ESET Online Help

Search English
Select the topic

Update mirror

ESET Server Security allows you to create copies of update files that can be used to update other workstations on the network. The use of a "mirror" - a copy of the update files in the LAN environment is convenient because the update files do not need to be downloaded from the vendor update server repeatedly by each workstation. Updates are downloaded to the local mirror server and then distributed to all workstations to avoid the risk of network traffic overload.

Updating client workstations from a Mirror optimizes network load balance and saves internet connection bandwidth.

note

To minimize internet traffic on networks where ESET PROTECT is used to manage many clients, we recommend using ESET Bridge rather than configuring a client as a mirror. ESET Bridge can be installed with ESET PROTECT using the All-in-one installer or as a standalone component. For more information and differences between ESET Bridge, Apache HTTP Proxy, Mirror Tool, and direct connectivity, see ESET PROTECT Online Help page.

Update mirror

Create update mirror—Activates mirror configuration options.

Access to update files

Enable HTTP server—If enabled, update files can be accessed through HTTP, no credentials are required.

Storage folder—Click Edit to browse for a folder on the local computer or shared network folder. If authorization for the specified folder is required, authentication data must be entered in the Username and Password fields.

Click Clear if you want to change a defined default folder to store mirrored files C:\ProgramData\ESET\ESET Security\mirror.

HTTP server

Server port—Default port is set to 2221. Change this value if you are using different port.

Authentication

Defines the method of authentication used for accessing update files. The following options are available: None, Basic and NTLM.

Select Basic to use base64 encoding with basic username and password authentication.

The NTLM option provides encoding using a safe encoding method. For authentication, the user created on the workstation sharing the update files is used.

The default setting is None, which grants access to the update files with no need for authentication.

warning

If you want to allow access to the update files via the HTTP server, the Mirror folder must be located on the same computer as the ESET Server Security instance creating it.

SSL for HTTP server

Append your Certificate chain file, or generate a self-signed certificate if you want to run HTTP server with HTTPS (SSL) support. The following certificate types are available: PEM, PFX and ASN. For additional security, you can use HTTPS protocol to download update files. It is almost impossible to track data transfers and login credentials using this protocol.

The Private key type is set to Integrated by default (and therefore the Private key file option is disabled by default). This means that the private key is a part of the selected certificate chain file.

Connection options

Windows shares—When updating from a local server running Windows, authentication for each network connection is required by default.

Connect to LAN as

To configure your account, select one of the following options:

System account (default)—Use the system account for authentication. Normally, no authentication process takes place if there is no authentication data supplied in the main update setup section.

Current user—Select this to ensure the program authenticates using the currently logged-in user account. The drawback of this solution is that the program cannot connect to the update server if no user is currently logged in.

Specified user—Select this to use a specific user account for authentication. Use this method when the default system account connection fails. Be aware that the specified user account must have access to the updated files directory on the local server. If the user does not have access, the program cannot establish a connection and download updates.

warning

When either Current user or Specified user is selected, an error may occur when changing the identity of the program to the desired user. We recommend entering the LAN authentication data in the main update setup section. In this update setup section, the authentication data should be entered as follows: domain_name\user (if it is a workgroup, enter workgroup_name\name) and password. When updating from the HTTP version of the local server, no authentication is required.

Disconnect from server after update—To force a disconnect if a connection to the server remains active even after updates have been downloaded.