Using HTTP Proxy

ESET Dynamic Threat Defense can use Apache HTTP Proxy to forward the connection to ESET servers and cache transferred data. Caching saves the network traffic. Using the proxy is necessary only if the client computer does not have network visibility to ESET servers. If you are using Apache HTTP Proxy to forward communication between ESMC Server and ESET Security Management Agents, you can use the same proxy to cache the results coming from ESET Dynamic Threat Defense.

note

Note  

It is necessary to set up proxy settings (Settings > Tools > Proxy server) in the ESET security product on the client computer. It can be done manually or via ESMC policy.

Supported scenarios of ESMC with proxy

Operating system

Scenario

Solution

Windows

New ESMC installation from the All in one installer

No action needed, the Proxy configuration is included in your installation.

New ESMC installation from separated component installers

Install or re-install your Apache HTTP Proxy with the one provided by ESET, which includes the necessary proxy settings. If you already have the supported version of Apache HTTP Proxy, you can copy the configuration from the Apache installer provided by ESET, or you can modify the configuration manually.

ESMC upgraded by Component upgrade task

Install or re-install your Apache HTTP Proxy with the one provided by ESET, which includes the necessary proxy settings. If you already have the supported version of Apache HTTP Proxy, you can copy the configuration from the Apache installer provided by ESET, or you can modify the configuration manually.

Linux

New ESMC installation from separated component installers

Install or upgrade your Apache HTTP Proxy and update your proxy configuration as seen below.

ESMC upgraded by Component upgrade task

Install or upgrade your Apache HTTP Proxy and update your proxy configuration as seen below.

Virtual Appliance (Linux)

ESMC upgraded by Component upgrade task

Install or upgrade your Apache HTTP Proxy and update your proxy configuration as seen below.

New ESMC 7.0 VA deployment

No action needed, the Proxy configuration is included in your installation.

ERA 6.x VA database pulled to a new  ESMC 7.0 VA

No action needed, the Proxy configuration is included in your installation.

Proxy configuration file

Linux and Windows store the Apache configuration files at different locations, see the usual location in the table below.

Operating system

Configuration files

Windows

C:\Program Files\Apache HTTP Proxy\conf\httpd.conf

Linux (Debian-based)

/etc/apache2/mods-available/proxy.conf

Virtual Appliance (Linux)

/etc/httpd/conf.d/proxy.conf

Proxy chaining

You can set up more supported forward proxies to work in the chain. Add ProxyRemote * AddressOfNextProxy to your proxy configuration. All proxies that are connecting to next proxy need to have the setting.

Example, where 10.1.1.2 is the address of the next proxy:

 ProxyRemote * http://10.1.1.2:3128

To apply the new configuration, restart the proxy service.

Third-party proxies (non-Apache)

Other forward proxy solutions are not supported by ESET. Under certain conditions, other proxies may work, but ESET does not provide configuration or support for these scenarios.

Troubleshooting

To get detailed logs from your proxy, change / add the parameter LogLevel debug in your proxy configuration and restart the proxy service. You can use logs to look for the problem or provide them to ESET Support for further assistance.