1. Manuals
  2. Brands
  3. ESET Manuals
  4. Software
  5. REMOTE ADMINISTRATOR 4 - ANNEXE 335
  6. Installation manual

ESET REMOTE ADMINISTRATOR 4 - ANNEXE 335 Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
ESET
Remote Administrator 4
Installation Manual and User Guide

Advertisement

Table of Contents
loading

Related Manuals for ESET REMOTE ADMINISTRATOR 4 - ANNEXE 335

Summary of Contents for ESET REMOTE ADMINISTRATOR 4 - ANNEXE 335

  • Page 1 ESET Remote Administrator 4 Installation Manual and User Guide...
  • Page 2 ESET, spol. s r.o. reserves the right to change any of the described application software without prior notice. Customer Care Worldwide: www.eset.eu/support Customer Care North America: www.eset.com/support...

  • Page 3: Table Of Contents

    ESET Configuration Editor ................31 3.7.1 Configuration layering ..................31 Installation of ERA Server and ERA 3.7.2 Key configuration entries ..................32 Console ..........8 Installation of ESET client solutions ..........34 Requirements ................8 Direct installation ................34 2.1.1 Software requirements ..................8 2.1.2 Performance requirements ..................8 Remote installation ................34...
  • Page 4 What is the meaning of the GLE error code? ..................85 10.2 Frequently encountered error codes ................85 10.2.1 Error messages displayed when using ESET Remote Administrator to remotely install ESET Smart Security or ESET NOD32 Antivirus ..................85 10.2.2 Frequently encountered error codes in era.log ..................86...

  • Page 5: Introduction

    ESET Remote Administrator itself does not provide any other form of protection against malicious code. ERA depends on the presence of an ESET security solution on workstations or servers, such as ESET NOD32 Antivirus or ESET Smart Security.
  • Page 6 - support for ESET Security products 4.x ESET Remote Administrator Version 2.0 - support of new ESET Security Products version 3 (ESET Smart Security, ESET NOD32 Antivirus) - new logs (new columns, ESET Personal Firewall logs) - new client state information for version 3 clients (Protection Status, Protection Features, System Information)

  • Page 7: Program Architecture

    ERAC is the client component of ERA and is usually installed on a workstation. This workstation is used by the administrator to remotely control ESET solutions on individual clients. Using ERAC, the administrator can connect to the server component of ERA – on TCP port 2223. The communication is controlled by the process console.exe, which is...

  • Page 8: Installation Of Era Server And Era Console

    2. Client connection interval The client connection interval is set to 10 minutes by default in ESET Smart Security / ESET NOD32 Antivirus versions 4.2 and later. If you need the client status to update more or less frequently than the default interval, you can change the setting.Keep in mind that a shoerter client connection interval will affect server performance.
  • Page 9 Most of the storage space is taken up by client events, that are stored in the database and to a repository on the disk (default directory is C:\Documents and Settings\All Users\Application Data\Eset\ESET Remote Administrator\Server). ERA requires that at least 5% of the disk be free. If this minimum is exceeded the server will stop receiving some of the client events.

  • Page 10: Ports Used

    2.1.3 Ports used The chart below lists the possible network communications used when ERAS is installed. The process EHttpSrv.exe listens on TCP port 2221 and the process era.exe listens on TCP ports 2222, 2223, 2224 and 2846. Other communications occur using native operating system processes (e.g., ”NetBIOS over TCP/IP”). Protocol Port Description...

  • Page 11: Basic Installation Guide

    A company network usually consists of one local area network (LAN), therefore we suggest installing one ERAS and one Mirror server. The Mirror server can either be created in ERAS or in ESET NOD32 Antivirus Business Edition / ESET Smart Security Business Edition.

  • Page 12: Before Installation

    2.2.2 Before installation Before installing, the following installation packages should be downloaded from ESET’s website: ESET Remote Administrator components: ESET Remote Administrator – Server ESET Remote Administrator – Console ESET client solutions: ESET Smart Security 4.x ESET Smart Security 3.x ESET NOD32 Antivirus 4.x...

  • Page 13: Cluster Mode Installation

    Parameters and configuration of the command line installation can be further supplemented by the administrator's .xml configuration file the "cfg.xml", which must be in the same folder as the ERA .msi installation file. The configuration file can be created in the ESET Configuration Editor and allows you to configure various ERA settings. See chapter ESET Configuration Editor for more details.

  • Page 14: Database Types Supported By Era Server

    Database connection problem. It is strongly recommended to use odbc driver that supports multiple active result sets (MARS). The server will continue to run but the database communication may be slower. See the documentation or contact ESET support for more information.

  • Page 15: Database Connection Setup

    Native driver with MARS support: - SQLNCLI.DLL (2005.90.1399.00) 2.2.3.4.2 Database connection setup After a new database is created, you must specify connection parameters for the database server using one of two options: 1. Using DSN (data source name) To open DSN manually, open the ODBC Date Source Administrator (Click Start >...

  • Page 16: Installing Over An Existing Database

    2.2.3.4.3 Installing over an existing database If there are existing tables in the database, the installer will display a notification. To overwrite contents of an existing table, select Overwrite (Warning: this command deletes the contents of tables and also overwrites their structure!). Select Ignore to leave tables untouched.

  • Page 17: Installation

    As in the figure from Environment overview chapter, updates for the branch office are not downloaded from ESET’s update servers, but from the server at the headquarters (GHOST). The update source is defined by the following URL address:...

  • Page 18: Other Requirements For Enterprise Environments

    2.3.3 Other requirements for Enterprise environments In larger networks, multiple ERA Servers can be installed to perform remote installs of client computers from servers which are more accessible. For this purpose, ERAS offers replication (see chapter Installation at headquarters Branch office: Installation of ERA Server ), which allows stored information to be forwarded to a parent ERAS (upper server).

  • Page 19: Working With Erac

    ERAS needs to be installed under the Windows/Domain account with sufficient rights. You must also enable this feature in Tools > Server Options… > Advanced tab > Edit Advanced Settings… > ESET Remote Administrator > ERA Server > Setup > Security:...

  • Page 20: Erac - Main Window

    3.2 ERAC - main window The current communication status between ERAC and ERAS is displayed in the status bar (1). All necessary data from ERAS is refreshed regularly (Default is every minute. See Tools > Console Options…). The refresh progress can also be seen in the status bar.

  • Page 21: Information Filtering

    Columns in Section 4: Server Name Displays name of server. Clients Total number of clients connecting to or in the database of the selected ERAS. Virus Signature DB Range Version of virus signature databases among the clients of the selected ERAS. Least Recent Connection Time elapsed since the least recent connection to the server.

  • Page 22: Context Menu

    In the lower part of the Filter section you can specify another set of parameters: Only clients (using whole words) Output only includes clients with names identical to the string entered. Only clients beginning like (?,*) Output will only list clients with names beginning with the specified string. Only clients like (?,*) Output will list only clients with names containing the specified string.

  • Page 23: View Mode

    Detailed current client configurations in the.xml format (the Clients tab, the Configuration column, Protection Status, Protection Features, System Information) Information from the ESET SysInspector program may also be missing. ESET SysInspector is integrated with generation 4.x ESET products and later.

  • Page 24: Clients Tab

    On the upper server you can set the level of logs that will be received by the server (Tools > Server Options > Advanced > Edit Advanced Settings... > ESET Remote Administrator > ERA Server > Setup > Server Maintenance >...
  • Page 25 Custom Information to be displayed specified by the administrator (this option can be configured Custom Info in ERAC through Tools > Server Options… > Advanced tab > Edit Advanced Settings… > ESET Remote Administrator > ERA Server > Setup > Other settings > Client custom info).
  • Page 26 Protection Status This is a general status statement regarding all ESET programs. Some of the statements are interactive and allow immediate intervention. This functionality is useful in that it prevents the need to manually define a new task to solve a given protection problem.

  • Page 27: Threat Log Tab

    3.4.4 Threat Log tab This tab contains detailed information about individual virus or threat incidents. Attribute Description Client Name Name of client reporting the threat alert Computer Name Workstation/server name (hostname) MAC Address MAC address (network adapter) Primary Server Name of ERAS with which a client is communicating Date Received Time at which the event was logged by ERAS Date Occurred...

  • Page 28: Scan Log Tab

    3.4.7 Scan Log tab This tab lists results of On-demand computer scans that were started remotely, locally on client computers, or as scheduled tasks. Attribute Description Scan Id ID of the corresponding entry in the database (ID is in the form: Scan Number) Client Name Name of client where the scan was performed Computer Name...

  • Page 29: Tasks Tab

    Reports tab is used to organize statistical information in graph or chart form. For more information, see chapter Reports 3.4.12 Remote install tab This tab provides options for several remote installation methods of ESET Smart Security or ESET NOD32 Antivirus on clients. For detailed information, see chapter Remote Installation 3.5 ERA Console setup...

  • Page 30: Other Settings Tab

    The read-only mode is suitable for viewing the status of ESET client solutions connecting to ERAS; creation of tasks for client workstations, creation of install packages and remote installation are not allowed. The License Manager, Policy Manager and Notification Manager are also inaccessible.

  • Page 31: Eset Configuration Editor

    3.7 ESET Configuration Editor The ESET Configuration Editor is an important component of ERAC and is used for several purposes. Some of the most important are the creation of the following: Predefined configurations for installation packages Configurations sent as tasks or policies to clients A general (.xml) configuration file...

  • Page 32: Key Configuration Entries

    3.7.2 Key configuration entries In this section, we explain several of the key configuration entries for ESET Smart Security and ESET NOD32 Antivirus, available through the ESET Configuration Editor: ESET Smart Security, ESET NOD32 Antivirus > ESET Kernel > Setup > Remote administration Here you can enable communication between client computers and the ERAS (Connect to Remote Administrator server).
  • Page 33 The client’s settings can then be managed on a per-user basis and cannot be changed remotely. To change the setting remotely the Suppress user settings option must be set to Yes. The Suppress user settings option is only available for clients running 4.0 or later ESET security products. Update This branch of the Configuration Editor allows you to define how update profiles are applied.

  • Page 34: Installation Of Eset Client Solutions

    ESET products to servers (workstations only). 4.1 Direct installation With a direct installation, the administrator is present at the computer where the ESET security product is to be installed. This method requires no further preparation and is suitable for small computer networks or in scenarios where ERA is not used.
  • Page 35 – selected parameters are then applied automatically on target clients. Additional parameters for ESET Smart Security and ESET NOD32 Antivirus can be typed after the name of the .msi installation package (e.g., eav_nt64_ENU.msi /qn):...

  • Page 36: Requirements

    You need to add this parameter when the ESS/EAV settings are password protected. Parameters for ESET NOD32 Antivirus 2.x should be typed after the setup.exe filename, which can be extracted along with other files from the installation package (e.g., setup.exe /silentmode): /SILENTMODE Quiet installation mode –...

  • Page 37: Configuring The Environment For Remote Installation

    ERA, navigate to Start ’ Control Panel ’ Administrative Tools ’ Services. Select ESET Remote Administrator Server service from the list and click the Log On tab. ESET Remote Administrator 4 embeds this setting in the Advanced installation scenario so you must select Advanced ’...

  • Page 38: Remote Push Install

    Supposing that all workstations are turned on, the push installation method is the most effective method. Before starting a push install, you must first download the .msi install files for ESET Smart Security or ESET NOD32 Antivirus from ESET’s website and create an installation package. You can create an .xml configuration file that will automatically be applied when the package runs.
  • Page 39 8) Agent installs the package under the administrator account defined in step 2; the corresponding .xml configuration and command line parameters are also applied. 9) Immediately after the installation is complete, the agent sends a message back to ERAS. Some ESET security products require a reboot and will prompt you if necessary.

  • Page 40: Logon /Email Remote Install

    While the logon script runs automatically when the user logs on, the email method requires intervention on the part of the user, who must launch the einstaller.exe agent from the email attachment. If launched repeatedly, einstaller.exe will not trigger another installation of ESET client solutions. For more information, see chapter Avoiding repeated installations The line calling the einstaller.exe agent from the logon script can be inserted using a text editor or other proprietary tool.
  • Page 41 Attaching the agent (einstaller.exe) to email: 1) Click Email… on the Remote Install tab and select the Type and name of the Package you wish to install. 2) Click To… to select addresses from the address book (or insert individual addresses). 3) Enter a Subject in the corresponding field.

  • Page 42: Custom Remote Install

    Default Logon… dialog window are forgotten after each service (ERAS) restart. 4.2.5 Custom remote install It is not a requirement to use ERA tools to remotely install ESET client solutions. In the end, the most important aspect is to deliver and execute the einstaller.exe file on client workstations.

  • Page 43: Upgrade

    The username and password of the account under which the installation of the package is to be performed must be an account with administrator rights or, preferably, a domain administrator account. During the remote installation process, backward connection to ERAS takes place and the agent (einstaller.exe) adopts settings from the Set Default Logon for E-mail and Logon Script Installations option.

  • Page 44: Avoiding Repeated Installations

    MSI installer, which is distributed directly to all clients connecting to the domain via Group Policy. To configure a domain controller to automatically install ESET Smart Security or ESET NOD32 Antivirus on each workstation after logging in, proceed as follows:...
  • Page 45 3) Insert an .xml configuration file, which is to be applied to the program, to the same folder. The file should be named cfg.xml. To create a configuration file, the ESET Configuration Editor can be used. For more information see chapter ESET Configuration Editor 4) Click Start >...

  • Page 46: Administering Client Computers

    5. Administering client computers 5.1 Tasks Client workstations that are correctly connected to ERAS and displayed in ERAC can be configured and administered using various types of tasks. The general workflow below applies for all tasks described in the following sub-chapters except the Interactive Task (see the chapter for an explanation of the workflow).

  • Page 47: Configuration Task

    ESET Smart Security, ESET NOD32 Antivirus > Update Module > Profile > Setup > Username and Password. 4) Insert the ESET-supplied username and password and click Console on the right to return to the task wizard. The path to the package is displayed in the Create/Select configuration field.

  • Page 48: Update Now Task

    1) Right-click on any workstation from the Clients pane and select New Task > Update Now. 2) If you wish to exclude certain types of ESET security products from the task, select them in the Configuration section drop-down menu and select the Exclude this section from Update Task option.

  • Page 49: Generate Security Audit Log Task

    From the Clients tab, you can see the Protection Status Text column monitoring the protection status of all connected ESET clients. A blank field denotes that the protection status of a specific client is on the Maximum protection level. If the protection level of a client is lower than maximum, a protection status warning highlighted in red or orange will appear in the Protection Status Text (e.g., ESET Personal firewall is disabled).

  • Page 50: Group Manager

    Once you have resolved all the issues successfully, the protection status message will change to Protection status: System is secure. NOTE: The Interactive task feature is supported by ESET Smart Security/ESET NOD32 version 3 and later. 5.2 Group Manager Group Manager is a powerful tool for managing your clients, separating them into different groups and applying different settings, tasks, restrictions, etc.

  • Page 51: Static Groups

    5.2.1 Static Groups Static groups are created to separate clients in your network into named groups and subgroups; i.e. you can create a Marketing group that will contain all marketing clients and also create specialized division subgroups - Local sales, EMEA Management, etc.

  • Page 52: Active Directory Synchronization

    Domain Controller, go to Tools > Server Options > Advanced > Edit Advanced Settings > ESET Remote Administrator > ERA Server > Setup > Active directory. The format of the server name is LDAP:// servername or GC://servername. When empty, global catalog (GC) is used.

  • Page 53: How To Create Policies

    The default installation only implements one policy labeled ”Server Policy”. This name can be changed in the Policy settings > Policy name field. The policy itself is configurable from the ESET Configuration Editor – click Edit and define parameters for the selected ESET security product (or client). All parameters are organized into a comprehensive structure and all items in the Editor are assigned an icon.

  • Page 54: Virtual Policies

    5.3.3 Virtual policies In addition to created policies, as well as those replicated from other servers (see chapter Replication tab ), the Policy Tree also contains a Default Parent Policy and Default Primary Clients Policy, which are referred to as virtual policies. The default Parent Policy is located on an upper server in the Global Policy Settings and selected as Default policy for lower servers.

  • Page 55: Viewing Policies

    after the name of an imported policy. 5.3.5 Viewing policies Policies in the Policy Tree structure can be viewed directly in the Configuration Editor by clicking View... or View Merged..View Merged – Displays the merged policy created as a result of inheritance (the process of inheriting applies settings from the parent policy).

  • Page 56: Policy Rules

    You can also add clients using the Add Special feature, which can add all clients at once, add selected clients or add clients from selected servers or groups. 5.3.7.3 Policy Rules The Policy Rules tool allows an administrator to automatically assign policies to client workstations in a more comprehensive way.

  • Page 57: Special Settings

    5.3.9 Special settings Two additional policies are not located in the Policy Manager but in Tools > Server Options > Advanced > Edit Advanced Settings > ESET Remote Administrator > ERA Server > Setup > Policies. Interval for policy enforcement (minutes): This feature applies to policies in the specified interval.

  • Page 58: Policy Deployment Scenarios

    5.3.10 Policy deployment scenarios 5.3.10.1 Each server is a standalone unit and policies are defined locally For the purpose of this scenario suppose there is a small network with one main and two lower servers. Each server has several clients. On each server, there is at least one or more policies created. The lower servers are located at the company’s branch offices;...

  • Page 59: Each Server Is Administered Individually - Policies Are Managed Locally But The Default Parent Policy Is Inherited From The Upper Server

    5.3.10.2 Each server is administered individually - policies are managed locally but the Default Parent Policy is inherited from the upper server The configuration from the previous scenario also applies to this scenario. However, Server A has the Default Policy for Lower Servers enabled and policies on the lower servers inherit the configuration of the Default Parent Policy from the master server.

  • Page 60: Inheriting Policies From An Upper Server

    5.3.10.3 Inheriting policies from an upper server The network model for this scenario is the same as the previous two scenarios. In addition, the master server, along with the Default Parent Policy, contains other policies, that are down replicable and serve as parent policies on the lower servers.

  • Page 61: Assigning Policies Only From The Upper Server

    5.3.10.4 Assigning policies only from the upper server This scenario represents a centralized system of policy management. Policies for clients are created, modified and assigned only on the main server - the local administrator has no rights to modify them. All lower servers have only one basic policy, which is empty (by default titled Server Policy).

  • Page 62: Using Groups

    5.3.10.6 Using groups In some situations, assigning policies to groups of clients can complement previous scenarios. Groups can be created manually or by using the Active Directory Synchronization option. Clients can be added to groups either manually (Static Groups) or automatically - by the group properties ( Parametric Groups).

  • Page 63: Notification Manager

    5.4.1 Notification Manager To open the Notification Manager main window, click Tools > Notification Manager. The main window is divided in two sections. The Notification rules section in the top part of the window contains a list of existing (either predefined or user defined) rules. A rule in this section must be checked to generate notification messages.
  • Page 64 As soon as the system detects the trigger event for a certain client or clients and finds a rule to be run, the client filter is applied. The filter can be assigned to any rules in which clients are involved; to enter the client filter setup, click Edit in the Client filter section.
  • Page 65 - Errors+Warnings+Info(Verbose) - Error, warning and informative messages - Filter log entries by type – Enable this option to specify error and warning entries to be watched in the server log. Note that for notifications to work properly, the log verbosity (Tools > Server Options > Logging) must be set to the corresponding level.
  • Page 66 The Repeat after every… menu allows you to specify a time interval after which the action will be repeated. However, the condition to activate the rule must still be met. In Server > Advanced > Edit Advanced Settings > ESET Remote Administrator >...

  • Page 67: Notifications Via Snmp Trap

    Possible virus outbreak - If the frequency of Threat log entries on a client has exceeded 1000 critical warnings in one hour on at least 10% of all clients. Possible network attack – If the frequency of ESET Personal firewall log entries on a client has exceeded 1000 critical warnings in one hour on at least 10% of all clients.

  • Page 68: Detailed Information From Clients

    Tools > ESET SysInspector from the ERAC main menu. If there are problems with a specific client, you can request an ESET SysInspector log from that client. To do this, right- click the client in the Clients pane and select Request data – Request SysInspector Information. Logs can only be obtained from generation 4.x products and later;...

  • Page 69: Centralized Quarantine

    View – Opens the log listed in the top section directly in ESET SysInspector Save As… – Saves the current log to a file. The Then Run ESET SysInspector Viewer to view this file option automatically opens the log after it is saved (as it would after clicking View).

  • Page 70: Firewall Rules Merge Wizard

    6. Firewall Rules Merge Wizard Firewall Rules Merge Wizard allows you to merge the firewall rules for selected clients. This is especially useful when you need to create a single configuration containing all firewall rules that were gathered by clients in learning mode. The resulting configuration can then be sent to clients via a configuration task or can be applied as a policy.

  • Page 71: Reports

    7. Reports The Reports tab is used to turn statistical information into graphs or charts. These can be saved and processed later in the Comma Separated Value format (.csv) by using ERA tools to provide graphs and graphical outputs. By default, ERA saves output in HTML format.
  • Page 72 Comprehensive Threats Report Summary of Combined Top Clients with most Threats/ Top Threats; Combined Top Threats / Threats Comparative Progress; Threats Progress Comprehensive Network Attacks Report Summary of Combined Top Clients with most Network Attacks / Top Network Attacks; Top Network Attacks; Top Network Attacks Sources;...

  • Page 73: Example Report Scenario

    multiple) reports and use the context menu (right-click). Templates placed in the Favorites list can be used later to immediately generate new reports. To move a template to Favorites, right-click the report and click Add to Favorites from the context menu. 7.1 Example report scenario To maintain your clients’...

  • Page 74: Eset Remote Administrator Server (Eras) Setup

    8. ESET Remote Administrator Server (ERAS) setup 8.1 Security Version 3.x and later ESET security solutions (ESET Smart Security, etc.) offer password protection for decrypted communication between the client and ERAS (communication at the TCP protocol, port 2222). Earlier versions (2.x) do not have this functionality. To provide backward compatibility for earlier versions, the Enable unauthenticated access for Clients mode must be activated.

  • Page 75: Mirror Server

    The Mirror feature allows a user to create a local update server. Client computers will not download virus signature updates from ESET’s servers on the Internet, but will connect to a local Mirror server on your network instead. The main advantages of this solution are to save Internet bandwidth and to minimize network traffic, since only the mirror server connects to the Internet for updates, rather than hundreds of client machines.

  • Page 76: Operation Of The Mirror Server

    For authentication to a network drive, please enter the authentication data in the full form: WORKGROUP\User or DOMAIN\User. In addition to authentication, you must also define the source of updates for ESET client solutions. The update source is either a URL address to a local server (http://Mirror_server_name:port) or UNC path to a network drive: (\ \Mirror_server_name\share_name).

  • Page 77: How To Enable And Configure The Mirror

    Select the Create update mirror option and enter a path to the folder where the update files will be stored. By default this is a relative path to the Mirror folder in the ERA data folder (%AllUsersProfile%/Application Data/ESET/ESET Remote Administrator) and can be changed to an absolute path according to your needs. To enable update via http, select the Provide update files via internal HTTP server option.
  • Page 78 The Mirror feature is also available directly from the program interface in ESET Smart Security Business Edition and ESET NOD32 Antivirus Business Edition. It is left to the administrator’s discretion as to which is used to implement the Mirror server.

  • Page 79: Mirror For Clients With Nod32 Version

    Tools > Server Options… > Advanced tab > click Edit Advanced Settings… and expand the branch ESET Remote Administrator > ERA Server > Setup > Mirror for NOD32 version 2. To minimize the volume of downloaded data, only select language versions that are present on your network.
  • Page 80 Other options that influence the replication behavior of servers include: Replicate threat log, Replicate firewall log, Replicate event log, Replicate scan log, Replicate mobile log, Replicate quarantine log If these options are selected, all information displayed on the Clients, Threat Log, Firewall Log, Event Log, Scan Log, Mobile Log, Quarantine Log and Tasks tab is replicated in individual columns and lines.

  • Page 81: Logging

    We recommend leaving the Log verbosity set to Level 2 – Above + Session Errors. Change the log level only if you are experiencing problems, or if you are advised to do so by ESET Customer Care. Click Tools > Server Options > Advanced > Edit Advanced Settings… > Setup > Logging > Rotated debug log compression to configure compression level for individual rotated logs.

  • Page 82: Advanced Settings

    Enable MAC address renaming (from unknown to valid) After reinstalling from an ESET client solution that does not support sending a MAC address (e.g., ESET NOD32 Antivirus 2.x) to a client solution that does (e.g., a 3.x client), the old client record will be converted to the new one.

  • Page 83: Eset Remote Administrator Maintenance Tool

    The purpose of the ESET Remote Administrator Maintenance Tool is to execute specific tasks for server operation and maintenance. It can be accessed by clicking Start > Program Files > ESET Remote Administrator > Server. When you launch the ERA Maintenance tool, an interactive wizard will display to help you in performing the required tasks.

  • Page 84: Database Backup

    (Allow import from a different type of database) as well as to stop ESET Remote Administrator Server during database restore (Stop server during processing task). Click Next to confirm the task execution.

  • Page 85: Troubleshooting

    10.1.2 What is the meaning of the GLE error code? Installing ESET Smart Security or ESET NOD32 Antivirus via the ESET Remote Administrator Console can occasionally generate a GLE error. To find the meaning of any GLE error number, follow the steps below: 1) Open a command prompt by clicking Start >...

  • Page 86: Frequently Encountered Error Codes In Era.log

    This update module error can be encountered if a proxy server is used to mediate Internet connection – namely Webwasher proxy. 0x2104 – UPD_RETVAL_SERVER_ERROR Update module error indicating an HTTP error code higher than 500. If the ESET HTTP server is being used, error 500 indicates a problem with memory allocation. 0x2105 – UPD_RETVAL_INTERRUPTED This update module error can be encountered if a proxy server is used to mediate the Internet connection –...

  • Page 87: Hints & Tips

    If no changes have been made after installation, ESET NOD32 and ESET Smart Security contain two predefined tasks of this type. The first task checks system files at each user logon, the second task does the same after a successful virus signature database update.
  • Page 88 60 minutes by default. Usually there is no reason to modify its parameters. The only exception is for notebooks, since their owners also connect to the Internet from outside of company networks. The last dialog allows you to specify two different update profiles, covering updates either from a local server or from ESET’s update servers.

  • Page 89: Removing Existing Profiles

    Save As… to export the assigned configuration of the given client to an .xml file (.xml configuration files can also be extracted directly from the ESET Smart Security program interface). The .xml file can be used afterwards for various operations: For remote installations, the .xml file can be used as a template for a predefined configuration.

  • Page 90: Combined Update For Notebooks

    ESET’s update servers and the local Mirror server. First, notebooks contact the local Mirror server, and if the connection fails (they are outside of the office), they download updates directly from ESET’s servers. To allow for this functionality:...

  • Page 91: Installation Of Third Party Products Using Era

    11.5 Installation of third party products using ERA In addition to remote installation of ESET products, ESET Remote Administrator is capable of installing other programs. The only requirement is that the custom install package must be in the .msi format. The remote installation of custom...

  • Page 92: Eset Sysinspector

    ESET security products installed, you can run ESET SysInspector directly from the Start Menu (Programs > ESET > ... ). Please wait while the application inspects your system which could take up to several minutes depending on your hardware and data to be gathered.

  • Page 93: Program Controls

    "Basic" mode you have access to information used to find solutions for common problems in your system. In the "Medium" mode the program displays less used details while in the "Full" mode ESET SysInspector displays all the information needed to solve very specific problems.

  • Page 94: Navigating In Eset Sysinspector

    12.2.2 Navigating in ESET SysInspector ESET SysInspector divides various types of information into several basic sections called nodes. If available you may find additional details by expanding each node into its subnodes. To open or collapse a node just double-click the name of the node or alternatively click next to the name of the node.

  • Page 95: Compare

    Log files can be later opened and viewed. To open an existing log, use the menu File -> Open log. In the main program window, ESET SysInspector always displays one log at a time.

  • Page 96: Command Line Parameters

    NOTE: If the name of the file/folder contains a gap, then should be taken into inverted commas. 12.4 Service Script Service script is a tool that serves to provide help to customers that use ESET SysInspector. It is used to remove unwanted objects from the system.

  • Page 97: Structure Of The Service Script

    12.4.2 Structure of the Service script In the first line of the script’s header you can find information about the Engine version (ev), GUI version (gv) and the Log version (lv). You can use this data to track possible changes in the .xml file that generates the script and prevent any inconsistencies during execution.
  • Page 98 Example: 04) UDP endpoints: - 0.0.0.0, port 123 (ntp) + 0.0.0.0, port 3702 - 0.0.0.0, port 4500 (ipsec-msft) - 0.0.0.0, port 500 (isakmp) [...] When the script runs, it will isolate the owner of the socket at the marked UDP endpoints and stop the socket. 05) DNS server entries This section contains information about the current DNS server configuration.

  • Page 99: Executing Service Scripts

    Example: 08) Drivers: - Name: Microsoft ACPI Driver, exe path: c:\windows\system32\drivers\acpi.sys, state: Running, startup: Boot - Name: ADI UAA Function Driver for High Definition Audio Service, exe path: c:\windows\system32 \drivers\adihdaud.sys, state: Running, startup: Manual [...] When you execute the script, the drivers selected will be unregistered from the system and removed. 09) Critical files This section contains information about files critical to proper function of the operating system.

  • Page 100: Shortcuts

    12.5 Shortcuts Key shortcuts that can be used when working with the ESET SysInspector include: File Ctrl+O opens existing log Ctrl+S saves created logs Generate Ctrl+G standard system status check Ctrl+H performs a system check that may also log sensitive information...

  • Page 101: System Requirements

    How do I view the ESET SysInspector log file ? To view a log file created by ESET SysInspector, run the program and select File > Open Log from the main menu. You can also drag and drop log files onto the ESET SysInspector application. If you need to frequently view ESET SysInspector log files, we recommend creating a shortcut to the SYSINSPECTOR.EXE file on your Desktop;...
  • Page 102 How does ESET SysInspector evaluate the risk posed by a particular object ? In most cases, ESET SysInspector assigns risk levels to objects (files, processes, registry keys and so forth) using a series of heuristic rules that examine the characteristics of each object and then weight the potential for malicious activity.

  • Page 103: Eset Sysrescue

    In the next step select the target media where ESET SysRescue will be located. In addition to CD/DVD/USB you can choose to save ESET SysRescue in an ISO file. Later on, you can burn the ISO image on CD/DVD, or use it some other way (e.g.

  • Page 104: Eset Antivirus

    WinPE is based on Windows Vista SP1 which supports a wide array of hardware, sometimes hardware is not recognized and you need to add the driver manually. There are two ways to introduce the driver into ESET SysRescue compilation - manually (the Add button) and automatically (the Aut.

  • Page 105: Using Eset Sysrescue

    In such a scenario, you can employ ESET SysRescue to solve the problem. ESET SysRescue does not require any component of the host operating system. Therefore it is capable of processing (cleaning, deleting) any file on the disk.

This manual is also suitable for:

Remote administrator 4

Table of Contents