Environment

• Endpoint Standard Console: All Supported Versions
• Endpoint Standard Sensor: All Supported Versions

Objective

Resolution

1. Verify devices are actively checking in
2. Review the devices and their policy settings
   • Is the signature update server using https or http? 
   • If http, test with https: Endpoint Standard: Signature Updates Fail With Default Settings
   • If https, are the sensors on version 3.3.x.x and above? CB Defense: Signatures are not updating from an https server
3. Verify policy is set to allow updates and the update server URL is configured
   1. Verify 'On-Access File Scan Mode' is set to Normal/Aggressive, and "Allow Signature Updates" is Enabled
   2. Try increasing 'Frequency' to 2 hours and 'Randomization Window' to 1 hour
   3. Add https://updates2.cdc.carbonblack.io/update2 for update servers (only works with 3.3 Sensors and up)
4. Sorting the endpoints page by the Sig outdated status
   1. Count the number of signature outdated devices
   2. Check how old the current updates are
   3. Anything within seven days is not of high concern
5. If the above steps have not resolved the issue please reach out to support

Related Content