Hi! We just got Avast ADNM/ASM running our computers, this software is great! Far better than the CA managed AV we’ve been using. Cheaper, faster, better…wow I can’t say enough.

Well anyway, I’ve been playing around getting deployment nailed down and I have a few post-deployment questions.

My first is what happens if a given computer’s IP changes after a discovery? I had a small problem with one of the PCs I tried to deploy to: the computer’s IP changed after discovery, or rather after I’d deployed NetClient to it. After the reboot it went from .84 to .151 (right now none of our computers have DHCP leases longer than when they are on the network, we’re changing our DHCP settings to allow for more than 255 devices, we will have 2 possibly 3 subnets once we’re done, and leases will be enabled again after we’ve made sure all computers have been rebooted, but that’s a lot of computers and since half of the building is a school and it’s summer a lot of the boxen haven’t been on since mid June…). I tried to rediscover but it still listed the PC as .84 and it wouldn’t list it as a licensed NetClient…it wouldn’t list that it had Avast at all.

I had to delete the computer’s entry in the catalog and then manually add it…a rediscovery wouldn’t even find it.

So my question is this: after deployment and reboot, if a computer receives a new IP (unlikely on networks with lease times) how can I force it to rediscover that computer and that computer only without deleting and recreating the entry? I don’t have a problem with rediscovering for recreating just a few entries but I don’t want to have to do this over many computers, especially if I have a number of groups under the catalog. Some of the computers we have still have a CA license and updates for a year, if this works out well enough we’re going to completely to Avast.

Also, after deployment how long should it take before the computer is seen by ADNM/ASM and updated to say that it contains a license?

Another question: can we uninstall Avast from computers like we can deploy it? Or do we have to go to each computer ourselves and uninstall it like we do CA? That’s a total pain with CA, as with CA we had to go to each computer individually to install it (after about 100 PCs that get’s really annoying…haha). Deploying is so much easier, and if it goes as well as it looks like it will we can just about do this one evening once everyone’s gone home.

Thanks for the time and the help…and the great product! Been using avast at home and on my families home PCs for about 2 years, I went to research new AV when we found out it was going to cost tons more money than avast it was a no brainer: I’d already been using the home product which ran great and after doing some research into the ADNM we couldn’t pass this up.

Hi! We just got Avast ADNM/ASM running our computers, this software is great! Far better than the CA managed AV we've been using. Cheaper, faster, better...wow I can't say enough.

Congratulations, and thanks for your choice.

My first is what happens if a given computer's IP changes after a discovery? I had a small problem with one of the PCs I tried to deploy to: the computer's IP changed after discovery, or rather after I'd deployed NetClient to it. After the reboot it went from .84 to .151 (right now none of our computers have DHCP leases longer than when they are on the network, we're changing our DHCP settings to allow for more than 255 devices, we will have 2 possibly 3 subnets once we're done, and leases will be enabled again after we've made sure all computers have been rebooted, but that's a lot of computers and since half of the building is a school and it's summer a lot of the boxen haven't been on since mid June...). I tried to rediscover but it still listed the PC as .84 and it wouldn't list it as a licensed NetClient...it wouldn't list that it had Avast at all.

As you’ve probably noted, the entry says “Last IP Address”. That is, we anticipate that the address may change (and of course, in DHCP based networks without fixed lease reservations, this is quite normal).

There are two things that need to be distinguished though: one is a machine entry after discovery, and one is a machine entry which communicates with the AMS. A machine entry after discovery’s “Last IP Address” entry has no big significance (it is a simple DNS lookup result; if DNS lookup fails, the entry is left blank). On the other hand, if the machine is already communicating with the AMS, the AMS knows the exact address the communication comes from, and this is what you see in the “Last IP Address” field.

If the machine is not communicating (and never communicated, i.e. shows that no managed product is installed on it), it’s probably a different problem. To analyse that problem, I’d need to see the contents of the error.log and warning.log files from the \data\log folder from that machine.

I had to delete the computer's entry in the catalog and then manually add it...a rediscovery wouldn't even find it.

Maybe the DNS lookup mentioned above is (for some reason) failing, and the Discovery task you have used does not have the “Include hosts with unresolvable IP addresses” property enabled?

Another thing is the IP address of the management server, of course. Like with most other server-type applications, it is always better to have a fixed IP. Is this the case in your network?

Also, after deployment how long should it take before the computer is seen by ADNM/ASM and updated to say that it contains a license?

Immediately after the reboot takes place. More specifically, as soon as the “avast! NetAgent” service starts on the machine.

Another question: can we uninstall Avast from computers like we can deploy it? Or do we have to go to each computer ourselves and uninstall it like we do CA? That's a total pain with CA, as with CA we had to go to each computer individually to install it (after about 100 PCs that get's really annoying...haha). Deploying is so much easier, and if it goes as well as it looks like it will we can just about do this one evening once everyone's gone home.

Yes, you can create an uninstallation task in the console and run it on any number of machines. Create a new task in the Deployment Tasks folder, and in the Task Type drop-down list, select “Uninstall managed product(s)”.

Thanks for the time and the help...and the great product! Been using avast at home and on my families home PCs for about 2 years, I went to research new AV when we found out it was going to cost tons more money than avast it was a no brainer: I'd already been using the home product which ran great and after doing some research into the ADNM we couldn't pass this up

Thanks again for your kind words. I hope the product will serve you well.

Vlk

Thanks for the quick reply!

That’s cleared some things up for me, I’ll have to try another few deployments and observe more carefully. A part of the reason that the computer may not have registered with AMS could have been that it’s wireless based, and since wireless generally is controlled in userland and isn’t typically started at boot Avast might have started and not been able to contact any network resources until I logged into it.

The first 50 IPs are reserved for static purposes; Items like servers, printers, switches and other network appliances. Not all of them are used of course so there’s a bit of a buffer there.

Next is the server’s Exchange and SMTP providers…I might be back.

Thanks again.

That's cleared some things up for me, I'll have to try another few deployments and observe more carefully. A part of the reason that the computer may not have registered with AMS could have been that it's wireless based, and since wireless generally is controlled in userland and isn't typically started at boot Avast might have started and not been able to contact any network resources until I logged into it.

Are you saying that the network connection on that machine does not work until you log on? That sounds quite strange; but if it’s WiFi based, you might be actually right… Anyway, a look at the logs should reveal the real cause.

Thanks
Vlk