There are two ways to receive online updates for MaxPatrol:
- Built in Web Updates from the Maxpatrol Global Update Server
- A local update server located at your organization.
Each of these options has its advantages. The first option is more economical, and it does not require any additional installation or configuration. The second alternative offers greater flexibility, making it possible to adapt the updating process to your corporate information-security policy, no matter how strict it might be.
General Information
Whichever method chosen, the primary source for updates is the global MaxPatrol update server on the Internet. This server has two ports (2002 and 80), and both are available for updating.
Port 2002 runs an original encryption protocol with license-checking support. This protocol is the basis for the entire MaxPatrol update system.
Port 80 supports updates using HTTP protocol. Encryption and license control are also provided, as data is actually transferred using primary protocol and then converted to HTTP.
Internal Tools
Using the MaxPatrol settings, you can select an update method from three different options as illustrated in the figure below:
This is the default option. With this option Maxpatrol will request updates from the Global Update Server over the internet and update the installation automatically.
How safe is it? Sometimes users wonder if it is safe to open an additional port for Maxpatrol updates. We assure you that it is safe, for the following reason: First, the port only opens to the "outside;" in other words, it only allows connections initiated by your network. Second, connections through this port are limited to a single external IP address (the global Maxpatrol update server). With these limitations, there can be no increase in the possibility of protection violations.
However, if the security policy in your company is so strict that you cannot open port 2002, you might consider some of the other options described below.
Updates using HTTP protocol (direct connection). In this case the program requests updates from the Global Update Server using Port 80.
Updates using HTTP protocol (by proxy). If you choose this option, you must specify the IP-address and port number of your proxy server.
Local Update Server
The local update server is a separate program that operates in Windows. This server requires minimal resources. You can even install it on a system that has MaxPatrol installed.
The local server uses one of the methods described above to connect to the global update server. You can take advantage of any of the other alternative for distributing updates to multiple MaxPatrol work stations.
One alternative is the use of automatic updates through a direct connection with your local server. A basic updating protocol is used in this case, but you can configure your local server to work on any port number. When you are setting up MaxPatrol work stations, just select the proper option (update from local server), then specify the server's address and port number.
 A second alternative makes it possible to receive updates in strictly isolated network segments (S#1) where no other alternatives apply. To do this, you must set up an additional update server within the segment. MaxPatrol work stations in this segment will receive updates from their local server as described above in alternative A. The server itself will receive updates from another local update server in offline mode (for example, on floppy disk) - using the import/export functions built into the local server. It is important to note that only local servers can exchange updates through import/export; MaxPatrol work stations cannot receive updates from files.
To sum it all up, a local MaxPatrol update server performs the following functions:
- Receives updates from the global server using one of three standard options
- Distributes updates to work stations through direct connection or any port
- Transfers updates to another local server through files using export/import capability.
| 
