Subscribe to Our Youtube Channel
Related Manuals for ESET REMOTE ADMINISTRATOR - ANNEXE 636
Summary of Contents for ESET REMOTE ADMINISTRATOR - ANNEXE 636
- Page 1 ESET Remote Administrator Installation Manual and User Guide we protect your digital worlds...
-
Page 2: Table Of Contents
4. Installation of ESET client solutions ..27 writing from the author. ESET, spol. s r.o. reserves the right to change any of the Direct installation ............27 described application software without prior notice. - Page 3 How to create policies ..........40 9.3 How to diagnose problems with ERAS? ......70 5.3.3 Virtual policies ............41 5.3.4 Policies and structure of ESET Configuration Editor 42 5.3.5 Viewing policies ........... 42 10. Hints & tips ...........71 5.3.6 Assigning policies to clients ........43 10.1 Scheduler ..............
-
Page 4: Introduction
ESET Remote Administrator itself does not provide any other form of protection against malicious code. ERA depends on the presence of an ESET security solution on workstations or servers, such as ESET NOD32 Antivirus or ESET Smart Security. -
Page 5: Installation Of Era Server And Era Console
2. Installation of ERA Server and ERA Console Requirements ERAS works as a service, and therefore requires a Microsoft Windows NT‑based operating system (NT4, 2000, XP, 2003, Vista or 2008). The Microsoft Windows Server Edition is not necessary for ERAS to work. A computer with ERAS installed on it should always be online and accessible via computer network by: • Clients (usually workstations) • PC with ERA Console... -
Page 6: Basic Installation Guide
A company network usually consists of one local area network (LAN), therefore we suggest installing one ERAS and one Mirror server. The Mirror server can either be created in ERAS or in ESET NOD32 Antivirus Business Edition /ESET Smart Security Business Edition. -
Page 7: Installation
2.2.3.2 Installation of ERA Console Install the ESET Remote Administrator Console to the administrator’s PC/notebook (as shown at the bottom left of Figure 2−1). At the end of the Advanced installation mode enter the name of the ERA Server (or its IP address) to which ERAC will automatically connect at startup. -
Page 8: Database Types Supported By Era Server
Proceed as follows: 1. Connect the ERA Console to the ERA Server by clicking File > Connect. 2. From the ERA Console click Tools > Server Options… and click the Updates tab. 3. From the Update server drop‑down menu, select Choose Automatically, leave Update interval at 60 minutes. Insert Update username (EAV‑***) and then click Set Password... -
Page 9: Installing Over An Existing Database
Supposing that all workstations are turned on, the push installation method is the most effective method. Before starting a push install, you must first download the .msi install files for ESET Smart Security or ESET NOD32 Antivirus from ESET’s website and create an installation package. You can create an XML configuration file that will automatically be applied when the package runs. -
Page 10: Remote Install On Notebooks Currently Not Present In The Network
For these devices, the logon script method is suggested. More information about logon script remote install can be found in chapter 4. “Installation of ESET client solutions”. Scenario – Installation in an Enterprise environment 2.3.1 Environment overview (network structure) -
Page 11: Branch Office: Installation Of Era Server
As seen in Figure 2−3, updates for the branch office are not downloaded from ESET’s update servers, but from the server at the headquarters (GHOST). The update source is defined by the following URL address:... - Page 12 The replication feature is very useful for companies with multiple branches or remote offices. The model deployment scenario would be as follows: Install ERAS in each office and have each replicate to a central ERAS. The advantage of this configuration is especially apparent in private networks which are connected via VPN, which is usually slower –...
-
Page 13: Working With Erac
When communication is established, the program’s header will change to Connected [server_name]. Alternatively, you can click File > Connect to connect to ERAS. On program startup, select the Access Type from the Access drop‑down menu (either Administrator or Read-Only). ERAC – main window Figure 3-1 ESET Remote Administrator Console main window... -
Page 14: Information Filtering
The current communication status between ERAC and ERAS is displayed in the status bar (1). All necessary data from ERAS is refreshed regularly (Default is every minute. See Tools > Console Options…). The refresh progress can also be seen in the status bar. NOTE: Press F5 to refresh displayed data. -
Page 15: Filter
Controller. The Domain Controller must only be accessible from the computer where your ERAS is located. To configure authentication to your Domain Controller, go to Tools > Server Options > Other Settings > Edit Advanced Options > ESET Remote Administrator > ERA Server > Settings > Active directory. The format of the server name is LDAP://servername or GC://servername. -
Page 16: Tabs In Erac
• Inverse Selection Performs inverted selection of entries. • Hide Selected Hides selected entries. • Hide Unselected Hides all unselected entries in the list. The last two options are effective if further organization is needed after using previous filtering methods. To disable all filters set by the context menu, click View >... -
Page 17: Replication & Information In Individual Tabs
• Detailed current client configurations in the.xml format (the Clients tab, the Configuration column, Protection Status, Protection Features, System Information) Information from the ESET SysInspector program may also be missing. ESET SysInspector is integrated with generation 4.x ESET products and later. In dialog windows where such information should otherwise be present, the Request button is available (Actions >... -
Page 18: Clients Tab
Virus Signature DB Version of virus signature database Last Threat Alert Last virus incident Last event detected by the ESET Smart Security Personal firewall (Events from the Warning level and higher Last Firewall Alert are shown) Last Event Warning Last error message Last Files Scanned Number of scanned files during the last On‑demand scan... - Page 19 General status statement for program components (Similar to Configuration attribute) System Information Client submits system information to ERAS (including time that the system information was submitted) Clients with versions containing the ESET SysInspector tool can submit logs from this complementary SysInspector application.
-
Page 20: Threat Log Tab
• Protection Status General status statement regarding all ESET programs. Some of the statements are interactive and it is possible to intervene immediately. This functionality is useful in that it prevents the need to manually define a new task to solve a given protection problem. -
Page 21: Firewall Log Tab
3.4.5 Firewall Log Tab This tab displays information related to client firewall activity. Attribute Description Client Name Name of client reporting the event Computer Name Workstation/server name (hostname) MAC Address MAC address (network adapter) Primary Server Name of ERAS with which a client is communicating Date Received Time at which the event was logged by ERAS Date Occurred... -
Page 22: Tasks Tab
Reports tab is used to organize statistical information in graph or chart form. For more information, see chapter 6, ”Reports”. 3.4.10 Remote install tab This tab provides options for several remote installation methods of ESET Smart Security or ESET NOD32 Antivirus on clients. For detailed information, see section 4.2, ”Remote Installation“. ERA Console setup ERAC can be configured in the Tools >... -
Page 23: Other Settings Tab
• Remote Administrator updates This section allows you to enable checking for new versions of ESET Remote Administrator. We recommend that you leave the default value of Monthly. If a new version is available, ERAC displays a notification at program startup. -
Page 24: Display Modes
The read-only mode is suitable for viewing the status of ESET client solutions connecting to ERAS; creation of tasks for client workstations, creation of install packages and remote installation are not allowed. The License Manager, Policy Manager and Notification Manager are also inaccessible. -
Page 25: Key Configuration Entries
Figure 3-8 3.7.2 Key configuration entries In this section, we explain several of the key configuration entries for ESET Smart Security and ESET NOD32 Antivirus, available through the ESET Configuration Editor: • ESET Smart Security, ESET NOD32 Antivirus > ESET Kernel > Setup > Remote administration Here you can enable communication between client computers and the ERAS (Connect to Remote Administrator server). - Page 26 NOTE: On portable devices such as notebooks, two profiles can be configured – one to provide updating from the Mirror server, and the other to download updates directly from ESET’s servers. For more information, see section 9.4, ”Combined update for...
-
Page 27: Installation Of Eset Client Solutions
Installations can be performed directly on workstations, or remotely from ERAS. This chapter also outlines alternative methods of remote installation. NOTE: Although it is technically feasible, we do not recommend that the remote installation feature be used to install ESET products to servers (workstations only). - Page 28 NOD32 version 2 option. Remote installation of an external application can also be performed by selecting Custom package. Each package is automatically assigned an ESET Remote Installer agent, which allows for seamless installation and communication between target workstations and ERAS. The ESET Remote Installer agent is named einstaller.
-
Page 29: Requirements
Installation packages contain their own.xml configuration, which is applied automatically. Parameters for ESET NOD32 Antivirus 2.x should be typed after the setup.exe filename, which can be extracted along with other files from the installation package (e.g. setup.exe /silentmode): • /SILENTMODE... -
Page 30: Configuring The Environment For Remote Installation
Figure 4-2 The diagnostics tool can detect potential problems before installation The first part of the Get Info Diagnostics section shows information about the ESET security product installed on the computer. The second section indicates whether all installation conditions for the ESET security product have been met. - Page 31 Figure 4-3 3) In the panel on the right, select the workstations that require the package. 4) Click Install (you can also click Get Info to view information on selected clients). 5) In most cases, you will be prompted to enter the username and password of the account used to access the target workstation (it must be an account with administrator rights).
- Page 32 9) Agent installs the package under the administrator account defined in step 6; the corresponding.xml configuration and command line parameters are also applied. 10) Immediately after the installation is complete, the agent sends a message back to ERAS. Some ESET security products require a reboot and will prompt you if necessary.
-
Page 33: Logon /Email Remote Install
Administrator username and password). This feature uses the admin$ share. • Uninstall Program removal – the agent tries to remotely uninstall the ESET security product. The Uninstall option does not take into consideration which package is selected from the Package menu. - Page 34 • Type a message into the Body. • Check the Send compressed as .zip file option if you wish send the agent .zip‑packed. • Click Send to send the message Figure 4-7 Send ESET Installer via Email dialog window This feature uses the SMTP parameters defined on ERAS.
-
Page 35: Custom Remote Install
Values inserted in the Logon… dialog window are forgotten after each service (ERAS) restart. 4.2.5 Custom remote install It is not a requirement to use ERA tools to remotely install ESET client solutions. In the end, the most important aspect is to deliver and execute the einstaller.exe file on client workstations. -
Page 36: Avoiding Repeated Installations
The agent records the following error to the installer log located in %TEMP %\einstaller.log: Status 20 001: Eset Installer was told to quit by the server ‘X:2224’. Figure 4-10 Figure 4.11... - Page 37 To configure a domain controller to automatically install ESET Smart Security or ESET NOD32 Antivirus on each workstation after logging in, proceed as follows: 1) Create a shared folder on your domain controller. All workstations should have ”read” permission to this folder.
-
Page 38: Administering Client Computers
Navigate to ESET Smart Security, ESET NOD32 Antivirus > Update Module > Profile > Setup > Username and Password. 4) Insert the ESET‑supplied username and password and click Console on the right to return to the task wizard. The path to the package is displayed in the Create/Select configuration field. -
Page 39: Update Now Task
Right‑click on any workstation from the Clients pane and select New Task > Update Now. If you wish to exclude certain types of ESET security products from the task, select them in the Configuration section drop‑down menu and select the Exclude this section from Update Task option. To use a specific update profile for the Update Now task, enable the Select profile name option and select the desired profile. -
Page 40: Policies
5.3.2 How to create policies The default installation only implements one policy labeled ”Server Policy”. This name can be changed in the Policy settings > Policy name field. The policy itself is configurable from the ESET Configuration Editor – click Edit and... -
Page 41: Virtual Policies
ESET security product (or client). All parameters are organized into a comprehensive structure and all items in the Editor are assigned an icon. Clients will only adopt active parameters (marked by a blue icon). All inactive (greyed out) parameters will remain unchanged on target computers. The same principle applies to inherited and merged policies –... -
Page 42: Policies And Structure Of Eset Configuration Editor 42 Viewing Policies
5.3.4 Policies and structure of ESET Configuration Editor Figure 5-2 Each policy in the Policy Tree is assigned an icon on the left. The meaning of icons are as follows: 1) Policies with blue icons refer to those present on the given server. There are three subgroups of blue icons: Icons with white targets –... -
Page 43: Assigning Policies To Clients
View Merged – Same as above View Override Part – This button applies for policies with the attribute Override any child policy. This option only shows the forced part of the policy – i.e. the one which has priority over other settings in child policies. View Non-force part –... -
Page 44: Deleting Policies
New default policy for lower servers. 5.3.8 Special settings Two additional policies are not located in the Policy Manager but in Tools > Server Options > Other Settings > Edit Advanced Settings > ESET Remote Administrator > ERA Server > Setup > Policies. -
Page 45: Policy Deployment Scenarios
Interval for policy enforcement (minutes): This feature applies to policies in the specified interval. We recommend the default setting. Disable policy usage: Enable this option to cancel application of policies to servers. We recommend this option if there is a problem with the policy. -
Page 46: Each Server Is Administered Individually - Policies Are Managed Locally But The Default Parent Policy Is Inherited From The Upper Server
5.3.9.2 Each server is administered individually ‑ policies are managed locally but the Default Parent Policy is inherited from the upper server The configuration from the previous scenario also applies to this scenario. However, Server A has the Default Policy for Lower Servers enabled and policies on the lower servers inherit the configuration of the Default Parent Policy from the master server. -
Page 47: Inheriting Policies From An Upper Server
5.3.9.3 Inheriting policies from an upper server The network model for this scenario is the same as the previous two scenarios. In addition, the master server, along with the Default Parent Policy, contains other policies, that are down replicable and serve as parent policies on the lower servers. -
Page 48: Assigning Policies Only From The Upper Server
5.3.9.4 Assigning policies only from the upper server This scenario represents a centralized system of policy management. Policies for clients are created, modified and assigned only on the main server ‑ the local administrator has no rights to modify them. All lower servers have only one basic policy, which is empty (by default titled Server Policy). -
Page 49: Notifications
Notifications The ability to notify system and network administrators about important events is an essential aspect of network security and integrity. An early warning about an error or malicious code can prevent enormous losses of time and money needed to eliminate the problem later on. The next three sections outline the notification options offered by ERA. - Page 50 The Priority drop‑down menu allows you to set the rule priority. P1 is the highest priority, P5 is the lowest priority. Priority does not in any way affect the functionality of rules. To assign priority to notification messages, the %PRIORITY % variable can be used. Under the Priority menu, there is a Description field. We recommend that each rule is given a meaningful description, such as ”rule that warns on detected infiltrations”.
- Page 51 • Server logs – The server log contains the following entry types: – Errors – Error messages – Errors+Warnings – Error messages and warning messages – Filter log entries by type – Enable this option to specify error and warning entries to be watched in the server log.
- Page 52 However, the condition to activate the rule must still be met. In Server > Other Settings > Edit Advanced Settings > ESET Remote Administrator > Server > Setup > Notifications > Interval for notification processing (minutes) you can specify the time interval in which the server will check and execute active rules.
-
Page 53: Notifications Via Snmp Trap
10 % of all clients. • Possible network attack – If the frequency of ESET Personal firewall log entries on a client has exceeded 1000 critical warnings in one hour on at least 10 % of all clients. - Page 54 1) Set the Trigger type drop‑down menu to Client State 2) Leave the options Priority, Activation after: and Repeat after every: at the predefined values. The rule will automatically be assigned the priority 3 and will be activated after 24 hours. 3) In the Description field, type protection status notification for HQ clients 4) Click Edit…...
-
Page 55: Detailed Information From Clients
• View – Opens the log listed in the top section directly in ESET SysInspector • Save As… – Saves the current log to a file. The Then Run ESET SysInspector Viewer to view this file option automatically opens the log after it is saved (as it would after clicking View). -
Page 56: Reports
6. Reports The Reports tab (Tools > Reports Pane) is used to turn statistical information into graphs or charts. These can be saved and processed later in the Comma Separated Value format (.csv) by using ERA tools to provide graphs and graphical outputs. - Page 57 Example: We want to create a report including events from the last calendar week, i.e., from Sunday to next Saturday. We want this report to be generated on the following Wednesday (after Saturday). In the Interval tab, select Completed and 1 Weeks. Remove Add also the current period. In the Scheduler tab set Frequency to Weekly and select Wednesday.
-
Page 58: Eset Remote Administrator Server (Eras) Setup
Server (ERAS) setup Security tab Generation 3.x ESET security solutions (ESET Smart Security, etc.) offer password protection for decrypted communication between the client and ERAS (communication at the TCP protocol, port 2222). Earlier versions (2.x) do not have this functionality. To provide backward compatibility for earlier versions, the Enable unauthenticated access for Clients mode must be activated. -
Page 59: Mirror Server
The Mirror feature allows a user to create a local update server. Client computers will not download virus signature updates from ESET’s servers on the Internet, but will connect to a local Mirror server on your network instead. The main advantages of this solution are to save Internet bandwidth and to minimize network traffic, since only the mirror server connects to the Internet for updates, rather than hundreds of client machines. -
Page 60: Types Of Updates
NOTE: ESET client solutions use the SYSTEM user account and thus have different network access rights than a currently logged-in user. Authentication is required even if the network drive is accessible for ”Everyone” and the current user can access them, too. - Page 61 The Mirror feature is also available directly from the program interface in ESET Smart Security Business Edition and ESET NOD32 Antivirus Business Edition. It is left to the administrator’s discretion as to which is used to implement the Mirror server.
-
Page 62: Mirror For Clients With Nod32 Version 2.X
ERA, this option can be configured in ERAC through Tools > Server Options… > Other Settings tab > Edit Advanced Settings… > ESET Remote Administrator > ERA Server > Setup > Mirror. Enable all program language versions present in your network. - Page 63 Both of these options must be enabled for ERA Servers located anywhere in the middle of the replication hierarchy (i.e., they have both upper and lower servers). All of the previously mentioned scenarios are visible in the figure below. The beige computers represent individual ERA Servers.
-
Page 64: Logging Tab
We recommend leaving the Log verbosity set to Level 2 – Above + Session Errors. Change the log level only if you are experiencing problems, or if you are advised to do so by ESET Customer Care. Click Tools > Server Options > Other Settings > Edit Advanced Settings… > Setup > Logging > Rotated debug log compression to configure compression level for individual rotated logs. -
Page 65: Advanced Settings
(in %) ERAS is capable of merging multiple licenses from multiple customers. This feature must be activated by a special key. If you need a special key, please specify it in your order, or contact your local ESET distributor. Advanced settings To access ERA Advanced settings, click Tools >... -
Page 66: New Clients
• Enable ThreatSense. Net data forwarding to ESET servers If enabled, ERAS will forward suspicious files and statistical information from clients to ESET’s servers. Note that it is not always possible for client workstations to submit this information directly, due to the network... -
Page 67: Era Maintenance Tool
The purpose of the ERA Maintenance Tool is to execute specific tasks that are mostly connected with server operation and maintenance. It can be found as a self‑standing item under Start -> Program Files -> ESET Remote Administrator -> Server. When the ERA tool is started, an interactive wizard displays, that assists the user in performing the required tasks. -
Page 68: Install New License Key
(Allow import from a different type of database) as well as to stop the ESET Remote Administrator server during the database restore (Stop server during processing task). Press Next to confirm the task execution. -
Page 69: Troubleshooting
Section 8.2.1 below outlines the most frequently encountered error codes when performing push installs, as well as errors that can be found in the ERAS log. 9.2.1 Error messages displayed when using ESET Remote Administrator to remotely install ESET Smart Security or ESET NOD32 Antivirus... -
Page 70: Frequently Encountered Error Codes In Era.log
This update module error can be encountered if a proxy server is used to mediate Internet connection – namely Webwasher proxy. 0x2104‑ UPD_RETVAL_SERVER_ERROR Update module error indicating an HTTP error code higher than 500. If the ESET HTTP server is being used, error 500 indicates a problem with memory allocation. 0x2105 – UPD_RETVAL_INTERRUPTED This update module error can be encountered if a proxy server is used to mediate the Internet connection –... -
Page 71: Hints & Tips
• Change ID – Modifies ID of selected tasks If no changes have been made after installation, ESET NOD32 and ESET Smart Security contain two predefined tasks of this type. The first task checks system files at each user logon, and the second task does the same after a successful virus signature database update. - Page 72 60 minutes by default. Usually there is no reason to modify its parameters. The only exception is for notebooks, since their owners also connect to the Internet from outside of company networks. The last dialog allows you to specify two different update profiles, covering updates either from a local server or from ESET’s update servers.
-
Page 73: Removing Existing Profiles
(no new configuration is created, only assigned by the Select… button). Example: An ESET security product is only installed on one workstation. Adjust the settings directly through the program’s user interface. When finished, export the settings to an.xml file. This.xml file can then be used for remote installations to other workstations. - Page 74 ESET Smart Security or ESET NOD32 Antivirus). The configuration can be made directly on notebooks, or remotely using the ESET Configuration Editor. It can be applied either during installation, or anytime later as a configuration task.
-
Page 75: Installation Of Third-Party Products Using Era
10.5 Installation of third‑party products using ERA In addition to remote installation of ESET products, ESET Remote Administrator is capable of installing other programs. The only requirement is that the custom install package must be in the.msi format. The remote installation of custom packages can be performed using a process very similar to the one described in section 4.2,...
Need help?
Do you have a question about the REMOTE ADMINISTRATOR - ANNEXE 636 and is the answer not in the manual?
Questions and answers