature Updates

For security reasons, some customer environments require direct control over the distribution and installation of periodic signature updates for signature services such as Gateway AntiVirus, Intrusion Prevention, and Data Loss Prevention.

WatchGuard offers Offline Signature Updates that enable you to download the latest signatures for these services directly from WatchGuard, and then use a script to manually install these files on your Fireboxes.

A special set of credentials are required to access the signature update files from the WatchGuard servers. For more information about this feature, contact WatchGuard technical support.

Related Topics

Gateway AntiVirus Global Settings

About IntelligentAV