Architecture Overview

Once ESET Gateway Security is successfully installed, you should become familiar with its architecture.

Figure 4-1. Structure of ESET Gateway Security.

structure

The structure of ESET Gateway Security is shown in Figure 4-1. The system is comprised of the following parts:

CORE

The core of ESET Gateway Security is the ESETS daemon (esets_daemon). The daemon uses ESETS API library libesets.so and ESETS loading modules em00X_xx.dat to provide base system tasks such as scanning, maintenance of the agent daemon processes, maintenance of the samples submission system, logging, notification, etc. Please refer to the esets_daemon(8) man page for details.

AGENTS

The purpose of ESETS agent modules is to integrate ESETS with the Linux and FreeBSD server environment.

UTILITIES

The utility modules provide simple and effective system management. They are responsible for system tasks such as license management, quarantine management, system setup and update.

CONFIGURATION

Proper configuration is the most important aspect of your security system; the remainder of this chapter is dedicated to explaining all related components. A thorough understanding of the esets.cfg file is also highly recommended, as this file contains information essential to the configuration of ESET Gateway Security.

After the product is successfully installed, all its configuration components are stored in the ESETS configuration directory. The directory consists of the following files:

@ETCDIR@/esets.cfg

This is the most important configuration file, as it controls all major aspects of the product’s functionality. The esets.cfg file is made up of several sections, each of which contains various parameters. The file contains one global and several “agent“ sections, with all section names enclosed in square brackets. Parameters in the global section are used to define configuration options for the ESETS daemon as well as default values for the ESETS scanning engine configuration. Parameters in agent sections are used to define configuration options of modules used to intercept various data flow types in the computer and/or its neighborhood, and prepare it for scanning. Note that in addition to the various parameters used for system configuration, there are also rules governing the organization of the file. For detailed information on the most effective way to organize this file, please refer to the esets.cfg(5) and esets_daemon(8) man pages, as well as relevant agents' man page.

@ETCDIR@/certs

This directory is used to store the certificates used by the ESETS web interface for authentication. Please see the esets_wwwi(8) man page for details.

@ETCDIR@/license

This directory is used to store the product(s) license key(s) you have acquired from your vendor. Note that the ESETS daemon will check only this directory for a valid license key.

@ETCDIR@/scripts/license_warning_script

If enabled by the Scheduler task named License expiration,this script will be executed 30 days (once per day) before product license expiration, sending an email notification about the expiration status to the system administrator.

@ETCDIR@/scripts/daemon_notification_script

If enabled by the Scheduler task named Threat notification,  this script is executed in the event of a detected infiltration by the antivirus system. It is used to send email notification about the event to the system administrator.