ESET Online Help

Search English
Select the topic

Cloud-based protection

Quick links: Cloud-based protection, Submission of samples, ESET LiveGuard Advanced

ESET LiveGrid® is an advanced early warning system comprised of several cloud-based technologies. It helps to detect emerging threats based on reputation and improves scanning performance utilizing whitelisting.

By default, ESET Server Security for Linux (ESSL) is configured to submit suspicious files to the ESET Virus Lab for analysis. Files with certain extensions such as .doc or .xls are always excluded. You can also add other extensions if there are specific files that you or your organization want to avoid sending.

Alter the configuraiton at Setup > Detection engine > Cloud-based protection.

Cloud-based protection

Enable ESET LiveGrid® reputation system (recommended)

The ESET LiveGrid® reputation system improves the efficiency of ESET anti-malware solutions by comparing scanned files to a database of whitelisted and blacklisted items in the cloud.

Enable ESET LiveGrid® feedback system

Data will be sent to the ESET Research Lab for further analysis.

Enable ESET LiveGuard Advanced

Available from ESET Server Security for Linux version 8.1. Data will be sent to ESET LiveGuard Advanced.

Submit crash reports and diagnostic data

Submit data such as crash reports, modules or memory dumps.

Help improve the product by submitting anonymous usage statistics

Allow ESET to collect information about newly detected threats such as the threat name, date and time of detection, detection method and associated metadata, scanned files (hash, filename, origin of the file, telemetry), blocked and suspicious URL's, product version and configuration, including information about your system.

Contact email (optional)

Your contact email can be included with any suspicious files and may be used to contact you if further information is required for analysis. Please note that you will not receive a response from ESET unless more information is needed.

Submission of samples

Automatic submission of detected samples

Based on the selected option, this can submit infected samples to ESET for analysis and to improve future detection.

All detected samples

All samples except documents

Do not submit

Automatic submission of suspicious samples

Suspicious samples resembling threats, and/or samples with unusual characteristics or behavior are submitted to ESET for analysis.

Executable - Includes all PE format files (for example, .exe, .dll, .sys) and ELF files (for example, .axf, .bin, .elf). Also text files with "x" flag (executable)

Archives - Includes archive file types: .zip, .rar, .7z, .arch, .arj, .bzip2, .gzip, .ace, .arc, .cab

Scripts - Includes script file types: .bat, .cmd, .hta, .js, .vbs, .ps1, .sh, .py, .pl

Other - Includes file types: .jar, .reg, .msi, .swf, .lnk

Documents - Includes documents created in Microsoft Office, Libre Office or other office tool, or PDF's with active content

Exclusions

Click Edit next to Exclusions to configure how threats are submitted to ESET Virus Labs for analysis.

Maximum size of samples (MB)

Define the maximum size of samples to be scanned.


important

Allow the below network prerequisites in your firewall for ESET Server Security for Linux to work correctly:

For correct operation of ESET LiveGrid® see the Knowledgebase article

For correct operation of ESET LiveGrid® feedback system (submission of samples) see the Knowledgebase article

ESET LiveGuard Advanced

ESET LiveGuard Advanced is a paid service provided by ESET. Its purpose is to add a layer of protection specifically designed to mitigate new threats in the world.

Change of the service name

On March 23, 2022, ESET Dynamic Threat Defense was re-branded to ESET LiveGuard Advanced. In ESET business products, you can find it also as ESET LiveGuard. Both names refer to the same service.


note

Availability

The service is available only if ESET Server Security for Linux version 8.1 or later is managed remotely. Activate ESET LiveGuard Advanced before use

Depending on the proactive protection settings of ESET LiveGuard Advanced, a file submitted for analysis might be blocked from execution until a result is received. Such blocking is accompanied by a message of "Operation not permitted" or a similar message.

To see the status of the ESET LiveGuard Advanced service in your instance of ESSL, execute one of the following commands in a Terminal window as a privileged user:

/opt/eset/efs/sbin/cloud -l

or

/opt/eset/efs/sbin/cloud --liveguard-status

To enable the service in ESSL:

1.Activate ESET LiveGuard Advanced.

2.In the Web interface, click Setup > Detection Engine > Cloud-based protection.

3.Enable Enable ESET LiveGrid® reputation system (recommended), Enable ESET LiveGrid® feedback system, then enable Enable ESET LiveGuard.

4.To modify the default ESET LiveGuard Advanced settings, click ESET LiveGuard, and adjust the available options. For more information on those ESET LiveGuard settings, see the table with the heading "Section: ESET LiveGuard Advanced" in the ESET LiveGuard Advanced documentation.

5.Click Save.

arrow_down_businessInstructions to enable ESET LiveGuard Advanced remotely via ESET PROTECT

ESET Status Portal

ESET Status Portal provides an up-to-date view of ESET services availability. It provides a view of ESET services and reports on service statuses, including past incidents. If you are an ESET user experiencing any issues with your ESET service and ESET Status Portal does not indicate them, contact ESET Technical Support.