1. Technical Field
The present disclosure relates to a push update system for a security system.
2. Description of the Related Art
Network perimeter security systems are installed at the edge of local and wide area networks of entities to protect the networks from being compromised by external networks. For instance, a connection to the Internet may be protected by a number of machines including a security server connected directly to the Internet, to protect against a wide variety of Internet threats, such as viruses, worms, trojans, phishing, spyware, SPAM, undesirable content and hacking. Configuration files of the security server include signatures or pattern files that are used as a basis to detect the threats and need to be updated on a regular basis. Given the frequency with which Internet threats change and are created, it is a significant challenge to ensure that the security servers are updated in a regular and timely manner. Security organizations, such as Symantec Corporation, Trend Micro Incorporated and Kaspersky Laboratories, release notifications and data that are used to compile signatures for threats on a frequent basis (hourly or in some cases more frequent), requiring configuration files in large numbers of security servers to be correspondingly updated around the world.
Most security servers maintain or update their signature files by polling master or central servers for updates. This pull based approach means that the security servers will be on average out of date by the time of propagation of the update, from the polled server to the security server, in addition to half the time between polls. The propagation delay may also increase significantly when congestion occurs given thousands of machines located around the world may be polling the same server for an update. Also the master or central server normally relies upon the polling server to advise of a polling server's current configuration or otherwise determine the updates that are required. The master server usually does not maintain any information regarding the configuration of the security servers. This communications requirement involves a further overhead that impacts on the efficiency of the update process. Also this requirement for bidirectional communication between the polling and master servers gives rise to significant difficulties when updates need to be performed at locations where the network connections, particularly the Internet connections, are not stable and are prone to failure.
Accordingly, it is desired to address the above or at least provide a useful alternative.