Using Disconnected Mode

If a Security Controls console is in disconnected mode it means it will not attempt to download newer definition files (engine components and data files). Disconnected mode is typically used by sites that require the use of fixed versions of data that have been approved for use. Disconnected mode is also useful if your security policy requires you to perform scans and deployments without downloading data files from the Web.

There are two ways to put the console into disconnected mode:

  • Select Tools > Auto-update definitions and make sure the command is not enabled
  • Select Tools > Options > Downloads and then clear the Auto-update definitions (before scans) check box

When the console is in disconnected mode the data files already resident on your local machine will be used during all scans and deployments. See Managing Data Files for more information.

Putting a console into disconnected mode does not necessarily mean that the console is disconnected from the Internet. That is a different scenario and is described in What is a Disconnected Console Configuration?. Also, disconnected mode has nothing to do with patches. If you are connected to the Internet or a designated distribution server, the console will download required patches even if Auto-update definitions is disabled.

Be Careful if Your Site Uses Agents

If you use agents you must be careful when putting your console into disconnected mode. If an agent contains newer definition files than the console, and that agent tries to report new results to the console database, the console will reject the updates. If this happens you will need to manually download new definition files and copy the files to the console's \DataFiles directory. If you are using a distribution server you must then manually synchronize the console with the distribution server.

To prevent this issue from happening in the first place, make sure your agents get their definition files from a distribution server and that the files on the distribution server exactly match the files being used by the console.

Possible Issue with .NET Framework Prerequisite

When you run in disconnected mode the console may not detect that the full version of .NET Framework is available. See Installing the Prerequisites for a link to use to download the full version of .NET Framework.