HTTPS traffic caching
ESET Bridge can decrypt and cache HTTPS traffic:
oUpdate requests (modules, repository) from a supported ESET security product:
Supported ESET security product (HTTPS traffic caching) |
Supported product version |
|---|---|
ESET Endpoint Antivirus/Security for Windows |
10 and later |
oESET LiveGuard Advanced traffic for ESET PROTECT On-Prem and the supported ESET security products listed above.
|
HTTPS traffic caching limitations •ESET Bridge does not support HTTPS traffic caching for unlisted ESET security products (earlier ESET Endpoint for Windows, Windows Server/Linux/macOS security products). •ESET PROTECT On-Prem supports HTTP/HTTPS traffic caching, but the cloud ESET PROTECT supports only HTTP traffic caching. The cloud-based ESET PROTECT does not support HTTPS traffic caching—the required certificates are available in ESET PROTECT On-Prem, but not in the cloud-based ESET PROTECT. •ESET Bridge and ESET PROTECT support HTTP traffic caching for all ESET security products. |
|
ESET PROTECT All-in-one installer and Virtual Appliance (when ESET Bridge is enabled during the Virtual Appliance deployment) create default HTTP Proxy Usage policies for ESET Management Agent and ESET security products applied to the All Static Group. The policies automatically configure ESET Management Agents and ESET security products on managed computers to use ESET Bridge as a proxy server for caching update packages. The HTTPS traffic caching is enabled by default: •The ESET Bridge policy contains the HTTPS certificate, and the Cache HTTPS Traffic toggle is enabled. •The ESET Endpoint for Windows HTTP Proxy Usage policy contains the Certificate Authority for the HTTPS traffic caching. |
After installing ESET Bridge using a standalone installer (on Windows or Linux) or the Software Install Task, you must configure HTTPS traffic caching via Policies:
1.Create or edit an ESET Bridge Policy with these settings:
a.Expand Cache and enable the Cache HTTPS traffic toggle.
b.Click Change certificate next to HTTPS Certificate > click Open certificate list and select ESET Bridge certificate.
2.Create or edit an ESET security product Policy. When setting Proxy Server details in Connectivity > Proxy Server, click Edit next to Certificate Authorities and add the ESET PROTECT Certification Authority. ESET security products use the Certification Authority to validate the peer certificate from the ESET Bridge Policy.
|
Expired or revoked ESET Bridge certificate ESET PROTECT Web Console displays an alert: •30 days before the ESET Bridge certificate expires. •When the ESET Bridge certificate has been revoked. When the ESET Bridge certificate expires or has been revoked, ESET Bridge stops caching HTTPS traffic and uses a direct network connection for the HTTPS traffic. To continue using HTTPS caching, create a new ESET Bridge certificate and apply it via ESET Bridge Policy. |