New York Boston Washington, DC

San Francisco Los Angeles Las Vegas

Chicago Denver Albany Redmond

Europe Asia South America    

Computer Forensics Electronic Discovery Security Auditing
    Home | Contact | Site Map

 

COMPUTER FORENSICS Forensic Services

Email Forensics

INCIDENT RESPONSE

TRAINING
CORPORATE SERVICES
ATTORNEYS

PRIVATE INVESTIGATORS

COMPUTER FORENSIC FAQ

COMMON MISTAKES

QUICK ANALYSIS PLAN

FORENSIC PROCESS

CASE STUDIES

CORPORATE CV

REQUEST A QUOTE

FORENSIC LINKS

 

ELECTRONIC DISCOVERY
E-DISCOVERY SERVICES

DISCOVERY CONSULTING

EXPERT WITNESSES
CASE STUDIES

EVOLUTION OF DISCOVERY

STATE OF THE LAW

E-DISCOVERY LAW

E-DISCOVERY LIBRARY

SPOLIATION CASE LAW

E-DISCOVERY NEWS

REQUEST INFORMATION

CORPORATE CV

 

DATA SECURITY
MAINFRAME SECURITY
APPLICATION SECURITY

NETWORK SECURITY

SECURITY ALERTS

END USER TIPS

SECURITY LINKS

 

SOFTWARE
MaxPatrol

KEY FEATURES

ACCURACY

SCAN QUALITY

PERFORMANCE

RELIABILITY

COMPARISONS

CASE STUDIES

DATABASE

UPDATE SYSTEM

DOWNLOAD

 

RESOURCES
CONTACT INFO
COMPUTER FORENSICS
ELECTRONIC DISCOVERY
PARTNERS
PRIVACY POLICY

TERMS OF USE

 

 

New MaxPatrol Demo Available!
New Demo version includes new intelligent algorithms for detection of blind SQL-injection vulnerabilities in ANY (including custom) web-applications.

 

Go to Demo Download page

UPDATE SYSTEM

PROFESSIONAL  SECURITY  SCANNER
Rocket Science, That's Just Our Hobby!

 

There are two ways to receive online updates for MaxPatrol:

 

*            Built in Web Updates from the Maxpatrol Global Update Server

*            A local update server located at your organization.

 

Each of these options has its advantages. The first option is more economical, and it does not require any additional installation or configuration. The second alternative offers greater flexibility, making it possible to adapt the updating process to your corporate information-security policy, no matter how strict it might be.

 

General Information

Whichever method chosen, the primary source for updates is the global MaxPatrol update server on the Internet. This server has two ports (2002 and 80), and both are available for updating.

 

Port 2002 runs an original encryption protocol with license-checking support. This protocol is the basis for the entire MaxPatrol update system.

 

Port 80 supports updates using HTTP protocol. Encryption and license control are also provided, as data is actually transferred using primary protocol and then converted to HTTP.

 Internal Tools

 Using the MaxPatrol settings, you can select an update method from three different options as illustrated in the figure below:

This is the default option. With this option Maxpatrol will request updates from the Global Update Server over the internet and update the installation automatically.

How safe is it? Sometimes users wonder if it is safe to open an additional port for Maxpatrol updates. We assure you that it is safe, for the following reason: First, the port only opens to the "outside;" in other words, it only allows connections initiated by your network. Second, connections through this port are limited to a single external IP address (the global Maxpatrol update server). With these limitations, there can be no increase in the possibility of protection violations.

However, if the security policy in your company is so strict that you cannot open port 2002, you might consider some of the other options described below.

Updates using HTTP protocol (direct connection). In this case the program requests updates from the Global Update Server using Port 80.

Updates using HTTP protocol (by proxy). If you choose this option, you must specify the IP-address and port number of your proxy server. 

Local Update Server 

The local update server is a separate program that operates in Windows. This server requires minimal resources. You can even install it on a system that has MaxPatrol installed.

The local server uses one of the methods described above to connect to the global update server. You can take advantage of any of the other alternative for distributing updates to multiple MaxPatrol work stations.

One alternative is the use of automatic updates through a direct connection with your local server. A basic updating protocol is used in this case, but you can configure your local server to work on any port number. When you are setting up MaxPatrol work stations, just select the proper option (update from local server), then specify the server's address and port number.

A second alternative makes it possible to receive updates in strictly isolated network segments (S#1) where no other alternatives apply. To do this, you must set up an additional update server within the segment. MaxPatrol work stations in this segment will receive updates from their local server as described above in alternative A. The server itself will receive updates from another local update server in offline mode (for example, on floppy disk) - using the import/export functions built into the local server. It is important to note that only local servers can exchange updates through import/export; MaxPatrol work stations cannot receive updates from files.

To sum it all up, a local MaxPatrol update server performs the following functions:

·                            Receives updates from the global server using one of three standard options

·                            Distributes updates to work stations through direct connection or any port

Transfers updates to another local server through files using export/import capability.


Download a demo version now!
Copyright 2005 Global Digital Forensics