Deploy patches in a remote location with no internet access

Deploy patches in a remote location with no internet access (Full Version)

All Forums >> [Network Security] >> GFI LANguard Network Security Scanner

Message

rockgoddessis -> Deploy patches in a remote location with no internet access (14.Apr.2008 3:43:26 PM)
Hi, I currently work on a closed system where there is no internet access. To update NSS v7.0 and download missing patches, I have to go to an outside computer, and download them onto a CD. Then after the security officer scans the CD, I load the updates and patches onto the system. Using NSS v7.0, I use the "Deploy Custom Software" tool, and have to identify each patch's parameters and enter them manually. I know that if I had internet access, I could use "Deploy Microsoft updates" and the tool would automatically identify the parameters and load the patches. Is there a way I can use this tool, but have it look in a directory, instead of the source URL? Thank you. ~Kristen

rlittle -> RE: Deploy patches in a remote location with no internet access (2.May2008 10:46:41 AM)
We have a similar setup with a network that has no Internet access. We solved it in the following way. We created an internal website that auto downloads the gfi updates. We allow the GFI software to hit this website to get its updates. For patches we have a gfi setup in the corporate network and we have it set to download all patches. We then take any new patches and copy them to a CD or ext HD etc and take them to the machine in the Controlled network. Copy the patches to the patch repository on the control network and it will see them as downloaded when you run deploy Microsoft patches or SP. The default location for the repository is "C:\Program Files\GFI\LANguard Network Security Scanner 8.0\Repository\English" although you can change this in GFI setup.

LeoSanchez -> RE: Deploy patches in a remote location with no internet access (2.May2008 3:28:24 PM)
Hello rockgoddessis, Please review the following Kb artice: http://kbase.gfi.com/showarticle.asp?id=KBID002062 As the KB article states this would only work if you have at least 1 machine connected to the Internet.

rlittle -> RE: Deploy patches in a remote location with no internet access (5.May2008 9:43:04 AM)
You can get the GFI updates to your website without a problem as it is just an HTTP download. We wrote a small vb program to pull them down, I would be happy to share the source code on it. The Microsoft updates are a different matter though, I have had to set up a system that can get the internet to autodownload all of the patches so that I can get this info from them.

Page: [1]