ESET Online Help

Search English
Select the category
Select the topic


In this section, you can configure specific settings for the ESET PROTECT Server itself. These settings are similar to Policies, but they are applied directly on the ESET PROTECT Server.


Server port (requires a restart) - This is the port for the connection between the ESET PROTECT Server and Agent(s). Changing this option requires restarting the ESET PROTECT Server service for the change to take effect. A change of the port may require changes in firewall settings.

Web Console port (requires a restart) - Port for the connection between the ESET PROTECT Web Console and the ESET PROTECT Server. A change of the port may require changes in firewall settings.

Advanced security (requires a restart) - This setting enables advanced security of network communication of the ESET PROTECT components.

Certificate (requires a restart) - Here you can manage ESET PROTECT Server certificates. Click Change certificate and select which ESET PROTECT Server certificate should be used by your ESET PROTECT Server. For more information, see Peer Certificates.


These changes require a restart of the ESET PROTECT Server service. See our Knowledgebase article for instructions.


Update interval - Interval at which updates will be received. You can select a regular interval and configure the settings or you can use a CRON expression.

Update server - Update server from which the ESET PROTECT Server receives updates for ESET product versions and ESET PROTECT components. To update the ESET PROTECT 9.1 from a mirror (Mirror tool) set the full address of the era6 update folder (according to your HTTP server root location). For example:


Update type - Select the type of ESET PROTECT Server module updates you want to receive. You can find the current version of installed ESET PROTECT Server modules in Help > About.

Regular update

ESET PROTECT Server module updates will automatically be downloaded from the ESET server with the least network traffic. Default setting.

Pre-release update

These updates have gone through thorough internal testing and will be available to the general public soon. You can benefit from enabling pre-release updates by having access to the most recent updates of ESET PROTECT Server modules. Pre-release updates may help resolve an issue with ESET PROTECT Server in some cases. However, pre-release updates might not be stable enough at all times and should not be used on production servers where maximum availability and stability are required. Pre-release updates are only available with AUTOSELECT defined in the Update server parameter.

icon_sectionAdvanced Settings

HTTP Proxy - Use a proxy server to facilitate internet traffic to clients on your network. If you install ESET PROTECT using the All-in-one installer, HTTP proxy is enabled by default. HTTP Proxy settings are not applied for communication with Secure Authentication servers (2FA).

Wake-Up Call - The ESET PROTECT Server can run instant replication of the ESET Management Agent on a client machine via EPNS. This is useful when you do not want to wait for the regular interval when the ESET Management Agent connects to the ESET PROTECT Server. For example, when you want a Task to be run immediately on client(s) or if you want a Policy to be applied right away.

Wake on LAN - Set up Multicast Addresses if you want to send Wake on LAN calls to one or more IP addresses.

SMTP server - Use an SMTP Server to let the ESET PROTECT Server send email messages (for example, email notifications or reports). Specify details of your SMTP server.

Active Directory - You can pre-set your AD settings. ESET PROTECT uses your credentials by default in Active Directory synchronization tasks (user synchronization, static group synchronization). When the related fields are left blank in the task configuration, ESET PROTECT uses the pre-set credentials. Use a read-only AD user, ESET PROTECT does not make any changes to the AD structure.

If you are running the ESET PROTECT Server on Linux (or Virtual Appliance), you need to have a Kerberos configuration file set up properly. You can set up Kerberos to synchronize with multiple domains.

It the ESET PROTECT Server is running on a Windows machine connected to a domain, only the Host filed is necessary. Synchronization among more domains is possible if domains have established trust.

Host - Type the Server name or IP address of your domain controller.

Username - Type the Username for your domain controller in the following format:

oDOMAIN\username (ESET PROTECT Server running on Windows)

ousername@FULL.DOMAIN.NAME or username (ESET PROTECT Server running on Linux).


Be sure to type the domain in capital letters, as this formatting is required to properly authenticate queries to an Active Directory server.

Password - Type the password used to log on to your domain controller.

Root container - Type the full identifier of an AD container, for example: CN=John,CN=Users,DC=Corp. It serves as a pre-set Distinguished Name. We recommend that you copy and paste this value from a server task to make sure you have the correct value (copy the value from the Distinguished Name field when it is selected).


ESET PROTECT Server 9.1 on Windows uses the encrypted LDAPS (LDAP over SSL) protocol by default for all Active Directory (AD) connections. You can also configure LDAPS on ESET PROTECT Virtual Appliance.

For a successful AD connection over LDAPS, configure the following:

1.The domain controller must have installed a machine certificate. To issue a certificate for your domain controller, follow the steps below:

a)Open the Server Manager, click Manage > Add Roles and Features and install the Active Directory Certificate Services > Certification Authority. A new Certification Authority will be created in Trusted Root Certification Authorities.

b)Navigate to Start > type certmgr.msc and press Enter to run the Certificates Microsoft Management Console snap-in > Certificates - Local Computer > Personal > right-click the empty pane > All Tasks > Request New Certificate > Enroll Domain Controller role.

c)Verify that the issued certificate contains the FQDN of the domain controller.

d)On your ESMC server, import the CA you generated to the cert store (using certmgr.msc tool) to the trusted CAs folder.


2.When providing connection settings to the AD server, type the FQDN of the domain controller (as provided in the domain controller certificate) in the Server or Host field. IP address is no longer sufficient for LDAPS.

To enable fallback to LDAP protocol, select the check box Use LDAP instead of Active Directory in the Static Group Synchronization or User Synchronization task.

Syslog server - You can have ESET PROTECT send notifications and event messages to your Syslog server. Also, you can export logs from a client computer's ESET product and send them to the Syslog server.

Static Groups - Enables automatic pairing of found computers to computers already present in Static Groups. Pairing works on reported hostname by ESET Management Agent and if it cannot be trusted then it should be disabled. If pairing fails, the computer will be placed into the Lost and Found group.

Repository - Location of the repository where all installation files are stored.


The default ESET repository is set to AUTOSELECT (it points to: It automatically determines the repository server with the best connection based on the geographic location (IP address) of ESET PROTECT Server (by using CDN - Content Delivery Network). Therefore, you do not need to change the repository settings.

Optionally, you can set a repository that uses only ESET servers:

Never use an IP address to access the ESET repository.

You can create and use an offline repository.

Participate in product improvement program - Enable or disable the submission of crash reports and anonymous telemetry data to ESET (OS version and type, ESET product version and other product-specific information).

Logging > Trace log verbosity - Set the log verbosity to determine the level of information that will be collected and logged, from Trace (informational) to Fatal (most important critical information).

The latest ESET PROTECT Server log files can be found here:

Windows: C:\ProgramData\ESET\RemoteAdministrator\Server\EraServerApplicationData\Logs

Linux: /var/log/eset/RemoteAdministrator/Server/

You can setup exporting logs to Syslog here.

Database cleanup - To prevent a database overload, you can use this option to regularly clean logs. The database cleanup automatically deletes these types of logs: SysInspector logs, Diagnostics logs, logs that are not collected anymore (logs from removed devices, logs from removed report templates). The database cleanup process runs every night at midnight by default. Changes to this setting take effect following the next cleanup. You can set the cleaning interval for each of these types of logs:

Log type

Example of log type

Incident logs


icon_blocked Blocked files

icon_ei_alert ESET Inspect Alerts

icon_firewall Firewall

icon_hips HIPS

icon_web_protection Web protection (filtered websites)

Management logs



Exported configuration


Audit logs

Audit Log and the Audit log report.

Monitoring logs

Device Control

Web Control

Logged users

Diagnostic logs are cleaned every day. The user cannot change the cleaning interval.


During database cleanup, items in Detections corresponding to the cleaned Incident logs are deleted as well (regardless of detection status). By default, the cleanup period for Incident logs (and Detections) is set to 6 months. You can change the interval in More > Settings.


Customize UI - You can add a custom logo to the ESET PROTECT Web Console, the reports generated via Server Task and email notifications.


Web Console




Basic design, no custom logo

ESET PROTECT logo on the left side of the footer.

ESET PROTECT logo on the left side of the header.


Custom logo for Web Console

A custom logo in the report footer - ESET PROTECT logo is on the left and your logo on the right.

A custom logo in the notification header - ESET PROTECT logo is on the left and your logo on the right.

White-labeling (requires MSP license)

Custom logo for Web Console

A custom logo in the report footer - no ESET PROTECT logo, only your logo on the left.

A custom logo in the notification header - on the left side. Next to it is Powered by ESET PROTECT.

Company logo

Dark background logo (Web Console header) - This logo will be displayed in the top left corner of Web Console.

Light background logo - This logo will be displayed in the header (for MSP license owners) or footer (co-branding setting) of reports generated via Server Task and in the header of email notifications.

Click folder to select a logo. Click download to download current logo. Click x to remove current logo.

Reports & Notifications

Customize reports - Enable this option to use the selected logo in reports and/or to add a footer text.

Report footer text - Type the text that will be added to the right bottom corner of reports generated in PDF format.


A custom logo cannot be used together with custom footer text. Logo has the same position as footer text. If logo and footer are used simultaneously, only logo will be visible. When using the White-labeling setting, the custom logo will appear in the upper left corner of the report; a smaller powered by ESET logo is placed in bottom right corner, instead of footer text.