Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Premier Sign In Partner Program Sign In

Article Number: 000126416

How to Determine the Signature Version for VMware Carbon Black

Summary: How to find out what the latest virus definition for VMware Carbon Black is and what the current installed virus definition is on an endpoint.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Instructions

Affected Products:

  • VMware Carbon Black

This article discusses how to check the local signature version for VMware Carbon Black. VMware Carbon Black uses a technology that is called Virus Definition Files (VDF) to load signatures for use locally. Several methods are available to validate the latest VDF version and the VDF version that is installed on an endpoint.

Table of Contents

How to check the latest VDF Version available online

To verify the latest VDF version available and the Published Date open the link below:
https://www.carbonblack.com/vdflookup/ This hyperlink is taking you to a website outside of Dell Technologies.

VDF History Search Page

Back to Top

How to check the current VDF version on an endpoint using the VMware Carbon Black Cloud console

It is possible to verify the VDF version that is installed on a specific endpoint following the steps below:

  1. Log in to the Carbon Black Cloud console.
  2. Go to Endpoints page:
    Click Endpoints
  3. Search for a specific endpoint by name or using the available filters:
    Search for endpoint
  4. Hover the hover over the sign in the SIG column and wait for the text to appear showing the VDF Version installed on the endpoint:
    Hover over SIG field

Back to Top

How to check the local installed VDF version on an endpoint

With online access not always being available, it is possible to check the local signature version on the endpoint through RepCLI. Approved administrators through CLI_USERS do not have to have been set to leverage this method.

  1. Log in to the endpoint with an administrative user.
  2. Right-click Start > Run.
  3. In the Run dialog box type cmd and click OK to open a Command Prompt:
    Run cmd
  4. Browse to the folder C:\Program Files\Confer typing the command: 
    cd C:\Program Files\Confer
  5. To check the VDF version run the command below: 
    Repcli status

    The Local Scanner Version correlates to the version of the VDF files on the endpoint.
    Run commands in Command Prompt
    Note: If a policy disables On-Access Scanning, or if no signature files have been updated on the endpoint, the Local Scanner Version may be blank.

Back to Top

How to force the VDF version to update using RepCLI

To update the local signature version on the endpoint through RepCLI Follow the below steps.

  1. Log in to the endpoint with an administrative user.
  2. Right-click Start > Run.
  3. In the Run dialog box type cmd and click OK to open a Command Prompt:
    Run cmd
  4. Browse to the folder C:\Program Files\Confer typing the command: 
    cd C:\Program Files\Confer
  5. To update the VDF version, run the command below: 
    Repcli updateavsignature -wait

    Run commands in Command Prompt

Back to Top

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Article Properties

Affected Product

VMware Carbon Black

Last Published Date

08 Aug 2024

Version

11

Article Type

How To

Back to Top