Server Settings

In this section, you can configure specific settings for the ESET Security Management Center Server itself. These settings are similar to Policies, but they are applied directly on the ESMC Server.

icon_section Connection

Security Management Center port (requires a restart) - This is the port for the connection between the ESET Security Management Center Server and Agent(s). Changing this option requires restarting the ESMC Server service for the change to take effect. A change of the port may require changes in firewall settings.

Web Console port (requires a restart) - Port for the connection between the ESMC Web Console and the ESMC Server. A change of the port may require changes in firewall settings.

Advanced security (requires a restart) - This setting enables advanced security of network communication of the ESMC components.

Certificate (requires a restart) - Here you can manage ESMC Server certificates. Click Change certificate and select which ESMC Server certificate should be used by your ESMC Server. For more information, see Peer Certificates.



These changes require a restart of the ESET Security Management Center Server service. See our Knowledgebase article for instructions.

icon_section Updates

Update interval - Interval at which updates will be received. You can select a regular interval and configure the settings or you can use a CRON expression.

Update server - Update server from which the ESMC Server receives updates for ESET products and ESMC components. To update the ESMC 7.1 from a mirror (Mirror tool) set the full address of the era6 update folder (according to your HTTP server root location). For example:


Update type - Select the type of ESMC Server module updates you want to receive. You can find the current version of installed ESMC Server modules in Help > About.

Regular update

ESMC Server module updates will automatically be downloaded from the ESET server with the least network traffic. Default setting.

Pre-release update

These updates have gone through thorough internal testing and will be available to the general public soon. You can benefit from enabling pre-release updates by having access to the most recent updates of ESMC Server modules. Pre-release updates may help resolve an issue with ESMC Server in some cases. However, pre-release updates might not be stable enough at all times and should not be used on production servers where maximum availability and stability are required. Pre-release updates are only available with AUTOSELECT defined in the Update server parameter.

Delayed update

This option allows updating from special update servers providing updates with a delay of several hours (i.e., databases tested in a real environment and therefore considered as stable). These servers are the exact opposite of the pre-release servers. Delayed updates minimize the risk of issues caused by updates. However, delayed updates may have a negative impact when critical ESMC Server component updates need to be quickly delivered via the update mechanism. Delayed updates of ESMC Server modules are only available with AUTOSELECT defined in the Update server parameter.

icon_section Advanced Settings

HTTP Proxy - Use a proxy server to facilitate internet traffic to clients on your network. If you install ESMC using the All-in-one installer, HTTP proxy is enabled by default. HTTP Proxy settings are not applied for communication with Secure Authentication servers (2FA).

Wake-Up Call - The ESMC Server can run instant replication of the ESET Management Agent on a client machine via EPNS. This is useful when you do not want to wait for the regular interval when the ESET Management Agent connects to the ESMC Server. For example, when you want a Task to be run immediately on client(s) or if you want a Policy to be applied right away.

Wake on LAN - Set up Multicast Addresses if you want to send Wake on LAN calls to one or more IP addresses.

SMTP server - Use an SMTP Server to let the ESMC Server send email messages (for example, email notifications or reports). Specify details of your SMTP server.

Active Directory - You can pre-set your AD settings. ESMC uses your credentials by default in Active Directory synchronization tasks (user synchronization, static group synchronization). When the related fields are left blank in the task configuration, ESMC uses the pre-set credentials.

If you are running the ESMC Server on Linux (or Virtual Appliance), you need to have a Kerberos configuration file set up properly. You can set up Kerberos to synchronize with multiple domains.

It the ESMC Server is running on a Windows machine connected to a domain, only the Host filed is necessary. Synchronization among more domains is possible if domains have established trust.

Host - the address of your domain controller.

Username - Type the Username for your domain controller in the following format:

oDOMAIN\username (ESMC Server running on Windows)

ousername@FULL.DOMAIN.NAME or username (ESMC Server running on Linux).



Be sure to type the domain in capital letters, as this formatting is required in order to properly authenticate queries to an Active Directory server.

Password - passphrase for your username.

Root container - enter the full identifier of an AD container, for example: CN=John,CN=Users,DC=Corp. It serves as a pre-set Distinguished Name. We recommend you to copy and paste this value from a server task to make sure you have the correct value (copy the value from the Distinguished Name field once it is selected).


Syslog server - You can have ESMC send notifications and event messages to your Syslog server. Also, it is possible to export logs from a client computer's ESET product and send them to the Syslog server.

Static Groups - Enables automatic pairing of found computers to computers already present in Static Groups. Pairing works on reported hostname by ESET Management Agent and if it can not be trusted then it should be disabled. If pairing fails, the computer will be placed into the Lost and Found group.

Repository - Location of the repository where all installation files are stored.



The default ESET repository is set to AUTOSELECT (it points to: It automatically determines the repository server with the best connection based on the geographic location (IP address) of ESMC Server (by using CDN - Content Delivery Network). Therefore, you do not need to change the repository settings.

Optionally, you can set a repository that uses only ESET servers:

Never use an IP address to access the ESET repository.

It is possible to create and use an offline repository.

Diagnostics - Enable or disable the submission of anonymous crash report statistics to ESET for the improvement of customer experience.

Logging - Set the log verbosity to determine the level of information that will be collected and logged, from Trace (informational) to Fatal (most important critical information).

The latest ESMC Server log files can be found here:

Windows: C:\ProgramData\ESET\RemoteAdministrator\Server\EraServerApplicationData\Logs  

Linux: /var/log/eset/RemoteAdministrator/Server/

You can setup exporting logs to Syslog here.

Database cleanup - To prevent a database overload, you can use this option to regularly clean logs. The database cleanup automatically deletes these types of logs: SysInspector logs, Diagnostics logs, logs that are not collected anymore (logs from removed devices, logs from removed report templates). The database cleanup process runs every night at midnight by default. Changes to this setting take effect following the next cleanup. You can set the cleaning interval for each of these types of logs:

Log type

Example of log type

Incident logs

Detection logs with high severity.

Management logs

Data about Quality of Service.

Audit logs

Audit log reports.

Monitoring logs

Web Control logs, Device control logs, HIPS logs with low severity.

Diagnostic logs are cleaned every day. The user cannot change the cleaning interval. hmtoggle_plus0 See the list of logs.



During database cleanup, items in Detections corresponding to the cleaned Incident logs are deleted as well (regardless of detection status). By default, the cleanup period for Incident logs (and Detections) is set to 6 months. You can change the interval in Server Settings.

icon_section Customization

Customize UI - It is possible to add a custom logo to the ESMC Web Console and the reports generated via Server Task.

None - Basic design, no custom logo

Co-branding - Allows custom logo for Web Console and in the footer of reports

White-labeling (requires MSP license) - Allows custom logo for Web Console and in the footer or header of reports

Company logo

Dark background logo (Web Console header) - This logo will be displayed in the top left corner of Web Console.

Light background logo - This logo will be displayed in the header (for MSP license owners) or footer (co-branding setting) of reports generated via Server Task.

Click folder to select a logo. Click download to download current logo. Click x to remove current logo.

Reports & Notifications

Customize reports - Enable this option to use the selected logo in reports and/or to add a footer text.

Report footer text - Type the text that will be added to the right bottom corner of reports generated in PDF format.



A custom logo can not be used together with custom footer text. Logo has the same position as footer text. If logo and footer are used simultaneously, only logo will be visible. When using the White-labeling setting, the custom logo will appear in the upper left corner of the report; a smaller powered by ESET logo is placed in bottom right corner, instead of footer text.