Enterprise Inspector

ESET Enterprise Inspector (EEI)

ESET Enterprise Inspector (EEI) is a comprehensive Endpoint Detection and Response system that includes features such as: incident detection, incident management and response, data collection, indicators of compromise detection, anomaly detection, behavior detection, and policy violations. For more information about ESET Enterprise Inspector, its installation and functions, see ESET Enterprise Inspector help.

EEI configuration

EEI requires ESMC to:

Create an EEI user with proper permissions.

Create certificates that are used during EEI Server Installation.

Activate EEI on a device connected to ESMC.

details_hoverNOTE

You need to have an EEI license to activate EEI.

Reporting of EEI threats in ESMC

If you add a device that is running ESET Enterprise Inspector Agent (properly configured and connected to ESET Enterprise Inspector Server) to ESMC, EEI reports the discovered threats in ESMC Threats section. You can filter these threats by selecting the Enterprise Inspector threat type.

Another threat type reported by Enterprise Inspector is Blocked files. These are the blocked attempts to launch executable files that are blacklisted (blocked by file hash) in Enterprise Inspector.

Managing EEI threats in ESMC

Integration of EEI threats in ESMC Web Console allows you to manage Enterprise Inspector  threats directly from ESMC Web Console, without the need to open the EEI Web Console. For example, if you mark threats as resolved in ESMC Web Console, they are also marked as resolved in EEI Web Console and vice versa.

Click the threat, select Show details and click the link next to Link to EEI Console to see the threat details in EEI Web Console.

The following system requirements must be met to enable management of Enterprise Inspector threats in ESMC Web Console:

ESMC version 7 and later.

ESET Endpoint software (ESET Endpoint Antivirus, ESET Endpoint Security) version 7 and later installed on the managed computer.

details_hoverNOTE

ERA 6.5 displays threats reported by ESET Enterprise Inspector, but it does not provide the option to manage them (mark them as resolved).