1. Manuals
  2. Brands
  3. ESET Manuals
  4. Software
  5. GATEWAY SECURITY
  6. Installation manual

ESET GATEWAY SECURITY Installation Manual

Hide thumbs Also See for GATEWAY SECURITY:
Table of Contents

Advertisement

Quick Links

Download this manual
w e p r o t e c t d i g i t a l w o r l d s
ESET Gateway Security
Installation Manual
and User's documentation

Advertisement

Table of Contents
loading

Related Manuals for ESET GATEWAY SECURITY

Summary of Contents for ESET GATEWAY SECURITY

  • Page 1 ESET Gateway Security Installation Manual and User’s documentation...

  • Page 2: Table Of Contents

    Appendix A. PHP License ..............37 ESET Gateway Security Copyright © 2008 ESET, spol. s r.o. ESET Gateway Security was developed by ESET, spol. s r.o. For more information visit www.eset.com. All rights reserved. No part of this documentation may be reproduced,...

  • Page 3: Introduction

    Chapter 1: Introduction...
  • Page 4 Dear user, you have acquired ESET Gateway Security - probably the best security system running under the Linux/BSD/Solaris OS. As you will soon find out, the system using the state- of-the-art ESET scanning engine, has unsurpassed scanning speed and detection rate, combined with a very small footprint that makes it the ideal choice for any Linux/BSD/Solaris OS server.

  • Page 5: Terminology And Abbreviations

    Chapter 2: Terminology and abbreviations...
  • Page 6 ESETS ESET Security is a common acronym for all security products developed by ESET, spol. s r.o. for Linux OS, BSD OS and Solaris. It is also the name (or its part) of the software package containing the products.
  • Page 7 NetBSD: /usr/pkg/bin Solaris: /opt/esets/bin ESETS system binary files directory The directory where the relevant ESET File Security system binary files are stored. Further in this documentation we use abbreviation @SBINDIR@ for the directory. The directory location is as follows: Linux: /usr/sbin...

  • Page 9: Installation

    Chapter 3: Installation...
  • Page 10 00:00:00 esets_daemon where at least two ESETS daemon processes running in the background have to be present. One of the processes is so-called process and threads manager of the system. The other serves as ESETS scanning process. ESET Gateway Security...

  • Page 11: Product's Roadmap

    Chapter 4: Product’s Roadmap...
  • Page 12 The structure of ESET Gateway Security is shown in the figure 4-1. The system is composed of the following components. CORE Core of ESET Gateway Security consists of ESETS daemon esets_daemon. The daemon uses ESETS API library libesets.so and ESETS loading modules em00X_xx.dat to provide base system tasks: scanning, maintenance of the agent daemon processes, maintenance of the samples submission system, logging, notification, etc.. Please refer to esets_daemon(8) manual page for...
  • Page 13 @ETCDIR@/esets.cfg This is the most important configuration file as it maintains the major part of the product functionality. After exploring the file you can see that it is built from various parameters distributed within sections. Note the section names always enclosed in square brackets. In the ESETS configuration file there is always one global and several so-called agent sections.

  • Page 15: Integration With Internet Gateway Services

    Chapter 5: Integration with Internet Gateway services...

  • Page 16: Transparent Http/Ftp Proxy Configuration

    HTTP (resp. FTP) communication with the outbound servers is routed via network gateway server where ESET Gateway Security must be installed in order to scan the communication for infiltrations. For this purpose, a generic ESETS HTTP (resp. FTP) filter - esets_ http (resp.

  • Page 17: Manual Http/Ftp Proxy Configuration

    The manual HTTP/FTP proxy configuration of esets_http with the Mozilla Firefox is described in general by the left side of the figure 4-2. Note that this configuration allows to install ESET Gateway Security anywhere within the local network including gateway server and also user agent’s computer.

  • Page 18: Manual Proxy Configuration Of Squid Web Proxy Cache

    The significant difference from the previously described configuration is that the ESET Gateway Security is installed in HTTP/FTP Gateway between proxy cache (Squid Web Proxy in this example) and the Internet. Thus all the HTTP/FTP responses incoming to the network are first scanned for infiltrations and afterward stored in the network dedicated cache, i.e.

  • Page 19: Large Http Objects Handling

    If the object has been found as infected the last part of the object (current version of ESET Gateway Security defines last part as last 4KB of object’s data) is not sent to the awaiting end-point and the connection with the end- point is dropped.

  • Page 20: Esets Plug-In Filter For Safesquid Proxy Cache

    ‘Select a Section to Configure‘ until ‘ESET Gateway Security‘ section found. Next, create the ‘antivirus‘ profile for the ‘ESET Gateway Security‘ section by pressing ‘Add‘ at the bottom of the ‘ESET Gateway Security‘ section and define the following parameters in the list that appears...
  • Page 21 Mime type: text/html Response code: 200 Type: File Parsable: Yes resp. for not-scanned ESETS blocking page the list is as follows: Comment: ESET Gateway Security not scanned template Name: esets_not_scanned File: ssfi_not_scanned.html Mime type: text/html Response code: 200 Type: File Parsable: Yes For reread of newly created configuration, reload SafeSquid and also ESETS daemon.

  • Page 23: Important Eset Gateway Security Mechanisms

    Chapter 6: Important ESET Gateway Security mechanisms...

  • Page 24: Handle Object Policy

    Thus in this section we will only provide short example of user specific configuration definition. Let’s say we use esets_http to control HTTP traffic on port 8080 of the gateway server with local network IP address 192.168.1.10. The module is subjected to configuration section [http] in ESET Gateway Security...

  • Page 25: Black-List And White-List

    ‘esets_http_spec.cfg’ introduced in the previous section. [black-list] action_av = ”reject” The next step is to add some HTTP server into the ‘black-list’ group. For this purpose we have to create special section [aaa.bbb.ccc.ddd] parent_id = ”black-list” chapter 6 Important ESET Gateway Security mechanisms...

  • Page 26: Samples Submission System

    In order to turn on Samples Submission System, the samples submission system cache has to be initialized. This can be achieved by enabling configuration option ‘samples_enabled’ in [global] section of ESETS configuration file. In order to enable process of samples delivery to ESET virus laboratory servers it is yet necessary to enable parameter ‘samples_send_enabled’ in the same section.

  • Page 27: Remote Administration

    6.6 Remote Administration ESETS supports ESET Remote Administration for management in large computer networks. For more information, please read the Remote Administration Manual. ESETS Remote Administration Client is part of main ESETS daemon. For basic set up, specify the address of your ERA Server in ‘racl_server_addr‘ parameter (and ‘racl_password‘ if...

  • Page 29: Eset Security System Update

    Chapter 7: ESET Security system update...

  • Page 30: Esets Update Utility

    7.1. ESETS update utility In order to keep the ESET Gateway Security effective, it is necessary to keep its virus signatures database up to date. The esets_update utility has been developed for this purpose (see esets_update(8) manual page for details). In order to launch update one has to define configuration options ‘av_update_username‘ and ‘av_update_password‘ in [global] section of ESETS configuration file.

  • Page 31: Let Us Know

    Chapter 8: Let us know...
  • Page 32 Dear user, this guide should have given you a good knowledge about the ESET File Security installation, configuration and maintenance. However, writing a documentation is a process that is never finished. There will always be some parts that can be explained better or are not even explained at all.

  • Page 33: Esets Setup Process Description

    Appendix A. ESETS setup process description...

  • Page 34: Setting Esets For Scanning Of Http Communication - Transparent Mode

    The next step is to redirect all FTP requests to esets_ftp. In case of IP-filtering provided by ipchains administration tool an appropriate rule is: ipchains -A INPUT -p tcp -i if0 --dport 21 \ -j REDIRECT 2121 If IP-filtering mechanism is provided by iptables administration tool, the rule is: ESET Gateway Security...
  • Page 35 iptables -t nat -A PREROUTING -p tcp -i if0 \ --dport 21 -j REDIRECT --to-ports 2121 On FreeBSD, the rule is as follows: ipfw add fwd 192.168.1.10,2121 tcp \ from any to any 21 via if0 in On NetBSD and Solaris: echo 'rdr if0 0.0.0.0/0 port 21 ->...

  • Page 37: Appendix A. Php License

    Appendix A. PHP License...
  • Page 38 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ESET Gateway Security...

Table of Contents