The Antimalware Configuration settings define the server for malware cleanup and Antimalware Agent installation as well as the default server for an Ondemand Content Master. To access these settings, navigate to Security > Getting Started > Protecting Against Malware, and click the link under the Antimalware Server section. You can also access them under Security in the Management Zone Settings.
One Primary Server needs to be designated as the Antimalware Server to perform Antimalware-related maintenance tasks for your zone. This server also functions as an Ondemand Content Master (OCM) by default. If you designate one or more additional Primary servers as OCMs in the zone, the OCM designation can be removed from the server selected in this configuration as the Antimalware Server. You can make that change via the Server Hierarchy configuration.
Any Primary servers designated as OCMs need to meet the Ondemand Content Master requirements. For more information, see Ondemand Content Master - Requirements.
The Antimalware Server performs maintenance once a day, which can include cleaning up old malware events and rebuilding the bundle for the Antimalware Agent installation. You can define the time that the maintenance occurs and remove old malware events or rebuild an agent installation bundle manually.
When you configure the age limit for automatically removing old malware events according to the daily maintenance schedule, the configurable range is from 1-180 days.
The Ondemand Content Master requires an Internet connection to communicate with and download content from the external Antimalware cloud service. This service is a Content Distribution Network (CDN) that manages all the malware signature files required to disinfect files on managed devices.
Configuring a proxy: If the OCM requires a proxy to access the service, the OCM server’s Subscription proxy configuration file is used.
If you have configured your network to use a proxy server, you must configure the proxy server subscriptions.
On the Primary Server on which the Ondemant Content Master is configured to run, navigate to the lpm-server.properties file.
Linux: /etc/opt/microfocus/zenworks/
Windows: %ZENSERVER_HOME%\conf
An example of the content within the lpm-server.properties file is displayed below:
Debug=false
TTL=24
subscription-proxyaddress=
subscription-proxyport=
subscription-proxyuser=
subscription-proxypassword=
subscription-useNTLM=false
Modify and save the file with the following subscription proxy details:
Set the value of subscription-proxyaddress to the IP address of the proxy server.
Set the value of subscription-proxyport to the port number of the proxy server.
(Conditional) If the proxy is authentication-based, set the value of subscriptionproxyuser to the name of the proxy user.
(Conditional) If the proxy is authentication-based, set the value of subscriptionproxypassword to the password associated with the proxy user name.
It is recommended to use the zman srpp command to specify an obfuscated password instead of specifying the raw password.
(Conditional) If the proxy server uses an NTLM realm, set the value of subscriptionuseNTLM to true. By default, the value is false.
Restart the ZENworks services.
Accessing the CDN: The following URL must be open to access the CDN: https://microfocus-2dcb60a8-26c9-4560-9cc2-34a16ea5f6e6.2d7dd.cdn.bitdefender.net
Proxy Server Settings: This setting is useful for restrictive environments where you do not want all of your production servers to have Internet access. For more information, see System Update Settings in the ZENworks System Updates Reference.
Information: while configuring, if the agent displays "You are at risk" alert message, then check the Troubleshooting section.