After upgrading from an earlier version of ERA

If you have upgraded from ERA 6.5, you must review your network users, permissions and server settings to comply with the improved security model in ESET Security Management Center. Objects are not only computers but also all tasks, notifications, policies, certificates, installers or permission sets. See the list of permissions for more information on access rights.

note

Note

After upgrading ESMC, we recommend that you delete the web browser cache and cookies before logging into the upgraded Web Console.

Users and permission sets

The administrator should review all users and permission sets. The new security model is dependent on static groups, so we recommend that you plan the structure of your groups and create permission sets afterward. The administrator can also create new native users.

important

Important

Do not forget to assign each user a home group and permission set that will give the user permissions over that group. All objects created by the user are always automatically contained in that users' home group.

After an upgrade, users are divided into two categories:

Users who were not assigned a permission set for the All group in the older version of ERA will not have a home group in the new ESMC. These users will not have permissions for Groups and Computers and therefore will not be able to see any devices.

Users who were assigned a permission set for the All group in the older version of ERA will keep their permissions for the All group. Additionally, these users will gain a new permission for the Groups and Computers functionality.

Tasks and triggers

Client Tasks and Server Tasks are merged under Tasks.

Since ERA 6.5, only one trigger for each Server task is allowed. The number of server task triggers is automatically adjusted after an upgrade to match the number of server tasks. From Tasks > Server Tasks, select a task to see details about its trigger.

Reports, templates and all other objects

After an upgrade, all objects are contained in the static group All. The administrator can share objects among users in the following ways:

Duplicate objects to make them available to non-admin users

Move objects to shared groups where more users can access them

Users can be assigned other permission sets that would grant them limited rights for certain objects (for example, Policies) over the All group

Static and dynamic groups

Static groups are essential for the security model in  ESMC 7. Each object is located in one static group. After an upgrade, the structure of static and dynamic groups remains the same. Users must be assigned proper permissions for their group so that they can see and interact with other group members.