ESET Online Help

Search English
Select the topic

Cluster

The ESET Cluster is a P2P communication infrastructure of the ESET line of products for Microsoft Windows Server.

This infrastructure enables ESET server products to communicate with each other and exchange data such as configuration and notifications, and can Synchronize greylisting databases as well as synchronize data necessary for correct operation of a group of product instances. An example of such group is a group of nodes in a Windows Failover Cluster or Network Load Balancing (NLB) Cluster with ESET products installed where there is a need to have the same configuration of the product across the whole cluster. ESET Cluster ensures this consistency between instances.


note

Settings of the User interface and Scheduled tasks are not synchronized between ESET Cluster nodes. This is on purpose. For example, to prevent running scheduled On-demand database scan on all cluster nodes at the same time, not causing unnecessary performance issues.

cluster_status_nodes_online


note

The creation of ESET Clusters between ESET Mail Security and ESET File Security for Linux is not supported.

When setting up the ESET Cluster, there two ways to add nodes:

Autodetect - If you have an existing Windows Failover Cluster / NLB Cluster, Autodetect will automatically add its member nodes to the ESET Cluster.

Browse - You can add nodes manually by typing in the server names (either members of the same Workgroup or members of the same Domain).


note

When releasing an email from quarantine, ESET Mail Security ignores To: MIME header because it can be easily spoofed. Instead, it uses the original recipient information from RCPT TO: command acquired during the SMTP connection. This ensures that correct email recipient receives the message which is being released from quarantine.

When you have added nodes to your ESET Cluster, the next step is the installation of ESET Mail Security on each node. This is done automatically during ESET Cluster setup. Credentials that are required for remote installation of ESET Mail Security on other cluster nodes:

Domain scenario - Domain administrator credentials.

Workgroup scenario - You need to make sure that all nodes use the same local administrator account credentials.

In an ESET Cluster, you can also use a combination of nodes added automatically as members of an existing Windows Failover Cluster / NLB Cluster and nodes added manually (provided they are in the same Domain).


important

You cannot to combine domain nodes with workgroup nodes.

Another requirement for the use of an ESET Cluster is that File and Printer Sharing must be enabled in Windows Firewall before pushing ESET Mail Security to ESET Cluster nodes.

You can add new nodes to an existing ESET Cluster anytime by running the Cluster wizard.

Import certificates

Certificates are used to provide strong machine to machine authentication when HTTPS is used. There is an independent certificate hierarchy for each ESET Cluster. The hierarchy has one root certificate and a set of node certificates signed by the root certificate. The private key of the root certificate is destroyed after all node certificates are created. When you add a new node to the cluster a new certificate hierarchy is created. Navigate to the folder that contains the certificates (that were generated during Cluster wizard). Select the certificate file and click Open.

Destroy cluster

ESET Clusters can be dismantled. Each node will write a record in their event log about the ESET Cluster being destroyed. After that, all ESET firewall rules are removed from the Windows Firewall. Former nodes will be ted to their previous state and can be used again in another ESET Cluster if necessary.