Issue:
How can I update the antivirus software in the MultiAV component of the Padvish EDR system without internet connection (offline)?
Solution:
Unlike Padvish Antivirus, many antivirus programs do not have offline update feature.
Use the virtual machine transfer method to update the offline version:
- Launch a copy of any antivirus virtual machine in a network connected to the Internet.
- The network settings of the virtual machine (IP address and subnet) should match those of the offline network.
- This virtual machine should be connected to the Internet, allowing it to receive updates.
- Limit the virtual machine’s access to relevant antivirus update server addresses via the network firewall
4. At specific intervals (e.g., daily), transfer this virtual machine to the offline network using one of the following methods:
- Recommended: Use the Clone option of your virtual infrastructure to transfer a copy of the machine to an external hard drive.
- Turn off the virtual machine and transfer its VMDK file. (Ensure the correct file is copied, especially if the virtual machine has a snapshot.)
- Export the virtual machine as an OVF file.
5. In the offline network, replace the old virtual machine with the updated one and ensure it is connected within the EDR system.