Adaptive Defense 360 lets you assign the cache role to one or more computers on your network. These computers will automatically download and store all files required so that other computers with Adaptive Defense 360 installed can update their signature file, agent and protection engine without having to access the Internet. This saves bandwidth as it won't be necessary for each computer to separately download the updates they need. All updates are downloaded centrally for all computers on the network.Cached items
A computer with the cache role assigned can cache the following items for different time periods
based on their type:
Cache node capacity
- Signature files: until they are no longer valid.
- Installation packages: until they are no longer valid.
- Update patches for Panda Patch Management: 30 days.
The capacity of a cache node is determined by the number of simultaneous connections it can accommodate in high load conditions and by the type of traffic managed (signature file downloads, installer downloads, etc.). Approximately, a computer with the cache role assigned can serve around 1,000 computers simultaneously. Configuring a computer as a cache
Revoking the cache role
- Click the Settings menu at the top of the console. Then, click Network services from the menu on the left and select the Cache tab.
- Click Add cache computer.
- Use the search tool at the top of the screen to quickly find those computers you want to designate as cache.
- Select one of more computers from the list and click OK.
From then on, the selected computer will have the cache role and will start downloading all necessary files, keeping its repository automatically synchronized. All other computers on the same subnet will contact the cache computer for updates.
- Click the Settings menu at the top of the console. Then, click Network settings from the side menu and click the Cache tab.
- Click the trash icon of the computer that you want to stop acting as a cache.
Configuring downloads via cache computers
There are two ways to use computers with the cache role:
Requirements for using a cache computer in automatic mode
- Automatic mode: the computer that starts the download will use the cache computers found on the network that meet the requirements specified in section “Requirements for using a cache computer in automatic mode”. If multiple cache computers are found, downloads will be balanced so as not to overload a single cache computer.
- Manual mode: in this mode, it is the administrator who manually sets the cache computer that will be used to download data from Panda Security‘s cloud. Manually selected cache nodes have the following differences from automatically selected ones:
- The administrator can choose any computer on the network with the cache role, regardless of the subnet it belongs to.
- The fact that a computer has multiple cache nodes assigned does not mean that downloads will be shared among them.
- If the first computer in the list is not available, the solution will move to the next computer until it finds one that works. If it cannot find any available computers, it will try to access the Internet directly.
NOTE: For a computer to connect to a cache node in manual mode, both computers must have TCP port 18226 open in both directions of the communication.
Discovery of cache nodes
- Unlike the manual mode, in the automatic mode, the scope of the computer with the cache role is restricted to the network segment to which its network interface is connected. If a cache computer has several network interface cards, it can serve as a repository on each network segment to which it is connected.
NOTE: It is advisable to designate a computer with the cache role on each network segment on the corporate network.
- All other computers will automatically discover the presence of the cache node and will redirect their update requests to it.
- A protection license has to be assigned to the cache node in order for it to operate.
- The firewall must be configured to allow incoming and outgoing UPnP/SSDP traffic on UDP port 21226 and TCP port 3128.
As soon as you designate a computer as cache, it will broadcast its status to the network segments to which its interfaces connect. From then on, all workstations and servers set to automatically detect cache nodes will receive that notification and will connect to the cache computer. Should there be
more than one designated cache node on a network segment, all computers on the subnet will connect to the most appropriate node based on the amount of free resources it has. Additionally, from time to time, all computers on the network set to automatically detect cache nodes will check to see if there are new nodes with the cache role.Configuring assignment of cache nodes
- Click the Settings menu at the top of the console. Then, click Network settings from the side menu and select one of the existing settings profiles.
- Go to the Cache section and select one of the following two options:
- Automatically use the cache computers seen on the network: the computers that receive these settings will automatically look for cache nodes on their network segment.
- Use the following cache computers (in order of preference): click the icon to add computers with the cache role assigned and set up a list of cache nodes. The computers that receive these settings will connect to the cache nodes specified in the list in order to download files.