To host both the Deep Security Relay and OfficeScan/Apex OneUpdate Agent:
- Enable the relay functionality on the Deep Security agent.
- Disable the Anti-Malware (AM) on the relay.
- Configure the OfficeScan agents to act as Update Agents.
The client port cannot be 4122, which is the default service port of relay.
- Enable the Real-time Scan on the Update Agent.
- Configure the firewall based on the following conditions:
- If firewall is enabled on the Update Agent, create a rule to bypass the following ports used by Relay when updating from iAU, and communicate with Manager:
80, 443, 4119, 4120, 4118, 4122, 4123. - If firewall is enabled on the Relay, create a rule to bypas the following ports used by Update Agent during update, communicate with the OfficeScan/Apex One server:
{OfficeScan client port}, {OfficeScan server port} - If Windows Firewall or any third-party firewall is enabled, add a firewall rule to bypass ports used by Relay and Update Agent:
80, 443, 4119, 4120, 4118, 4122, 4123, {OfficeScan client port}, {OfficeScan server port}
- If firewall is enabled on the Update Agent, create a rule to bypass the following ports used by Relay when updating from iAU, and communicate with Manager:
Deep Security Relay can be enabled on Windows x64 platform only. Below are the recommended platforms:
- Windows Server 2012(64-bit)
- Windows Server 2012 R2(64-bit)
- Windows Server Core 2012 (64-bit)
- Windows Server Core 2012 R2 (64-bit)
- Windows 8.1 (64-bit)
- Windows 8 (64-bit)
- Windows 7 (64-bit)
- Windows Server 2008 R2 (64-bit)
- Windows Server 2008 (64-bit)
- Windows Vista (64-bit)
- Windows Server 2003 SP1 (64-bit) with patch
- Windows Server 2003 SP2 (64-bit)
- Windows Server 2003 R2 SP2 (64-bit)
For OfficeScan/Apex One, an Update Agent running on a 64-bit platform will not be able to generate incremental patterns. Therefore, the Update Agent always downloads all incremental patterns available in the ActiveUpdate server, regardless of how many of these patterns it has previously downloaded.