HTTPS traffic caching
ESET Bridge can decrypt and cache HTTPS traffic:
oUpdate requests (modules, repository) sent from a supported ESET security product:
Supported ESET security product (HTTPS traffic caching) |
Supported product version |
---|---|
ESET Endpoint Antivirus/Security for Windows |
10 and later |
oESET LiveGuard Advanced traffic for ESET PROTECT On-Prem and the supported ESET security products listed above.
HTTPS traffic caching limitations •ESET Bridge does not support HTTPS traffic caching for ESET security products (and their versions) not listed above (earlier ESET Endpoint for Windows, Windows Server/Linux/macOS security products). •ESET PROTECT On-Prem supports HTTP/HTTPS traffic caching, but the cloud ESET PROTECT supports only HTTP traffic caching. The cloud ESET PROTECT does not support HTTPS traffic caching—the required certificates are available in ESET PROTECT On-Prem, but not in the cloud ESET PROTECT. •ESET Bridge and ESET PROTECT support HTTP traffic caching for all ESET security products. |
ESET PROTECT All-in-one installer and Virtual Appliance (when ESET Bridge is enabled during the Virtual Appliance deployment) create default HTTP Proxy Usage policies for ESET Management Agent and ESET security products applied to the All Static Group. The policies automatically configure ESET Management Agents and ESET security products on managed computers to use ESET Bridge as a Proxy for caching update packages. The HTTPS traffic caching is enabled by default: •The ESET Bridge policy contains the HTTPS certificate, and the Cache HTTPS Traffic toggle is enabled. •The ESET Endpoint for Windows HTTP Proxy Usage policy contains the Certificate Authority for the HTTPS traffic caching. |
If you installed ESET Bridge using a standalone installer (on Windows or Linux) or the Software Install Task, you need to configure HTTPS traffic caching via Policies:
1.Create or edit an ESET Bridge Policy with these settings:
a.Expand Cache and enable the Cache HTTPS traffic toggle.
b.Click Change certificate next to HTTPS Certificate > click Open certificate list and select ESET Bridge certificate.
2.Create or edit an ESET security product Policy. When setting Proxy Server details in Connectivity > Proxy Server, click Edit next to Certificate Authorities and add the ESET PROTECT Certification Authority. ESET security products use the Certification Authority to validate the peer certificate from the ESET Bridge Policy.
Expired ESET Bridge certificate ESET PROTECT Web Console starts displaying an alert 30 days before the ESET Bridge certificate expires: •When the ESET Bridge certificate expires, ESET Bridge stops caching HTTPS traffic and uses a direct connection for HTTPS traffic. •To continue using the HTTPS caching, create a new ESET Bridge certificate and apply it via ESET Bridge Policy. |