Overview
Changelogs
Requirements
Supported Operating Systems
Deprecated TLS 1.0 and 1.1
Supported Web Browsers and Resolution regarding ESA Web Console
Supported Web Applications
Supported Mobile Phone Operating Systems
Installation Requirements
ESA components and OS compatibility
Performance recommendations
Supported Active Directory Environments
Firewall exceptions
Policies
Handling cloned computers
IP addresses used by ESET Secure Authentication
Installation
Install the Authentication Server
Custom proxy settings
High Availability View - Active Directory
High Availability View - Standalone mode
Install the Reporting Engine (Elasticsearch)
Install the Remote Desktop plugin
Install the Web App plugin
Install the Windows Login plugin
Change, repair, remove installation
Remote Installation via ESET PROTECT
Install Windows Login and RDP protection via GPO
Startup script
Software Installation task
MSI arguments
Upgrade installation
Compatibility of ESA Components
Database migration (Export Data)
External Access
Using reverse proxy
Configure proxy for ESA
Transparent proxy
SSL Certificate
Replacing the SSL Certificate
Generate a custom SSL Certificate
Making Certificates Trusted
HTTP Strict Transport Security
Geo located DNS support
Getting started with ESET Secure Authentication Web Console
Activate ESET Secure Authentication
User Management - Provisioning
User Status
Synchronizing with AD/LDAP
Import users from file
Self-enrollment
Groups Based User Management
Invitations
Use domain authentication
Notifications
Authentication options
Mobile Application
Push Authentication
Hard Tokens
FIDO
Delivery options
Sample PowerShell scripts
Credential providers supported by ESA
Windows Login Protection
Identity Provider Connector
Configure Identity Provider Connector in ESA Web Console
IdP Connector Configuration Examples
Master recovery key
RADIUS server and VPN Protection
RADIUS Configuration
RADIUS Usage
VPN Authentication Options
SMS-based OTPs
On-demand SMS-based OTPs
Mobile Application
Hard Tokens
Migration from SMS-Based OTPs to Mobile Application
Non-2FA Pass-through
Access Control Using Group Membership
ESA Authentication Methods and PPP Compatibility
Verifying ESA RADIUS functionality
Make sure your ESA RADIUS Service is running
Configure your RADIUS Server
Verify functionality (localhost)
Verify network connectivity from another machine (optional)
Troubleshooting
I received an Access-Reject
I received a connection error
I experienced timeouts
RADIUS PAM modules on Linux/Mac
Create ESA RADIUS clients via API
PAM configuration
Other RADIUS configurations
Web Application Protection
Configuration
Usage
Remote Desktop Protection
Configuration
Allowing Non-2FA Users
Usage
Remote Desktop Web Access
Remote Desktop Gateway and ESA RADIUS
IP address whitelisting
AD FS
AD FS Policies
Custom ESA Service Account
Custom integration via API and SDK
API
Integration Overview
Configuration
SDK
Integration Overview
SDK License Activation
SDK in practice
Using the SDK
SDK System Integration
Database requirements
Reading and Writing 2FA Data
Update Login UI With 2FA Methods
Update the Management UI to Enable/Disable 2FA For Users
Additional Components
Summary of differences
Auditing and Licensing
Reports
Auditing
License Overview
License States
License Enforcement
MSP options
Troubleshooting
Component connection issues
Windows Login protection does not work
Installation of Reporting Engine (Elasticsearch) fails
Known issues
Glossary
End User License Agreement
Privacy Policy
Last updated: May 02, 2023