Protection Updates Delay enables OneView administrators to specify how long a Protection Updates version must be publicly available before endpoints are allowed to download it. Enabling this feature gives your systems a buffer, allowing them more time before updating to the latest version.
This feature only applies to Protection Updates. Endpoint Agent updates are handled differently. For more information, see Endpoint agent policy settings in OneView.
Your endpoints check in during system startup, before every scan, and at times set by the Protection Updates feature in the OneView platform. When endpoints check in with the servers for protection updates, the Protection Update Delay feature first verifies if the update is older than the delay time set in the Policy.
Note: This feature is available for Windows endpoints only.
How Protection Updates Delay interacts with Protection Updates
By default, OneView sets every endpoint to check into the servers every 1 hour for Protection Updates. If you turn on Protection Updates Delay for 1 hour, endpoints check in with our servers hourly, but any updates less than an hour old will not be downloaded. In short, your endpoints will download Protection Updates every hour, but each of those updates will be more than 1 hour old.
Important: Delays between Protection Updates may reduce the risk of encountering a false positive but increase vulnerability to zero-day threats. We recommend you assess your security posture before choosing to delay updates.