You can specify certain OfficeScan/Apex One clients/agents to act as local update sources for other clients/agents.
For instance, if your network is segmented by location and the network link between the segments experiences heavy traffic load, we recommend allowing at least one client/agent for each segment to act as an Update Agent.
- Make sure that the Update Agent machines have at least 300 MB available disk space.
- The maximum number of customized update sources for an OfficeScan/Apex One client/agent allowed is 1024.
- The maximum number of concurrent client/agent update requests that an Update Agent can handle is 250. This may differ slightly depending on the hardware specifications of the machine.
- Excessive Update Agents can actually harm performance. It is recommended to only configure the Update Agents that are required.
To configure OfficeScan/Apex One clients/agents to act as Update Agents (UA):
- Specify a client that will act as the Update Agent (UA).
- Log on to the OfficeScan/Apex One management console.
- Go to Agents > Agent Management.
- Select the domains or clients/agents that will be granted the Update Agent privileges.
- Click the Settings tab and then select "Update Agent Settings".
- Check any of the following under "Clients can act as Update Agents" depending on what type of data would be hosted on this UA:
- Component Updates
- Domain Settings
- OfficeScan/Apex One agent programs and hot fixes
- Click Save.
- Select an Update Agent as a Client Update Source.
- Go to Updates > Agents > Update Source.
- Select Customized Update Source.
- Under the Customized Update Source list, click Add.
- Enter the range of the IP addresses of the clients/agents that will receive the updates from the Update Agent.
- Select "Update Agent" and then choose the agent from the drop-down list.
The clients/agents which have been granted the privilege to act as Update Agents will now appear in the list. If there are missing Update Agents, make sure to apply the Act as Update Agent privilege to the clients/agents in the Client Privileges and Settings screen.
Choosing “Using the Update Agent hostname to connect” is recommended as this will use DNS to continue pointing to the Update Agent in the event of an IP address change.
- Click Save.
- On the Agent Update Source page, click the Notify All Agents button at the bottom.
To configure OfficeScan clients/agents to act as Update Agents (UA):
- Specify a client that will act as the Update Agent (UA).
- Log on to the OfficeScan as a Service web console.
- Go to Policies > Policy Management > OfficeScan Agent.
- Create a new policy to be used by the Update Agents.
Refer to the OfficeScan as a Service Admin Guide (Chapter 11: Policy Management) to learn more about policies: .
- Check any of the following under "Clients can act as Update Agents" depending on what type of data would be hosted on this UA:
- Component Updates
- Domain Settings
- OfficeScan agent programs and hot fixes
- Click Save.
The policy will then deploy to the agents you configured.
- Set an Update Agent as a Client Update Source.
- In the OfficeScan as a Service web console, go to Administration > Managed Servers > Server Registration.
- Choose Server Type: OfficeScan.
- Click the provided link to Single Sign-On to the OfficeScan server.
- Go to Updates > Agents > Update Source.
- Under the Customized Update Source list, click Add.
- Enter the range of the IP addresses of the clients/agents that will receive the updates from the Update Agent.
- Select "Update Agent" and then choose the agent from the drop-down list.
The clients/agents which have been granted the privilege to act as Update Agents will now appear in the list. If there are missing Update Agents, make sure to apply the Act as Update Agent privilege to the clients/agents in the Client Privileges and Settings screen.
Choosing “Using the Update Agent hostname to connect” is recommended as this will use DNS to continue pointing to the Update Agent in the event of an IP address change.
- Click Save.
- On the Agent Update Source page, click the Notify All Agents button at the bottom.
Agent update/order process
A client updates from the first matching entry on the Customized Update Source list:
- If unable to update from the first entry, the client updates from the second entry, and so on.
- If unable to update from all entries, the client does and checks the following.
On the Agent Update Source Page the “OfficeScan agents update the following items from the OfficeScan server if all customized sources are unavailable or not found” option.
If enabled, the client updates from the OfficeScan server the options selected below it:
- Components
- Domain Settings
- OfficeScan agent programs and hot fixes
- If the option is disabled, the client then tries connecting directly to the Trend Micro ActiveUpdate server if any of the following is true:
- For OfficeScan 11.0:
In Agent > Agent Management > Settings > Privileges and Other Settings > Other Settings tab > Update Settings, the option "Clients download updates from the Trend Micro ActiveUpdate Server" is enabled.
The ActiveUpdate server ([3]http://osce11-p.activeupdate.trendmicro.com/activeupdate) is not included in the Customized Update Source List.
- For OfficeScan XG:
In Agent > Agent Management > Settings > Privileges and Other Settings > Other Settings tab > Update Settings, the option "Clients download updates from the Trend Micro ActiveUpdate Server" is enabled.
The ActiveUpdate server ([4]http://osce12-p.activeupdate.trendmicro.com/activeupdate) is not included in the Customized Update Source List.
- For OfficeScan 11.0:
- If unable to update from all possible sources, the client quits the update process.
