Environment
- Carbon Black Cloud: All Supported versions
- Endpoint Standard sensor: All supported versions
Symptoms
- Using URL based firewall approval rules for outside communication
- Sensor virus definition files (VDF) will not download signature packs or update to local scanner blocked by firewall
Cause
Firewall dos not accept / or wild cards when creating firewall rules to allow the the sensor to communicate with the VDF update server URL
Resolution
In the firewall allow rule use the entire domain only 'updates2.cdc.carbonblack.io' and test
Additional Notes
- Leave the entire URL including directory /update2 'http://updates2.cdc.carbonblack.io/update2' in the policy's local scan settings as the update server URL
- This is not proven on all firewalls and may not work in every situation
Related Content