Does anyone know much about Apple’s software update server mechanism?
Here’s my situation: I have a very large enterprise client with a small Mac-based design department that I support as a contractor. The client’s IT department recently implemented some new thing where (this is what seems to be happening, at least) any file downloaded from the web is downloaded in its entirety first to a ‘holding pen’ where it is checked for malware, then it is passed on to the requesting machine if it is clean.
In most cases this works just fine, but for larger Apple software updates (bigger than about 20MB or so), Software Update times out. The Software Update service running on their in-house OS X Server has also been broken by this change.
I am going to try to get the Apple update servers exempted from this holding pen mechanism, and right now I’m gathering info on which ones I’ll need. So far the only ones I’ve been able to find are swdownload.apple.com (17.250.248.91), swquery.apple.com (17.250.248.93), and swscan.apple.com (17.250.248.95). I read that for downloading the actual updates Akamai’s servers are used– so I guess my main questions are 1) is that true? and 2) if so, how exactly do I handle that? I don’t think asking this IT department to exempt “*.akamai.com” from their filtering will fly.
Failing getting the appropriate servers exempted, is there a way to adjust the timeout on Software Update so it waits long enough for the bigger updates to pass through the holding pen before giving up?
TIA
.
