ESET Online Help

Search English
Select the topic

Deployment using GPO or SCCM

Apart from installing ESET Endpoint Security directly on a client workstation, you can also install using management tools such as Group Policy Object (GPO), Software Center Configuration Manager (SCCM), Symantec Altiris or Puppet.

Managed (recommended)

For managed computers, we first install ESET Management Agent, then deploy ESET Endpoint Security via ESET PROTECT. ESET PROTECT must be installed in your network.

  1. Download the standalone installer for ESET Management Agent.
  2. Prepare the GPO/SCCM remote deployment script.
  3. Deploy ESET Management Agent using either GPO or SCCM.
  4. Ensure that the client computers has been added to ESET PROTECT.
  5. Deploy and activate ESET Endpoint Security to your client computers.

note

The following ESET Knowledgebase article may only be available in English:


Unmanaged

For unmanaged computers, you can deploy ESET Endpoint Security directly to client workstations. This is not recommended because you will not be able to monitor and enforce policies for all your ESET endpoint products on workstations.

By default, ESET Endpoint Security is not activated after installation and therefore not functional.

Option 1 (Software installation)

  1. Download the .msi installer for ESET Endpoint Security.
  2. Create an .mst transform package from the .msi file (for example by using the Orca .msi editor) to include the product activation property (see ACTIVATION_DATA in Command-line installation).
     
    arrow_down_business Show steps for creating .mst in Orca
  1. Optional: To import your customized ESET Endpoint Security .xml configuration file (for example, to enable RMM or configure proxy server settings), put the cfg.xml file in the same location as the .msi installer.
  2. Deploy the .msi installer with the .mst file remotely using GPO (via Software installation) or SCCM.

Option 2 (using a scheduled task)

  1. Download the .msi installer for ESET Endpoint Security.
  2. Prepare a Command-line installation script to include the product activation property (see ACTIVATION_DATA).
  3. Make the .msi installer and the .cmd script accessible in the network for all workstations.
  4. Optional: To import your customized ESET Endpoint Security .xml configuration file (for example, to enable RMM or configure proxy server settings), put the cfg.xml file in the same location as the .msi installer.
  5. Apply a prepared command-line installation script using either GPO or SCCM.
      • For GPO, use Group Policy Preferences > Group Policy Schedule Tasks > Immediate task

note

If you do not want to use ESET PROTECT to remotely manage your ESET endpoint products, ESET Endpoint Security contains the ESET plugin for RMM which enables you to supervise and control software systems using a locally installed agent that can be accessed by a management service provider. Find more information.