Command-line installation
You can install ESET Endpoint Security locally using the command-line or you can install remotely using a client task from ESET PROTECT.
Supported parameters
APPDIR=<path>
- Path—Valid directory path.
- Application installation directory.
APPDATADIR=<path>
- Path—Valid directory path.
- Application Data installation directory.
MODULEDIR=<path>
- Path—Valid directory path.
- Module installation directory.
ADDLOCAL=<list>
- Component installation—list of non-mandatory features to be installed locally.
- Usage with ESET .msi packages: ees_nt64_ENU.msi /qn ADDLOCAL=<list>
- For more information about the ADDLOCAL property see http://msdn.microsoft.com/en-us/library/aa367536%28v=vs.85%29.aspx
ADDEXCLUDE=<list>
- The ADDEXCLUDE list is a comma-separated list of all feature names not to be installed, as a replacement for the obsolete REMOVE.
- When selecting a feature not to install, then the whole path (i.e., all its sub-features) and related invisible features must be explicitly included in the list.
- Usage with ESET .msi packages: ees_nt64_enu.msi /qn ADDEXCLUDE=Firewall,Network
ADDEXCLUDE cannot be used together with ADDLOCAL. |
See documentation for the msiexec version used for the appropriate command line switches.
Rules
- The ADDLOCAL list is a comma separated list of all feature names to be installed.
- When selecting a feature to install, the whole path (all parent features) must be explicitly included in the list.
- See additional rules for correct usage.
Components and features
Component installation using ADDLOCAL/ADDEXCLUDE parameters will not work with ESET Endpoint Antivirus. |
The features are divided into 4 categories:
- Mandatory—the feature will always be installed.
- Optional—the feature can be deselected so that it is not installed.
- Invisible—logical feature that is mandatory for other features to work properly.
- Placeholder—feature with no effect on the product, but must be listed with sub-features.
The feature set of ESET Endpoint Security is following:
Description |
Feature Name |
Feature Parent |
Presence |
---|---|---|---|
Base program components |
Computer |
|
Placeholder |
Detection engine |
Antivirus |
Computer |
Mandatory |
Detection engine / Malware scans |
Scan |
Computer |
Mandatory |
Detection engine / Real-time file system protection |
RealtimeProtection |
Computer |
Mandatory |
Detection engine / Malware scans / Document protection |
DocumentProtection |
Antivirus |
Optional |
Device control |
DeviceControl |
Computer |
Optional |
Network protection |
Network |
|
Placeholder |
Network protection / Firewall |
Firewall |
Network |
Optional |
Network protection / Network attack protection / ... |
IdsAndBotnetProtection |
Network |
Optional |
Secure Browser |
OnlinePaymentProtection |
WebAndEmail |
Optional |
Web and email |
WebAndEmail |
|
Placeholder |
Web and email / Protocol filtering |
ProtocolFiltering |
WebAndEmail |
Invisible |
Web and email / Web access protection |
WebAccessProtection |
WebAndEmail |
Optional |
Web and email / Email client protection |
EmailClientProtection |
WebAndEmail |
Optional |
Web and email / Email client protection / Email clients |
MailPlugins |
EmailClientProtection |
Invisible |
Web and email / Email client protection / Antispam protection |
Antispam |
EmailClientProtection |
Optional |
Web and email / Web control |
WebControl |
WebAndEmail |
Optional |
Tools / ESET RMM |
Rmm |
|
Optional |
Update / Profiles / Update mirror |
UpdateMirror |
|
Optional |
EnterpriseInspector |
|
Invisible |
Group feature set:
Description |
Feature Name |
Feature Presence |
---|---|---|
All mandatory features |
_Base |
Invisible |
All available features |
ALL |
Invisible |
Additional rules
- If any of the WebAndEmail features are selected for installation, the invisible ProtocolFiltering feature must be included in the list.
- Names of all the features are case sensitive, for example UpdateMirror is not equal to UPDATEMIRROR.
List of configuration properties
Property |
Value |
Feature |
---|---|---|
CFG_POTENTIALLYUNWANTED_ENABLED= |
0—Disabled |
|
CFG_LIVEGRID_ENABLED= |
See the LiveGrid property below |
|
FIRSTSCAN_ENABLE= |
0—Disabled |
Schedule and run a Computer scan after installation |
CFG_PROXY_ENABLED= |
0—Disabled |
Proxy server settings |
CFG_PROXY_ADDRESS= |
<ip> |
Proxy server IP address |
CFG_PROXY_PORT= |
<port> |
Proxy server port number |
CFG_PROXY_USERNAME= |
<username> |
Username for authentication |
CFG_PROXY_PASSWORD= |
<password> |
Password for authentication |
ACTIVATION_DATA= |
Product activation, license key or offline license file |
|
ACTIVATION_DLG_SUPPRESS= |
0—Disabled |
When set to "1", do not show the product activation dialog after the first start |
ADMINCFG= |
<path> |
Path to exported XML configuration |
Configuration properties only in ESET Endpoint Security
CFG_EPFW_MODE= |
0—Automatic (default) |
Firewall filtering mode |
CFG_EPFW_LEARNINGMODE_ENDTIME= |
<timestamp> |
End date of the Learning Mode as Unix timestamp |
LiveGrid® property
When installing ESET Endpoint Security with CFG_LIVEGRID_ENABLED, the behavior of the product after the installation will be:
Feature |
CFG_LIVEGRID_ENABLED=0 |
CFG_LIVEGRID_ENABLED=1 |
---|---|---|
ESET LiveGrid® reputation system |
On |
On |
ESET LiveGrid® feedback system |
Off |
On |
Submit anonymous statistics |
Off |
On |
ACTIVATION_DATA property
Format |
Method |
---|---|
ACTIVATION_DATA=key:AAAA-BBBB-CCCC-DDDD-EEEE |
Activation using ESET license key (internet connection should be active) |
ACTIVATION_DATA=offline:C:\ProgramData\ESET\ESET Security\license.lf |
Language properties
ESET Endpoint Security language (you must specify both properties).
Property |
Value |
---|---|
PRODUCT_LANG= |
LCID Decimal (Locale ID), for example, 1033 for English (United States). See the list of language codes. |
PRODUCT_LANG_CODE= |
LCID String (Language Culture Name) in lowercase, for example, en-us for English (United States). See the list of language codes. |
Restart properties
Specify the following parameters to restart the computer after installation:
Property |
Value |
Feature |
---|---|---|
REBOOT_WHEN_NEEDED= |
0—Disabled |
If enabled, after installation, the computer will restart. |
REBOOT_CANCELABLE= |
0—Disabled |
If enabled, the user can cancel the computer restart. |
REBOOT_POSTPONE= |
value in seconds |
Maximum amount of time in seconds for the user to postpone the computer restart. |
REBOOT_CANCELABLE and REBOOT_POSTPONE are available only if REBOOT_WHEN_NEEDED is enabled. |
Command line installation examples
Make sure that you read the End User License Agreement and have administrative privileges prior to running the installation. |
Exclude the NetworkProtection section from the installation (you must also specify all child features): msiexec /qn /i ees_nt64.msi ADDEXCLUDE=Network,Firewall,IdsAndBotnetProtection |
If you want your ESET Endpoint Security to be automatically configured after the installation, you can specify basic configuration parameters within the installation command. Install ESET Endpoint Security with ESET LiveGrid® enabled: msiexec /qn /i ees_nt64.msi CFG_LIVEGRID_ENABLED=1 |
Install to a different application installation directory than the default. msiexec /qn /i ees_nt64_enu.msi APPDIR=C:\ESET\ |
Install and activate ESET Endpoint Security using your ESET license key. msiexec /qn /i ees_nt64_enu.msi ACTIVATION_DATA=key:AAAA-BBBB-CCCC-DDDD-EEEE |
Silent installation with detailed logging (useful for troubleshooting), and RMM only with mandatory components: msiexec /qn /i ees_nt64.msi /l*xv msi.log ADDLOCAL=_Base,Rmm |
Forced silent full installation with a specified language. msiexec /qn /i ees_nt64.msi ADDLOCAL=ALL PRODUCT_LANG=1033 PRODUCT_LANG_CODE=en-us |
Post-installation command line options
- ESET CMD—Import an .xml configuration file or turn on/off a security feature.
- Command line scanner—Run a Computer scan from the command line.