Security

Versions 3.x and later of ESET security solutions (ESET Endpoint Security, etc.) offer password protection for decrypted communication between the client and the ERAS (communication at the TCP protocol, port 2222). Earlier versions (2.x) do not have this functionality. To provide backward compatibility for earlier versions, Enable unauthenticated access for Clients must be selected. The Security tab contains options  that allow the administrator to use 2.x and 3.x security solutions in the same network simultaneously.

Protection for communication with an ERA Server.

NOTE: If authentication is enabled both in the ERAS and on all (generation 3.x and later) clients, Enable unauthenticated access for Clients can be disabled.

Console security settings

Use Windows/Domain authentication - Enables Windows/Domain authentication and allows you to define administrator groups (with full access to the ERA Server) as well as groups with read-only access (select Treat all other users as with read-only access). If this check box is selected, the option Allow read-only access for Windows/domain users with no ERA Server User assigned becomes active and can be selected. This option ensures that these users can not change settings in the ERAC. If you want to assign ERA Server users, click User Manager.

The user console access can be managed through the User Manager tool.

Server security settings

Password for clients – Sets the password for clients accessing the ERAS.

Password for replication – Sets password for lower ERA Servers if replicated to the given ERAS.

Password for ESET Remote Installer (Agent) – Sets the password for the installer agent to access the ERAS (relevant for remote installations).

Enable unauthenticated access for Clients (ESET Security Products) – Enables access to the ERAS for clients that do not have a valid password specified (if the current password is different from the Password for clients).

Enable unauthenticated access for Replication – Enables access to the ERAS for clients of lower ERA Servers that do not have a valid password for replication specified.

Enable unauthenticated access for ESET Remote Installer (Agent) – Enables access to the ERAS for ESET Remote Installers that do not have a valid password specified.

NOTE: Default only restores predefined settings - it does not reset your passwords.

NOTE: If you want to increase security, you can use complex passwords. Go to Tools > ESET Configuration Editor > Remote Administration > ERA Server > Settings > Security > Requires complex password and set this option to Yes. With this option enabled, every new password has to be at least 8 characters long, contain a lowercase and an uppercase letter and a non-letter character.