Create a Post
Showing results for 
Search instead for 
Did you mean: 

Dynamic package

6 1 997
Dynamic package

Introducing the SandBlast Agent's Dynamic package.

Starting version R80.40 & E82.40 we've introduced a new feature - "Dynamic Package", it introduces a few new benefits you did not have before.

  • You can use a single package for all types of Windows Endpoints 
    • Export a single package for any CPU (32bit and 64bit)
  • You control the size of the exported package:
    • Select any set of blades, the exported package will include only the required binaries.
    • Select which pre-requisites to install on the endpoint.
    • Decide if to update anti-malware signatures upon install
    • Client upgrade: download only the files that were changed

A few examples/statistics (Figures may vary between different deployments and are only used as reference)

Selected blades

Dynamic Package – Fresh install

Dynamic Package – Client Upgrade

Monolithic package – fresh and upgrade

All blades

~ 650 MB

~ 450 MB no .NET

~ 350 MB no signatures

~ 150 MB

650 MB (Full package)


~ 150 MB

~ 50 MB

200 MB (Threat Prevention package)

FDE Only

~80 MB no .NET

~ 30 MB

270 MB (Data protection package)


~ 106 MB

~ 40 MB

270 MB (Data protection package)


~ 230 MB

~ 80 MB

650 MB (Full package)

Anti-malware, VPN, MEPP

~ 128 MB no .NET, no signatures

~ 412 MB including signatures

~ 60 MB

650 MB (Full package)

1 Comment

That's really good, a very useful and logical step forward.

It has long been irritating to me that if I want to add VPN to the Threat protection and compliance blades (for example) I get a lot more than I need in the exported package. It's great to have that addressed in this way - and much more logical when demonstrating to a customer who is not familiar with this solution.

A couple of questions:

1. Have you incorporated any additional VPN settings (Always connect, Secure Domain Logon, Cache location awareness, Location awareness settings) into the EPM server for central management yet, or are we still having to create custom trac files? New users are always asking me why this is such a clunky manual process and why the central server cannot configure these at package distribution time.

2. One of the reasons I don't currently use a package export has now (because of this change) been resolved - thank you very much! One of the others is that any exclusions in the malware checking do not get applied until the policy is pulled down so if (for example) a company uses Dameware then it will get some of its DLLs quarantined before the policy arrives with the exceptions. Has this been addressed at all in this release?