Root Gather Issues: KBs for September+ not found in system - AirGapped

Hello,
Need help regarding, KBs for month of September and future months cannot found in system in windows patch wizard. I can only see/find KBs for August. Where can I start checking for resolution?

Thanks

Can you provide examples? Screenshots?

Check to make sure your server is gathering the sites from IBM properly.

Sorry but I’m a bit new to IEM/Bigfix, I just took over the previous admin, here is a screenshot of the windows patch wizard, I only get patch for august.


let me know if you need more screenshot.

Thanks

What version of the Patches for Windows (English) site do you have in your console?

You can find the current version through Sites -> External Sites -> Patches for Windows (English) … it should be version 2350 or higher.


This is what the wizard looks like for me:

The version is 2306. How can I update the site, the server has no internet connection.

Thanks

There are 2 options:

  1. Configure the BigFix root server to use a Proxy server to reach the internet. The proxy can be set up to only allow traffic from the root to a very small number of urls, most importantly sync.bigfix.com
  2. The other option is to use the AirGap tool.

Ok. I will try the airgap tool. Thanks a lot. I will give feedback once done. Thanks again.

1 Like

Do you know if you BigFix server has access to the internet ?
If so then by default the system gathers the latest version of the sites.
Check the GatherDB service (windows) or process (linux) logs.
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli+Endpoint+Manager/page/Common+File+Locations

It sounds like the root server in question does not have internet access at all.

Sorry for the late reply, yes, jgstew you are right, the server has no internet and using proxy server won’t do any help, and I think that using airgap would take some time since it will fetch all updates. any other suggestions beside the two option? the last thing I would probably do is the airgap.

As far as I know the AirGap tool or a Proxy or a real internet connection are the only options.

You might be able to use the AirGap tool to get only the site updates that would normally be gathered and not all of the files, but I have never used it and have no clue.

Personally I think a Proxy that only allows outgoing traffic to a whitelisted set of sites is the most secure option.

See the proxy related settings here: Client Settings

ok. I will take note of what you have suggested and will try to coordinate with the team. Thanks for the tips.