When accessing Windows update through a SonicWall firewall, Windows Update or WSUS may fail to download updates. The event log entry may look something like this:
Description: Content file download failed. Reason: The server does not support the necessary HTTP protocol. Background Intelligent Transfer Service (BITS) requires that the server support the Range protocol header
This is caused by the default settings for the gateway antivirus service enabled on the Sonicwall.
To get around this issue, you need to access the hidden diagnostic page in the SonicWall managament site. To get there, log on to your SonicWall and then replace the trailing “main.html” in the URL with “diag.html” and hit enter. On this page, you need to adjust the settings on the following two items:
enable FTP ‘REST’ requests with Gateway AV
enable HTTP Byte-Range requests with Gateway AV
Updates should now flow through the SonicWall.
NoNav is a utility provided by Symantec tech support. Sometimes, a Symantec Corporate AntiVirus installation fails for a client, and one of the recommended remediation practices is to remove the app manually. The problem with doing this is the number of steps in the process, including visiting hundreds of locations in the Windows registry to see if certain keys exist and if so, deleting them. For one box, this is a process. For five boxes, this is a project. You could try scripting this, or you can contact Symantec Tech support and get a copy of NoNav. This utility- Current Version 2.6- will clean out most of the settings left by Symantec Corporate versions 4,5,6,7,8,9,and 10. It should be noted that Norton (retail) products are not covered with the NoNav tool.
Running Nonav is simple, click on the executable file and it will ask for some input about what you would like to remove- Live update, virus definitions, etc. Some other input is required, options for scanning for .msi leftovers, rebooting the box at program end, and more. Each of these choices has an explanation and a recommended or not recommended note to guide the user. Let the program do some work, and if you have selected the option to do so, the machine will reboot automatically.
After the machine comes back up, you want to delete some directories left behind. These are outlined in the readme file included with NoNav- Symantec’s install directory, some shared file locations and some staging areas. Kill any that you find. Finally, delete everything in the system’s Temp directory (start, run, %TEMP%). Reboot again, and you can now reinstall the latest version of SAV and patch it to the right level.
NoNav can be acquired from Symantec Tech Support. If you have a valid support contract, call in and the technician will provide a link to download the latest version.