How to Determine the Signature Version for VMware Carbon Black
Resumen: How to find out what the latest virus definition for VMware Carbon Black is and what the current installed virus definition is on an endpoint.
Instrucciones
Affected Products:
- VMware Carbon Black
This article discusses how to check the local signature version for VMware Carbon Black. VMware Carbon Black uses a technology that is called Virus Definition Files (VDF) to load signatures for use locally. Several methods are available to validate the latest VDF version and the VDF version that is installed on an endpoint.
Table of Contents
- How to check the latest VDF Version available online
- How to check the current VDF version on an endpoint using the VMware Carbon Black Cloud console
- How to check the local installed VDF version on an endpoint
- How to force the VDF version to update using RepCLI
How to check the latest VDF Version available online
To verify the latest VDF version available and the Published Date open the link below:
https://www.carbonblack.com/vdflookup/
How to check the current VDF version on an endpoint using the VMware Carbon Black Cloud console
It is possible to verify the VDF version that is installed on a specific endpoint following the steps below:
- Log in to the Carbon Black Cloud console.
- Go to Endpoints page:
- Search for a specific endpoint by name or using the available filters:
- Hover the hover over the sign in the SIG column and wait for the text to appear showing the VDF Version installed on the endpoint:
How to check the local installed VDF version on an endpoint
With online access not always being available, it is possible to check the local signature version on the endpoint through RepCLI. Approved administrators through CLI_USERS do not have to have been set to leverage this method.
- Log in to the endpoint with an administrative user.
- Right-click Start > Run.
- In the Run dialog box type cmd and click OK to open a Command Prompt:
- Browse to the folder C:\Program Files\Confer typing the command:
cd C:\Program Files\Confer
- To check the VDF version run the command below:
Repcli status
The Local Scanner Version correlates to the version of the VDF files on the endpoint.
Note: If a policy disables On-Access Scanning, or if no signature files have been updated on the endpoint, the Local Scanner Version may be blank.
How to force the VDF version to update using RepCLI
To update the local signature version on the endpoint through RepCLI Follow the below steps.
- Log in to the endpoint with an administrative user.
- Right-click Start > Run.
- In the Run dialog box type cmd and click OK to open a Command Prompt:
- Browse to the folder C:\Program Files\Confer typing the command:
cd C:\Program Files\Confer
- To update the VDF version, run the command below:
Repcli updateavsignature -wait
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.