Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Endpoint Standard: How to Test Sensor Connectivity to CB Update Server

Endpoint Standard: How to Test Sensor Connectivity to CB Update Server

Environment

  • Carbon Black Cloud Console: All versions
    • Endpoint Standard
  • Endpoint Standard Sensor: 2.0.x.x and Higher
  • Microsoft Windows: All supported versions

Objective

Test Sensor connectivity to the Carbon Black (CB) signature update server 

Resolution

The Sensors are directed by the default Policy setting to contact http://updates2.cdc.carbonblack.io/update2
  • ping and nslookup can be run against updates2.cdc.carbonblack.io
  • Use a web browser to download the master.idx file to check for access denied errors 
    http://updates2.cdc.carbonblack.io/update2/idx/master.idx

Additional Notes

  • These tests apply to Windows machines only as the local scanner is not available on other platforms
  • While the above tests confirm basic connectivity, there may still be issues with transfer of larger files through the local network
  • Ensure there is no packet inspection of traffic between the Sensor and CB's update server performed by firewall or proxy
  • Support for signature updates over https was added beginning with Sensor version 3.3.0.984, so testing connectivity over https may prove useful

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
3856
Contributors