Web Gateway download servers


Environment

McAfee Web Gateway (MWG)

Summary

MWG needs to access several download servers to get all needed files for engine, definition, and product updates. If an outbound firewall blocks access, MWG might not retrieve all needed data. This block can lead to failing updates or missing the latest available security signatures.

The following data is retrieved from the download servers:

  • URL Filter/TrustedSource
  • AV Engines (all)
  • Application Control Signature Sets
  • DLP
  • New product versions
  • Operating system upgrades
Download server maintenance down time
The download server infrastructure for MWG is a worldwide cluster with multiple servers. When McAfee must perform regular maintenance tasks on any of the download servers, they are taken out of the pool of available servers. This action prevents any impact on your local MWG appliances. Your appliance automatically picks another available download server.

If MWG is already pointing at the server that is being taken offline for maintenance, you might see a "red alert" in your Alerts Dashboard about a failed update. MWG immediately tries the next available download server in the list to make sure that your appliance stays up to date.

You can verify that the "red alert" can be ignored due to maintenance by filtering your Alerts Dashboard for the word Updater. If you see a green success message immediately following the red failure message, your update succeeded and there is no reason for concern.

Solution

Make sure that MWG can contact the following download servers using HTTPS (TCP/443):
 
tau.mcafee.com: 80.237.238.81, 217.172.176.87, 138.201.20.29
tau-europe.mcafee.com  161.69.161.30
tau-usa.mcafee.com  161.69.29.249
tau1-2.mcafee.com  80.237.238.82
tau1-3.mcafee.com 62.75.131.5
tau1-4.mcafee.com 138.201.20.49
tau-usa1.mcafee.com  64.34.163.238
tau-usa2.mcafee.com 8.21.163.5
tau-asia.mcafee.com     161.69.207.65
appliance.webwasher.com 64.34.186.62, 18.213.21.111 (US)
appliance1.webwasher.com 176.9.139.118; 18.194.36.155 (Germany)
appliance2.webwasher.com 52.193.50.118, 54.150.20.119 (Japan)
mwg-update.mcafee.com  multiple IP addresses (Content Delivery Network)

IMPORTANT: The IP addresses are subject to change. This article might not contain the latest updates. McAfee strongly recommends not configuring the download server IP addresses manually because IP address changes might prevent MWG from retrieving all needed files.

As a best practice, allow MWG to communicate to HTTPS services (TCP/443) for any destination. Or, it is possible to use a next-hop proxy in your network, which allows MWG to contact the download servers.