Buginess in regard to Cloud-Functionality

Hey there,

today I spent some time diving into Dashboard-Buginess. Let me explain a bit: the overall product installed on the single endpoint works as expected, protection rate is great and I’m really happy that avast took care of several threats crossing my way in the past months.

But when it comes to the cloud-functionality-part, there is some buginess involved which makes it hard to keep on going this road forever. Namely this is:

  1. like already stated it is possible that different machines are treated as the same instance by the cloud dashboard → seldom but persistent in the cases I witnessed, as i found a workaround for that it’s not too serious
  2. related issue: like others also have seen from time to time an instance seems to drop off the Dashboard (even though online all the time) and then maybe is rediscovered later with the same name - but the other instance stays in the dashboard with
  3. both of this effects grow in numbers the more machines are in one dashboard and the longer you have it running. After some while it’s hard to say what really is going on by looking on the dashboard which is not what you want for peace of mind
  4. What I found out today: if you really start using configuration templates on a broader scale (for exclusions in the scanning-engine in my case) it only works in a maybe 40/60 percentage OOTB. Don’t know if this changes with time but as already stated: this is not putting trust into the product, let alone functionality.

When looking in the C:\programdata\Avast Software\Avast\Log\AvastSvc.log

I see:

[2016-04-13 22:14:00.273] [info   ] [shepsync   ] [ 1380: 1356] Trying server IP address '77.234.43.107'
[2016-04-13 22:14:00.413] [info   ] [shepsync   ] [ 1380: 1356] Config file sucessfully updated
[2016-04-13 22:14:00.476] [info   ] [shepsync   ] [ 1380: 1356] Next config file update: 1460682880
[2016-04-13 22:14:00.600] [info   ] [shepsync   ] [ 1380: 1356] Wait interval 97240

on a “healthy” node, but never “successfully” on the others. I Reinstalled the product on 3 machines i found affected but also afterwards the configuration didn’t copy to the local installation. It seems that after activation the machines in question never really were able to sync their config (at least not in a timely manner, I’m talking hours here).

I can not find any useful hint on what might influence this odd behavior and that’s why would like the forum: is there any explanation for all this except for that it’s somehow by design? Is there anything in networking/Natting the outgoing connections to the cloud that might break things under certain circumstances?

I still don’t know what factors are taken into the creation of some unique Identifier of one machine, can someone shed a light on this?

Thanks for sharing your considerations and some hints and of course thanks to the developers that will maybe look for a solution.

Regards

IT-House

OK, as my first port is a bit negative and not precise, I want to sharpen things up:

  1. mainly I would like to understand how config is ought to sync from Dashboard to clients and why I see the behavior I see

First of all I tried to verify my assumptions and have to admit, that another system which is online 24/7 doesn’t sync more often than once a day.

So it is possible that a freshly installed instance does not sync for the first couple of hours but only after maybe a day based on some parameters it’s making up during installation? What are this parameters?

Is there a way to take care that an “initial config sync” takes place? Maybe one should do the config in the Dashboard first and only compile the installer afterwards? (didn’t give this a try yet)

Thanks for your tips and head-ups!

IT-House