Updating from the Mirror

There are two basic methods to configure a Mirror, which is essentially a repository where clients can download update files. The folder with update files can be presented as a shared network folder or as an HTTP server.

Accessing the Mirror using an internal HTTP server

This configuration is the default, specified in the predefined program configuration. To allow access to the Mirror using the HTTP server, navigate to Advanced setup (F5) > Update > Profiles > Mirror and select Create update mirror.

In the HTTP Server section of the Mirror tab you can specify the Server port where the HTTP server will listen as well as the type of Authentication used by the HTTP server. By default, the Server port is set to 2221. The Authentication option defines the method of authentication used for accessing the update files. The following options are available: None, Basic, and NTLM.

Select Basic to use base64 encoding with basic username and password authentication.

The NTLM option provides encoding using a safe encoding method. For authentication, the user created on the workstation sharing the update files is used.

The default setting is None, which grants access to the update files with no need for authentication.

note_icon_warning WARNING

If you want to allow access to the update files via the HTTP server, the Mirror folder must be located on the same computer as the ESET Mail Security instance creating it.

SSL for HTTP Server

Append your Certificate chain file, or generate a self-signed certificate if you want to run HTTP server with HTTPS (SSL) support. The following certificate types are available: PEM, PFX and ASN. For additional security, you can use HTTPS protocol to download update files. It is almost impossible to track data transfers and login credentials using this protocol. Private key type is set to Integrated by default, which means that the private key is a part of the selected certificate chain file.

note_icon_note NOTE

An error Invalid Username and/or Password will appear in the Update tab from the main menu after several unsuccessful attempts to update the virus signature database from the Mirror. We recommend that you navigate to Advanced setup (F5) > Update > Profiles > Mirror and check the Username and Password. The most common reason for this error is incorrectly entered authentication data.

advanced_setup_mirror

After your Mirror server is configured, you must add the new update server on client workstations. To do this, follow the steps below:

1.Access Advanced setup (F5) and click Update > Profiles > Basic.

2.Disengage Choose automatically and add a new server to the Update server field using one of the following formats:

http://IP_address_of_your_server:2221
https://IP_address_of_your_server:2221 (if SSL is used)

Accessing the Mirror via system shares

First, a shared folder should be created on a local or network device. When creating the folder for the Mirror, you must provide “write” access for the user who will save update files to the folder and “read” access for all users who will update ESET Mail Security from the Mirror folder.

Next, configure access to the Mirror in Advanced setup > Update> Profiles > Mirror by disabling Provide update files via internal HTTP server. This option is enabled by default in the program install package.

If the shared folder is located on another computer in the network, you must enter authentication data to access the other computer. To enter authentication data, open ESET Mail Security Advanced setup (F5) and click Update > Profiles > Connect to LAN as. This is the same setting used for updating, as described in the Connect to LAN as section.

After Mirror configuration is complete, on client workstations set \\UNC\PATH as the update server using the steps below:

1.Open ESET Mail Security Advanced setup (F5) and click Update > Profiles > Basic.

2.Click Update server and add a new server using the \\UNC\PATH format.

note_icon_note NOTE

For updates to function properly, the path to the Mirror folder must be specified as a UNC path. Updates from mapped drives may not work.

The last section controls program components (PCUs). By default, downloaded program components are prepared to copy to the local mirror. If Program component update is activated, there is no need to click Update, because files are copied to the local mirror automatically when they are available. See Update mode for more information about program component updates.