Validation or download servers
Problem description
Some users of Norman's software have strict rules regarding http (web) access through their firewalls. Only particular IP addresses and/or computer names are allowed to be accessed. This means that the servers involved in an update of Norman's software have to be allowed access through the firewall(s) in order to update successfully.
Problem solution
There are two different type of servers involved in an Internet update of Norman's software - the validation servers (that check the authentication key) and the download servers. All of these have to be accessable.
The current validation servers
- IP 193.69.114.11 - DNS name: niuone.norman.no
- IP 193.69.114.11 - DNS name: niusix.norman.no
- IP 193.69.114.12 - DNS name niutwo.norman.no
- IP 193.69.114.15 - DNS name niufour.norman.no
- IP 193.69.114.15 - DNS name niuseven.norman.no
- IP 193.69.114.16 - DNS name niuthree.norman.no
- IP 193.69.114.19 - DNS name niunine.norman.no
- IP 81.93.161.138 - DNS name niufive.norman.no
- IP 81.93.161.138 - DNS name niueight.norman.no
The current download servers
After a request from the Norman Internet Update has validated successfully the download servers are contacted to check if any new program modules are available.
The computer names used as name for the download servers are download.norman.no and normanasa.vo.llnwd.net. However, these computer names resolve to potentially more than 10.000 different IP addresses depending e.g. on the client's geographical location and when one tries to update the Norman installation.
This will be a problem for those who restrict access through the firewall based on IPs as it will be impossible to keep more than 10.000 different IPs updated constantly.
There is a workaround regarding this. However, we recommend that this is used by care, as it will depend on the fact that the particular download server is accessable at any point in time when one tries to update Norman's software using Norman Internet Update.
Such a restriction does not apply in a normal update situation.
This is what customers who deploy such restrictive rules on the update computer(s) must do:
- Do a DNS lookup to the server download.norman.no and normanasa.vo.llnwd.net
The IPs that are resolved should be the download servers best suited for the customer in question at that point in time.
Example: 194.176.73.151 and 87.248.201.33 (these IPs are valid download servers that may be used, though they will probably not be the best ones for most customers) - Open the firewall for the IP addresses resolved.
- Edit the hosts file(s) on the computer(s) that shall be able to download updates.
Add the following lines to the computer's hosts file
'local_download_server_IP1' download.norman.no
'local_download_server_IP2' normanasa.vo.llnwd.net
Relevant products
Norman Antivirus & Antispyware (Home)Norman Endpoint Protection (Enterprise)
Norman Endpoint Protection (SMB)
Norman Network Protection (Enterprise)
Norman Network Protection (SMB)
Norman Network Protection Appliance (Enterprise)
Norman Network Protection Appliance (SMB)
Norman Network Protection for Collaboration Servers (Enterprise)
Norman Network Protection for Collaboration Servers (SMB)
Norman Parental Control (Home)
Norman Personal Firewall (Home)
Norman Security Suite (Home)
Norman Virus Control (Enterprise)
Norman Virus Control (SMB)
Norman Virus Control for AMaViS (Enterprise)
Norman Virus Control for AMaViS (SMB)
Norman Virus Control for Linux (Enterprise)
Norman Virus Control for Linux (SMB)
Norman Virus Control for Novell Netware (FireBreak) (Enterprise)
Norman Virus Control for Novell Netware (FireBreak) (SMB)
Norman Virus Control single user (Home)