Remote Agent Configuration Guide This product includes software developed by the Apache Software Foundation (www.apache.org). This guide contains background information, installation notes, and other information about OfficeScan Remote Agent. Before installing, Trend Micro highly recommends reading this guide to learn how you can take advantage of the capabilities of Remote Agent. Contents What you can do with Remote Agent Modifying the default settings What is Remote Agent?OfficeScan clients in remote offices sometimes have problems connecting to the server in the main office because of low-bandwidth connections. This can prevent the proper deployment of OfficeScan components, especially the pattern files, which help keep the clients protected against the latest virus threats. To ensure that clients (especially those in low-bandwidth remote offices) are always updated, Trend Micro developed Remote Agent. Remote Agent allows clients in low-bandwidth remote offices to get updated pattern files and scan engine directly from the Trend Micro update server, instead of only from the OfficeScan server. With this tool, clients are sure to get program updates, even if deployment of new pattern files from the server is not possible because of bandwidth limitations. Although clients by themselves can download updates directly from the Trend Micro update server with Update Now (if you grant them this privilege), using Remote Agent minimizes bandwidth consumption. You only need to configure a single client to download updates and share these with other clients in the low-bandwidth office. Other clients no longer have to download the updates themselves, thereby helping optimize bandwidth usage in low-bandwidth offices. What you can do with Remote AgentUsing Remote Agent, you can do the following:
Types of agentsThere are three types of Remote Agents:
Master agentThe master agent is installed on a client in a low-bandwidth remote office to download updates from the OfficeScan server or the Trend Micro update server. It acts as a 'mini' OfficeScan server by sharing these updates with other clients on the local network that are running the normal agent. The maximum number of clients that can get updates from the master agent depends on the Apache server's default settings, and your network and machine environment. Master agent runs as a process (not as a service) on the host computer. This means that when you log off the host computer, master agent shuts down. To change the Apache server’s default settings
For detailed instructions on how to edit the master agent's Apache server settings, visit http://httpd.apache.org/docs-2.0/index.html.en Normal agentThe normal agent is installed on other clients in the low-bandwidth remote office to get updates from the master agent. If the master agent is not available, the normal agent can still get updates from the OfficeScan server and even directly from the Trend Micro update server. Mobile agentThe mobile agent is installed on clients that are frequently disconnected from the network (thus the term "mobile"). Examples of mobile clients are notebook computers that employees disconnect from the network to take home with them. To keep the client’s protection updated, the mobile agent downloads updates directly from the Trend Micro update server. Minimum system requirementsThere are two requirements for installing Remote Agent on the client:
If you are installing the master agent on a machine without an HTTP server, Setup will automatically install an Apache server for you. See the Apache installation requirements below. WARNING! Trend Micro does not recommend installing the master agent on a Windows 95/98 computer. Apache™ installation requirementsApache 1.3 is designed to run on Windows NT 4.0 and Windows 2000. The binary installer will only work with the x86 family of processors, such as Intel's. Apache may also run on Windows 95 and 98, but these have not been tested and are never recommended for production servers. In all cases, TCP/IP networking must be installed. If running on NT 4.0, installing Service Pack 3 or 6 is recommended, as Service Pack 4 created known issues with TCPIP/WinSock integrity that were resolved in later Service Packs. Note: Winsock 2 is required for Apache 1.3.7 and later. If running on Windows 95, the "Winsock2" upgrade must be installed before Apache will run. "Winsock2" for Windows 95 is available at the following links: www.microsoft.com/windows95/downloads/ Be warned that the Dialup Networking 1.2 (MS DUN) updates include a Winsock2 that is entirely insufficient, and the Winsock2 update must be reinstalled after installing Windows 95 dialup networking. MSI Binary Distribution PackagesThe Apache httpd Project is working to minimize your download time. With the arrival of version 1.3.17 of Apache, we distribute the Apache httpd Server in an MSI package. This should resolve problems that Windows ME users had with the older installer, and minimizes the download time. However, only Windows ME and 2000 users have built-in MSI support with the installation of Windows. Users of Windows NT 4.0, 95 and 98 must download the MSI installer, if it was not already installed by another product's installation. If you are unsure if the Windows Installer is present, or the required version 1.10.1029.1 or later, then run the MSIEXEC command from the Start -> Run dialog to determine if the Windows Installer is on your machine. It will report "Incorrect command line parameters", and also tell you its version number. Apache's .msi packages require Windows Installer V 1.10 or later, which you can install or upgrade with the following Microsoft downloads: www.microsoft.com/downloads/release.asp?ReleaseID=17344 www.microsoft.com/downloads/release.asp?ReleaseID=17343 Once you have downloaded and installed the MSI installer application, you should not need to do so again. You will be ready to run the Apache .msi binary installer distributions above. Because a small but significant number of users have encountered problems running the Win32 installer, we have provided the Troubleshooting pages to help you diagnose and fix most installation problems at www.apache.org/dist/httpd/binaries/win32/TROUBLESHOOTING.html. Planning for installationYou need to plan before you start installing the agents. Here is a to-do list to help you install Remote Agent in the remote office. You can get the Remote Agent files from the \PCCSRV\Admin\Utility\RemoteAgent folder of the OfficeScan server.
Generating the setup packagesThis section discusses how to generate the following:
Generating the remote office packageThe remote office package contains the setup files for the remote office agents— the master agent and the normal agent.
To generate the remote office packages:
Note: Agents can only get pattern file updates from the OfficeScan server. To update the scan engine, you must configure the master agent to connect to the Trend Micro update server. If you use a proxy to connect to the Internet, you need to configure your proxy settings to enable the master agent to get updates from the Internet.
Generating the mobile agent setup packageThe mobile agent setup package allows mobile clients to get updates directly from the Internet. To generate the setup package for the mobile clients
Installing Remote AgentThis section discusses how to install the master agent, normal agent, and mobile agent. Installing the master agentAfter creating the setup packages, send the master agent package to the OfficeScan client in the remote office designated to get updates from the OfficeScan server or to download updates from the Trend Micro update server. You may send the setup package via email, CD-ROM or any other similar media. To install the master agent, simply double-click the setup icon. The setup program will run in the background. When finished, a dialog box appears, informing you that the master agent has been installed successfully. The Remote Agent icon will appear in the Windows system tray. If you are installing the master agent on a Windows NT/2000 server
If IIS is running on the Windows NT/2000 Server without using port 80, the Apache server can be installed successfully with the master agent. Installing the normal agentThe normal agent setup package is intended for OfficeScan clients in the remote office that are not hosting the master agent and are not frequently disconnected from the network. You may send the normal agent setup package by email, CD-ROM or any other similar media to these clients. You may also choose to put the normal agent setup package in a shared folder where the remote office clients can download it. To install the normal agent, simply double-click the setup icon. You will not see anything on the screen during installation; it will be running in the background. When finished, a dialog box appears, informing you that the normal agent has been installed successfully. Installing the mobile agentThe mobile agent setup package is for OfficeScan clients that are frequently disconnected from the network. To install the mobile agent, simply double-click the setup icon. You will not see anything on the screen during the installation because it will be running in the background. When finished, a dialog box appears, informing you that the mobile agent has been installed successfully. Modifying the default settingsTo open the Remote Agent configuration screen, right-click the Remote Agent icon in the system tray, and then click Main Window. The screen displays the latest update information, including the pattern and engine versions, update source, and so on. Checking for updatesBy default, the Check for updates check box is selected. To disable update checking, clear the check box. However, Trend Micro recommends that you keep this selected at all times. You can modify the frequency when the mobile agent will check the download site you have specified for available updates. You can configure it to check once daily or at specified intervals.
SettingsTo change the update sources or to check the connection with the OfficeScan server, click Settings. The Settings screen appears, displaying the Update Sources and Verify Server Connection Status tabs. For information on how to add, delete, or rename an update source, or to modify the settings to an update source, refer to Configuring update sources. For information on how to verify the connection of the master agent with the OfficeScan server manually or automatically, refer to Verifying server connection. Configuring update sourcesRemote agent allows you to configure update sources to ensure that you get the updates when you want it. You can add, delete, or rename an update source, or to modify the settings of an existing update source. To add an update source
If your proxy server uses SOCKS 4 to handle TCP, select Use SOCKS 4.
To delete an update source
To rename an update source
To modify the update source settings
Verifying server connectionYou can verify master agent-server connection manually or you can configure a scheduled verification.
Click OK to save your settings. Note: You may advise the master and normal agent users to increase the update interval to prevent Remote Agent from updating frequently. |