Symantec Control Compliance Suite for Vulnerability Manager (CCS VM) remote Scan Engines fail to receive the latest Rapid 7 updates.
Last Updated November 11, 2014
You received a patch from Rapid 7 update servers but were unable to get the CCS VM Console to send the latest Rapid 7 updates to any CCS VM remote Scan Engine. The local CCS VM Console and local Scan Engine updated successfully.
A CCS VM Console pop-up error message when clicking on the update button for a target Scan Engine:
Could not update scan engine (scan-engine name).
com.rapid7.updater.UpdateException: Please try updating this Scan Engine later. An update is in progress for another Scan Engine.
All of the remote Scan Engines were cloned VMware virtual machines from the same image and same Scan Engine installation. Each Scan Engine installation is to have its own unique serial number. Once the first remote Scan Engine had been updated for that serial number, all other cloned Scan Engines would not be updated. The CCS VM Console stores each serial number so that it can check to see if a target Scan Engine has been updated. These serial numbers are part of the internal security software used by CCS VM to thwart man-in-the-middle attacks. Hence, no further updates are pushed out to all other remote Scan Engines as they have an identical serial number. As the local Scan Engine is installed before remote Scan Engine installations can begin, the local Scan Engine already has its own unique serial number so it always updated without error.
All remote Scan Engines that contain the same serial number due to VMware cloning of the same image must have the Scan Engine uninstalled, reinstalled, and paired to the CCS VM Console again. During the pairing process of these re-installed Scan Engines each of the Scan Engines will receive their own unique serial number which can then be properly recognized by the CCS VM Console.
Microsoft Windows Server 2008 R2 CCS Vulnerability Manager 10.0.6
Imported Document ID: TECH210454
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe