Update
In the General > Agent > Update section of the policy, you can configure update settings for Bitdefender security agents, Security Server instances, and security content.
Updates are very important as they allow countering the latest threats. Bitdefender publishes all product and security content updates through the Bitdefender servers on the internet. All updates are encrypted and digitally signed so that they cannot be tampered with.
Update process flow
When a new update is available, the Bitdefender security agent and the Security Server check the digital signature of the update for authenticity, and the contents of the package for integrity.
Next, each update file is parsed and its version is checked against the installed one.
Newer files are downloaded locally and checked against their MD5 hash to make sure they are not altered.
Product update
Bitdefender security agent and the Security Server check for, download, and install updates at the frequency you configure. By default, this process occurs once every hour. Automatic updates run silently in the background.
Click the toggle to configure the product update settings.
Scheduler
To configure the automatic update recurrence for Bitdefender security agents and Security Server instances, use the following options:
Recurrence
Hourly - Updates are installed at intervals of one hour or more, as specified in the Check for updates every field.
Daily - Updates are installed every day during the interval defined in the Update window option (for example, between 18:30 and 20:30, local time of the endpoint).
Weekly - Updates are installed on specific days of the week. On those days, you can also define the interval in the Update window option.
Check for updates every - Specify the interval, in hours, at which security agents and Security Server instances check for updates. For example, setting 18 hours means the system will check for updates once every 18 hours.
Endpoint reboot scheduler
Some updates on Bitdefender security agents require a system restart to install and work properly. By default, agents continue to run with the old files until the endpoint is restarted, at which point the latest updates are applied.
You can configure the following options:
Postpone reboot - When enabled, a notification appears in the user interface prompting the user to restart the system whenever an update requires it.
It is recommended to keep this option selected. Otherwise, the system will automatically restart after installing an update that requires it. Users will be notified to save their work, but the restart cannot be canceled.
Reboot time (if needed) - When enabled, you can define a fixed time when endpoints will restart automatically if required. This option is useful for servers or other endpoints where you want restarts to occur outside business hours.
Choose whether the restart occurs daily or on a specific day of the week, during the specified time interval.
For more control over when changing the configuration and updating the staging process, you can configure the BEST agent on your Linux machines to execute EDR kernel module updates via Product update.
Security Server reboot scheduler
Some updates for Security Server instances require a restart to install and function properly. By default, Security Servers continue running with the old files until they are restarted.
You can configure the following options:
Reboot time (if needed) - When enabled, you can define when Security Servers restart automatically if required.
Recurrence - Choose whether the restart occurs daily or on a specific day of the week.
Reboot window - Set the time interval during which the restart should occur (for example, between 23:00 and 23:59, local time of the Security Server).
The reboot window must be at least 30 minutes.
A Security Server restarts only when its status is Pending restart in the Pending activity column, on the Network page. If multiple Security Servers are deployed, they restart one by one at different times within the defined reboot window to ensure continuous scanning.
Security content update
Click the toggle to enable the security content update settings.
Security content refers to static and dynamic means of detecting threats, such as, but not limited to, scan engines, machine learning models, heuristics, rules, signatures, and blacklists.
Bitdefender security agent automatically checks for security content update every hour (default setting). Automatic updates are performed silently in the background.
To change the automatic update recurrence, choose a different option from the menu and configure it according to your needs in the subsequent fields.
Note
Security content updates are automatically performed with each product update to ensure optimal performance.
Update locations
Bitdefender security agent’s default update location is https://update-cloud.2d585.cdn.bitdefender.net.
Note
Update locations upgrade.bitdefender.com and update.cloud.2d585.cdn.bitdefender.net are used as a fallback.
To add an update location:
Add an update location either by choosing the predefined locations from the drop-down menu or by entering the IP or hostname of one or several update servers in your network.
Configure their priority using the up and down buttons displayed on mouse-over. If the first update location is unavailable, the next one is used.
To set a local update address, enter the address of the update server in the Add location field.
You can:
Choose a predefined location:
Relay Servers - The endpoint will automatically connect to its assigned Relay Server. You can check the assigned Relay Server in the Information window. For more details refer to Viewing Computer Details.
Warning
Relay Servers are not supported on legacy operating systems.
https://update-cloud.2d585.cdn.bitdefender.net- This is the Bitdefender default update location, from where Bitdefender delivers updates.This update location should always remain the last option in the list.
Warning
Disabling the fallback location will stop automatic updates, leaving your network vulnerable when the provided locations are unavailable.
If client computers connect to the local update server through a proxy server, select Use Proxy.
Click the
Add button.
To change the priority of the defined update locations, drag and drop each entry in the table in the preferred order.
To edit an update location:
Click the
Edit button in the table:.Make these changes:
Edit the server name.
Select or deselect the proxy.
Click the
OK button to save the changes.Click the
Cancel button to discard the changes.
To remove a location from the table, click the 
Delete button in the table. Although you can remove the default update location, this is not recommended.
Update ring
You can roll out product updates in phases, using update rings:
Production ring. The endpoints with a Production ring policy will receive the updates as configured on the Update staging page.
Test ring 1. The endpoints with a Test ring 1 policy will receive the updates as configured on the Update staging page.
Test ring 2. The endpoints with a Test ring 2 policy will receive the updates as configured on the Update staging page.
Fast ring. The endpoints with a Fast ring policy will receive the newest available updates. This setting is recommended for the non-critical machines in production.
Slow ring. The endpoints with a Slow ring policy will receive updates at a later date, depending on the response received from the fast ring endpoints. It is a precautionary measure in the update process. This is the default setting.
Important
In the unlikely event that an issue occurs on the fast ring on machines with a particular configuration, it will be fixed before the slow ring update.
Note
For details about Production ring, Test ring 1, and Test ring 2, refer to Update staging.