Common questions

What files are sent to the sandbox?

If a file is submitted manually for ESET Dynamic Threat Defense analysis, the system sends the selected file with no regard for file type. For automatic file submissions, the ESET security product only submits files that have not been scanned before and having the defined file type. The file type is determined based on the contents of a file, not its file extension since a user or malware can easily change the file extension.

ESET Mail Security and ESET Endpoint Security for Windows use a different approach. Different file types are processed differently in each of them.

ESET Mail Security - Processing is synchronized, the system waits for the result.

ESET Endpoint Security and ESET File Security - Processing is asynchronous. The system does not wait for the result.

Whether a file is submitted or not depends on the source of file (web / mail / https).

hmtoggle_plus0Table of actions according to file type

What is the maximum size of a file which can be sent?

ESET Security products can submit files up to 64 MB in size. You can define a maximum size to send in your policy for ESET Dynamic Threat Defense.

What do the states of analysis and file statuses mean?

Refer to the related chapter.

How to prevent ESET security product from deleting certain file?

You can add an exclusion on hash of a file and after the exclusion is applied, restore the file. Such a file will not be scanned by ESET security product again.

How is ESET Dynamic Threat Defense updated?

ESET Dynamic Threat Defense is updated remotely on the ESET cloud. You do not have to update the service manually. Update your installed security products when there is a new version available, to get new features.

What happens to settings on product after the ESET Dynamic Threat Defense license expires?

All settings stay unchanged, and Web Console displays warning about the expired license. Apply another policy to turn off the settings.

How long does it take to replicate?

Replication time depends on the size of the file, your network capabilities and the load on the ESET servers.

Sample type


Already analyzed Sample

Half of the pre-configured wait time

90% of unknown samples

up to 5 minutes

99% of unknown samples

up to 1 hour

Can a computer benefit from ESET Dynamic Threat Defense but submit no files?

You can set up an individual policy for a computer (or computers) with higher security requirements, which would not submit any files. If such the machine has ESET Dynamic Threat Defense activated, it receives priority results from analysis of other files submitted from its company. Files evaluated as malicious are afterward detected also by ESET LiveGrid® which helps to protect other connected machines.



You can find more questions and answers in our FAQ article..