Table of Contents
Advertisement
Quick Links
Download this manual
See also:
Installation Manual
Advertisement
Table of Contents
Related Manuals for ESET REMOTE ADMINISTRATOR V1
Summary of Contents for ESET REMOTE ADMINISTRATOR V1
- Page 1 Remote Administrator Overview...
- Page 2 No part of this document may be reproduced or transmitted in any form or by any means electronic or mechanical, for any purpose without the express written permission of ESET LLC. Information in this document is subject to change without prior notice. Certain names of program products and company names used in this document might be registered trademarks or trademarks owned by other entities.
-
Page 3: Table Of Contents
Passive Heuristics Active Heuristics ThreatSense® - Leveraging all detection The Value of NOD32 ESET NOD32 Antivirus - Product Modules ________________________________ 6 NOD32 for Windows Workstations What does ESET NOD32 Antivirus do? Components – Standard Client What is NOD32’s On-Demand Scanner? - Page 4 Remote Administrator Overview...
-
Page 5: Eset Nod32 Antivirus Overview
These threats could affect the privacy, security, and confidentiality of the information on a computer. Collectively, they are referred to as malicious software, or malware. ESET NOD32 uses award-winning technology to detect tomorrow’s threats, in real-time, by analyzing code execution for malicious intent – keeping you ahead of the malware writers. -
Page 6: Traditional Signatures
Remote Administrator Overview Traditional Signatures A specific threat has a specific set of bytes that uniquely identifies it. Searching for that exact pattern of bytes, an anti-threat tool can find and identify that specific threat. Though well suited to exploit detection, signature scanning is reactive and based on the identification of a single object. -
Page 7: Generic Signatures
Remote Administrator Overview The advantage of heuristics is it can detect not just variants, or modified forms, of existing malicious programs, but also new, previously unknown malicious programs. Generic Signatures One way to use heuristics to improve signature-based detection is to use generic signatures. -
Page 8: Active Heuristics
Remote Administrator Overview Active Heuristics With active heuristics, the anti-threat system can execute the code to see what it actually does. Execution occurs in a controlled, protected environment to avoid real damage. The engine lets the code run in a virtual environment and examines the behavior performed in and changes made to that virtual environment. -
Page 9: The Value Of Nod32
NOD32 provides all-in-one protection, small footprint, and fast performance, regardless of the size of the organization. ESET NOD32 Antivirus products are advanced and easy on system resources. NOD32’s Remote Administrator makes it easy to deploy, monitor, and manage 10,000 machines from a single console. -
Page 10: Eset Nod32 Antivirus - Product Modules
What does ESET NOD32 Antivirus do? ESET NOD32 Antivirus searches for threats within PCmemory, the system areas of disks, files stored on those disks, and on HTTP and POP3 communication streams. A number of different objects can hold viruses or other malware, such as files, archives, self-extracting archives, run-time packers, and e-mail. -
Page 11: Components - Standard Client
Remote Administrator Overview Components – Standard Client Protection against threats from multiple input sources is provided by these modules, all included in NOD32: AMON – On-access (memory-resident) scanner, automatically scans files before they’re accessed NOD32 – On-demand scanner, run manually on specific files or disks -- It can also be scheduled to run during off-peak times DMON –... -
Page 12: What Is Nod32'S On-Demand Scanner
Remote Administrator Overview What is NOD32’s On-Demand Scanner? NOD32 for Windows Workstations includes an on-demand scanner, which can be run manually or scheduled to run automatically on entire disks, disk volumes/directories, or specific files. NOD32’s On-Demand Scanner lets you immediately check disks for threats as needed. -
Page 13: What Is Dmon
Remote Administrator Overview What is DMON? DMON (Document Monitor) is a complementary add-on to AMON, providing an additional layer of protection for Microsoft Office documents. DMON scans Microsoft Office documents and files downloaded automatically by Internet Explorer, such as Microsoft ActiveX elements. DMON works with applications that support the Microsoft Antivirus API (AVAPI) interface, including Microsoft Office 2000, 9.0 and newer, and Microsoft Internet Explorer, 5.0 and... -
Page 14: What Is Imon
Remote Administrator Overview What is IMON? IMON (Internet Monitor) is a memory-resident module that automatically scans a computer’s network connections to prevent infected files from reaching the computer’s disks. IMON scans Internet web browsing traffic (HTTP) and incoming email messages via the POP3 protocol before they are saved to disk and detects threats before they can get to the e-mail client. -
Page 15: Threatsense.net - Closing The Circle
ThreatSense.Net complements ThreatSense technology to constantly improve threat protection for all ESET customers. Analyzing new infiltrations helps ESET increase the detection capability of its products. All threat identification and detection information is then included in updates to all... -
Page 16: Nod32 Control Center - Nod32 For Windows Client
Remote Administrator Overview ThreatSense.Net gathers information from ThreatSense® scans, sending details about new infiltrations to ESET labs for thorough analysis: File sample with the infiltration Directory name File name Detection date/time How the infiltration entered the computer Operating system information NOTE: Submission is optional and anonymous. -
Page 17: Updating Eset Nod32 Antivirus
The incremental threat database update takes place regularly according to the level of threat, often several times a day. NOD32 is updated from an update server, either an Internet server maintained by ESET, a local network server, a network directory, a CD drive, etc. Whatever the method, it is crucial to ensure that each computer has access to a current source of updates. - Page 18 Remote Administrator Overview NOD32 supports three types of automatic Internet updates: Cumulative update of the virus signature database Incremental update of the virus signature database Update of the executable components of the system (program components) While the first two types of updates are performed 'on-the-fly', the program component update requires restart of the updated computer.
-
Page 19: Centrally Managing Clients With Nod32 Remote Administrator
Remote Administrator Overview Centrally Managing Clients with NOD32 Remote Administrator Now that you’ve seen how NOD32 works to protect individual workstations, let’s look at expanding NOD32 workstation protections for larger groups... The NOD32 Remote Administrator provides centralized management of NOD32’s network installations. NOD32 Remote Administrator enables an administrator to easily deploy, manage, and maintain thousands of NOD32 systems in large, distributed corporate networks, as well... - Page 20 One or more NOD32 for Windows Workstations clients − Standard NOD32 for Windows Workstations client − LAN Update Server (also called “Mirror” or Administrative Client), which performs all client operations and also can receive and store updates and upgrades from ESET...
-
Page 21: Remote Administrator Server (Ras)
Remote Administrator Overview Remote Administrator Server (RAS) The Remote Administrator Server is an administration tool collecting information on NOD32 clients, configuration changes, and events related to malware protection. Although you can choose any computer that meets the minimum requirements in your network, we recommend you run the RA Server on a server-class, always-on machine, such as: Your current NOD32 LAN Update Server... -
Page 22: Ra Console Panels
(HTML, CSV) and define a time/date interval for which the report will be generated. Reports can be sent via e-mail or exported to a folder. Remote Install The Remote Install panel offers several options for remote installation of ESET NOD32 Antivirus clients on workstations, and other related features. -
Page 23: Nod32 Clients
However, it’s also easy to use for small businesses with as few as 5 computers. Enterprise Edition entitles you to run ESET NOD32 Antivirus on any workstation or file server at no additional cost. Enterprise Edition also includes the following products:... -
Page 24: Remote Administrator Deployment Options For Nod32
Remote Administrator Overview Remote Administrator Deployment Options for NOD32 Among the many advantages of using Remote Administrator are the options available for deploying multiple installations of NOD32 clients. Remote Administrator enables flexible schemes for installing NOD32 for Windows to remote workstations throughout a network. It can also initiate an uninstall process to remove a NOD32 client from a workstation. -
Page 25: Installation File Set
Remote Administrator Overview Installation File Set In any installation, the administrator creates a universal set, or various sets, of parameters associated with an installation package. Each installation requires a collection of files that contain the following: An installation agent file The installation package A set command line parameters Installation Agent File... -
Page 26: Installation Example
Remote Administrator Overview The key HKEY_LOCAL_MACHINE\Software\Eset\NOD32 Remote Installer is created in the Windows registry to prevent repeated installation of the same package after a successful installation. Installation Package The installation package (*.NIP) contains the appropriate client installer (ndntenst.exe or nd98enst.exe) and an .XML file with the selected configuration settings for the installed client. -
Page 27: Communication Among Ra Components
Remote Administrator Overview In the case of the variant “Export to logon script“, or “Send via E-mail“, the process starts with running the agent file (nod32installer.exe) locally, either manually by the user or automatically from a logon script. When nod32installer.exe executes, it directs the workstation to contact RA Server on TCP port 2224 (by default) and download the installation package (*.NIP) file. -
Page 28: Remote Administration And The Update Process
Clients update either directly from ESET servers or from the LAN Update Server. Access to an ESET update server requires a valid username and password. Access to a LAN Update Server, or “mirror,” is subject to verification of the access authorization of the specified user defined on the computer to be updated. -
Page 29: Updating With Lan Update Server
When an update is available via HTTP, the LAN Update Server downloads updates from ESET’s servers and holds them for the other workstations in the network. An HTTP server is an integral part of LAN Update Server and by default runs on port 8081. -
Page 30: Updates And Server Bandwidth
Remote Administrator Overview Distribution via HTTP can be easier to configure and is not limited by the number of licenses of the file server, which would be required for access to a shared folder. Updates and Server Bandwidth For each client, automatic update occurs by default an hour after the last update. However, client computers generally do not need their scheduled updates synchronized. - Page 31 Remote Administrator Overview Networks consisting of nested RA Servers allow an administrator to control all client workstations from any RA Server, using a single RA Console installation. In this illustration, an administrator using RA Console connecting to RAS 3 will be able to control client workstations connected to RAS 3, RAS 4, and RAS 5.
-
Page 32: Configuration And Remote Clients
Remote Administrator Overview Configuration and Remote Clients Remote Administrator allows remote configuration of NOD32 anti-threat clients. This lets the administrator quickly customize NOD32 settings for remote clients. Configuration setup takes place in the NOD32 Configuration Editor. As in the Standard Client version of NOD32 for Windows, there is a vast array of options for scanning, updating, scheduling and... -
Page 33: Configuration With Profiles
As an example, an organization may have employees with laptops that are regularly taken off the network. These laptops need to update directly from ESET’s servers via the internet when off-site. This scenario requires setting up a secondary profile, which only... -
Page 34: Implementing Configurations, Updates, Or On-Demand Scans
Remote Administrator Overview Implementing Configurations, Updates, or On-Demand Scans NOD32 Remote Administrator enables the administrator to use Tasks to implement changes or operations at remote workstations with NOD32 for Windows. There are three types of tasks: “Configuration” – to make changes in configuration of remote client workstations. “On-Demand Scan”... - Page 35 Remote Administrator Overview For configuration tasks, an administrator first creates or chooses an already existing configuration file, which will accompany the task directive and be applied on remote client computers. Any new profiles are also incorporated in a configuration file and sent with a task directive for configuration updates.
-
Page 36: Remote Administrator Reporting
Remote Administrator’s automatic and custom report generation gives you an overview on ESET NOD32 Antivirus activities, helping you maintain a high level of data integrity in your network. You can use reports to fill holes in your anti-threat protection by searching for unprotected computers in your network. - Page 37 Remote Administrator Overview Individual variants of reports can be selected, including the graphical appearance of the resulting report. You can choose which malware will be included in the report, or filter the client computers according to chosen attributes. You can also choose an output file (HTML, CSV) and define a time/date interval for which the report will be generated.
- Page 38 Remote Administrator Overview 2. Alert progress, multiple graphs Additional report settings let you customize the report format and design to suit yourself. In the Interval tab, you can define the time interval of records that will be included in the report. The Scheduler tab enables you to schedule creation of reports. Reports created can either be subsequently sent by email to one or more email addresses, or stored in a specific folder on a local or network disk.
-
Page 39: Index
Remote Administrator Overview Index passive, 4 administrative client defined. LAN Update Server HTTP scanning, 16 AMON and IMON, 17 IMAP scanning, 14 defined, 12 running states, 13 IMON with DMON, 14 and AMON, 17 and EMON, 17 automatic update, 22 defined, 16 code analysis. - Page 40 Remote Administrator Overview NOD32 panels, 29 advantages, 7 Remote Administrator Server clients and RA, 30 defined, 27 configuration, 42 remote installation configuring, 20 command line parameters, 35 Control Center, 20 package, 34 modules, 8 system tools, 21 reporting, 48 updates, 21 scanning ActiveX, 14 on-access...
- Page 41 Remote Administrator Overview ThreatSense.Net, 18 program components, 23 purpose, 21 update Remote Administrator, 38 automatic, 22 settings, 21 bandwidth needs, 39 types, 23 manual.