Skip to main content

Agent cannot update Cyber Protect definitions

Thread solved
Regular Poster
Posts: 37
Comments: 352

Hi,

all agents (for Windows) having trouble to update its Cyber protect definitions. Currently affected ~60 VMs.

Management Server is onsite and set to Use this agent to download and distribute patches and updates while all other agents are not.

Protection settings - Definitions is set to Cyber Protect Management Server.

So updating definitions should be done by the management server and then distributed to other agents.

 

I have not seen this error on the management server, only at all othger agents.

 

I am unsure if it works anyway; Definitions at my management server are same compared to other agents.

Anti-malware: 1.0.0.1174

Vulnerability assessment and patch management: 1202.0.0.0

 

Found this in /Agent/var/log/atp-downloader/x.log:

03.02.2022 10:28:51.118148 [0x00001474] [0x0000148c] [debug] [ServerProxy] : DownloadNewUpdateIndex()[383] req: 'https ://[management server dns]:9877/ngmp/update-index.json?agent_version=1.0.0.1437' status: 200

03.02.2022 10:28:51.119146 [0x00001474] [0x0000148c] [debug] [UpdaterBrain] : ProcessNewUpdateIndex()[1037] update index has been dowloaded

03.02.2022 10:28:51.119146 [0x00001474] [0x0000148c] [debug] [UpdaterBrain] : ProcessNewUpdateIndex()[1066] processing new index file C:\ProgramData\Acronis\Agent\var\atp-downloader\5592244653796735458

03.02.2022 10:28:51.119146 [0x00001474] [0x0000148c] [debug] [UpdaterBrain] : ParseUpdateIndex()[50] version: 1.0.0.1437, release_date: 2022-01-26T14:19:52.906Z

03.02.2022 10:28:51.120158 [0x00001474] [0x0000148c] [info] [UpdaterBrain] : UpdateIndexParser()[21] index parsed in 1 ms.

03.02.2022 10:28:51.120158 [0x00001474] [0x0000148c] [debug] [UpdaterBrain] : ProcessNewUpdateIndex()[1082] new index ver is 1.0.0.1437 (current is 1.0.0.1437), no need to rebuild index.

03.02.2022 10:28:51.120158 [0x00001474] [0x0000148c] [debug] [UpdaterBrain] : ProcessNewUpdateIndex()[1092] Completed

So NGMP version should be 1.0.0.1437 and not 1.0.0.1174 as in agent details tab.

 

Please also have a look at support request #05322355.

 

Thanks in advance!

Raphael

 

Edit: I have seen Protection settings – Acronis Cyber Protect 15 (managed-protection.com) and created firewall rules accordingly - restartet aakore service but updates still fail.

0 Users found this helpful
Forum Moderator
Posts: 237
Comments: 6946

Hello Raphael!

thank you for your posting! While the support team is reviewing your ticket, please check out the following article 68319: Acronis Cyber Protect: Troubleshooting failing "Updating Cyber Protect definitions" activities

Regular Poster
Posts: 37
Comments: 352

Hi Ekaterina,

thanks for your response!

 

Atp-downloader logs seems to be fine at client side, downloads "succeed", sometimes http error 304 (not modified, should be ok).

 

At management server side there are SSL errors.

SslCtxCallback()[24] Effective url: https_localhost:9877/vapm/update-index.json

operator ()()[216] Certificate verification failed: Hostname mismatch

The atp-agent @ management server downloads from localhost?

Might be ok, the given file can be downloaded but hostname "localhost" is not valid for that certificate.

 

I have replaced the default certificate with a company CA signed certificate during initial setup.

Valid SAN are hostname, hostname.domain and IP (not "localhost").

 

I have seen "UpdateIndexes" pointing to https_localhost:9877 /... in "\Agent\var\atp-downloader\atp-downloader.json" but cannot change its value (self protection).

 

"acronis.com" never shows in atp-downloader logs.

"\Agent\var\atp-downloader\Cache" is empty.

 

Thanks and best regards,

Raphael

Regular Poster
Posts: 37
Comments: 352

Have switched to "Update from Cloud" temporarily, it looks like it works so far.

Another issue in this scenario - all agents downloading at the same time causing high peaks in CPU and Internet usage.

Feature request: Distribute definition updates across 30 minutes (as in backup/scan tasks).

 

Support case #05322355 still untouched by Acronis, was created 01/29/2022.

 

Best regards,

Raphael

Forum Support specialist
Posts: 0
Comments: 2016

Hello Raphael,

thank you for sharing additional details and your ideas!

We have forwarded your feature request to a respective team.

As for case #05322355, it is at work. Please let us know if you need any further assistance with it.

 

Regular Poster
Posts: 37
Comments: 352

Hi,

issue is resolved now, case #05322355 closed.

There was an active proxy autoconfiguration via "wpad.domain.com" available. Windows-based Acronis agent used the provided proxy despite setting to "no proxy" while installing.

Deactivating the proxy autoconfiguration solved it, Agent is now downloading definitions as expected.

 

Thanks and best regards,

Raphael