ESET Online Help

Search English
Select the topic

Cloud-based protection

ESET LiveGrid® is an advanced early warning system comprised of several cloud-based technologies. It helps to detect emerging threats based on reputation and improves scanning performance utilizing whitelisting.

By default, ESET Endpoint Security is configured to submit suspicious files to the ESET Research Lab for analysis. Files with certain extensions such as .doc or .xls are always excluded. You can also add other extensions if there are specific files that you or your organization want to avoid sending.

To configure the ESET Endpoint Security remotely:

1.In ESET PROTECT, click Policies > New policy and type a name for the policy.


note

To adjust the settings in an existing policy for ESET Endpoint for macOS (V7+), click the policy you want to change in the list of policies and click Edit > Settings.

2.Click Settings and select ESET Endpoint for macOS (V7+) from the drop-down menu.

3.Adjust the desired settings.

4.Click Continue > Assign and select the appropriate group of computers.

5.Click Finish.


note

To configure the ESET Endpoint Security locally see application preferences.

In Detection Engine > Cloud-based protection, you can configure the following settings:

Cloud-based protection

Enable ESET LiveGrid® reputation system (recommended)

ESET LiveGrid® reputation system improves the efficiency of ESET anti-malware solutions by comparing scanned files to a database of whitelisted and blacklisted items in the cloud.

Enable ESET LiveGrid® feedback system

Data will be sent to the ESET Virus Lab for further analysis.

Submit crash reports and diagnostic data

Submit data such as crash reports, modules or memory dumps.

Help improve the product by submitting anonymous usage statistics

Allow ESET to collect information about newly detected threats such as the threat name, date and time of detection, detection method and associated metadata, scanned files (hash, filename, origin of the file, telemetry), blocked and suspicious URL's, product version and configuration, including information about your system.

Contact email (optional)

Contact email can be included with any suspicious files and may be used to contact the user if further information is required for analysis. Please note that user will not receive a response from ESET unless more information is needed.

Submission of samples

Automatic submission of detected samples

Based on the selected option, this can submit infected samples to ESET Research Lab for analysis and improve future detection.

All detected samples

All samples except documents

Do not submit

Automatic submission of suspicious samples

Suspicious samples resembling threats and samples with unusual characteristics or behavior are submitted to ESET Research Lab for analysis.

Executables – Includes executable files: .exe, .dll, .sys

Archives – Includes archive file types: .zip, .rar, .7z, .arch, .arj, .bzip2, .gzip, .ace, .arc, .cab

Scripts – Includes script file types: .bat, .cmd, .hta, .js, .vbs, .ps1

Other – Includes file types: .jar, .reg, .msi, .swf, .lnk

Delete executables, archives, scrips and other samples from ESET's servers – Default value is set to Never

Exclusions

Click Edit next to Exclusions to exclude specific files or folders from submission. The excluded files will not be sent to ESET Research Lab even if they contain a suspicious code.

Maximum size of samples (MB)

Define the maximum size of samples (range 1-64 MB).

ESET LiveGuard

ESET LiveGuard is a feature that adds a layer of cloud-based protection specifically designed to mitigate never-before-seen threats. When enabled, suspicious samples not yet confirmed as malicious and potentially carrying malware are automatically submitted to the ESET cloud. Submitted samples are run in a sandbox and are evaluated by our advanced malware detection engines.

Enable ESET LiveGuard

Enabling ESET LiveGuard provides another level of security by utilizing cloud-based technology to analyze and detect new types of threats. ESET LiveGuard can be enabled only if ESET LiveGrid® is enabled.

Detection threshold

Results with selected and higher threshold value will be detected as threats. Threshold value can be set to Suspicious, Highly Suspicious and Malicious threats.

Action after detection

Choose what should be done after a threat is detected. The options are Kill running process and clean or Clean on next file access.

Proactive protection

The modes offered are Allow execution immediately or Block execution until receiving the analysis result. Proactive protection in blocking mode helps to better protect computers. It will evaluate a file before execution if it has been downloaded using a supported web browser or email client, was located on removable media or extracted from an archive.

Maximum wait time for the analysis result

Consider the average analysis time before adjusting this settings. After this time, a user can execute the sample regardless of the analysis results.

Automatic submission of suspicious samples

Documents – Includes documents created in Microsoft Office, Libre Office or other office tool, or PDF's with active content.

Delete documents from ESET's servers – this value can be set to Never, After 30 days or Immediately after analysis.