Settings
In this section, you can configure specific settings for the ESET PROTECT Server itself. These settings are similar to Policies, but they are applied directly on the ESET PROTECT Server.
Connection
Server port (requires a restart) - This is the port for the connection between the ESET PROTECT Server and Agent(s). Changing this option requires restarting the ESET PROTECT Server service for the change to take effect. A change of the port may require changes in firewall settings.
Web Console port (requires a restart) - Port for the connection between the ESET PROTECT Web Console and the ESET PROTECT Server. A change of the port may require changes in firewall settings.
Advanced security (requires a restart) - This setting enables advanced security of network communication of the ESET PROTECT components. Advanced security is enabled by default.
Certificate (requires a restart) - Here you can manage ESET PROTECT Server certificates. Click Change certificate and select which ESET PROTECT Server certificate should be used by your ESET PROTECT Server. For more information, see Peer Certificates.
These changes require a restart of the ESET PROTECT Server service. See our Knowledgebase article for instructions. |
Updates
Update interval - Interval at which updates will be received. You can select a regular interval and configure the settings or you can use a CRON expression.
Update server - Update server from which the ESET PROTECT Server receives updates for ESET product versions and ESET PROTECT components. To update the ESET PROTECT On-Prem 11.1 from a mirror (Mirror tool) set the full address of the era6 update folder (according to your HTTP server root location). For example:
http://your_server_address/mirror/eset_upd/era6
Update type - Select the type of ESET PROTECT Server module updates you want to receive. You can find the current version of installed ESET PROTECT Server modules in Help > About.
Regular update |
ESET PROTECT Server module updates will automatically be downloaded from the ESET server with the least network traffic. Default setting. |
Pre-release update |
These updates have gone through thorough internal testing and will be available to the general public soon. You can benefit from enabling pre-release updates by having access to the most recent updates of ESET PROTECT Server modules. Pre-release updates may help resolve an issue with ESET PROTECT Server in some cases. However, pre-release updates might not be stable enough at all times and should not be used on production servers where maximum availability and stability are required. Pre-release updates are only available with AUTOSELECT defined in the Update server parameter. |
Advanced Settings
HTTP Proxy - Use a proxy server to facilitate internet traffic to clients on your network. If you install ESET PROTECT On-Prem using the All-in-one installer, HTTP proxy is enabled by default. HTTP Proxy settings are not applied for communication with Two-Factor Authentication servers.
Wake-Up Call - The ESET PROTECT Server can run instant replication of the ESET Management Agent on a client machine via EPNS. This is useful when you do not want to wait for the regular interval when the ESET Management Agent connects to the ESET PROTECT Server. For example, when you want a Task to be run immediately on client(s) or if you want a Policy to be applied right away.
Wake on LAN - Set up Multicast Addresses if you want to send Wake on LAN calls to one or more IP addresses.
SMTP server - Use an SMTP Server to let the ESET PROTECT Server send email messages (for example, email notifications or reports). Specify details of your SMTP server.
Active Directory - You can pre-set your AD settings. ESET PROTECT On-Prem uses your credentials by default in Active Directory synchronization tasks (user synchronization, static group synchronization). When the related fields are left blank in the task configuration, ESET PROTECT On-Prem uses the pre-set credentials. Use a read-only AD user, ESET PROTECT On-Prem does not make any changes to the AD structure.
If you are running the ESET PROTECT Server on Linux (or Virtual Appliance), you need to have a Kerberos configuration file set up properly. You can set up Kerberos to synchronize with multiple domains.
If the ESET PROTECT Server runs on a Windows machine connected to a domain, only the Host field is necessary. You can skip all the other Active Directory configuration steps below. Synchronization among more domains is possible if domains have established trust. |
•Host - Type the Server name or IP address of your domain controller.
•Username - Type the Username for your domain controller in the following format:
oDOMAIN\username (ESET PROTECT Server running on Windows)
ousername@FULL.DOMAIN.NAME or username (ESET PROTECT Server running on Linux).
Be sure to type the domain in capital letters, as this formatting is required to properly authenticate queries to an Active Directory server. |
•Password - Type the password used to log on to your domain controller.
•Root container - Type the full identifier of an AD container, for example: CN=John,CN=Users,DC=Corp. It serves as a pre-set Distinguished Name. We recommend that you copy and paste this value from a server task to ensure you have the correct value (copy the value from the Distinguished Name field when it is selected).
ESET PROTECT Server on Windows uses the encrypted LDAPS (LDAP over SSL) protocol by default for all Active Directory (AD) connections. You can also configure LDAPS on ESET PROTECT Virtual Appliance. For a successful AD connection over LDAPS, configure the following: 1.The domain controller must have installed a machine certificate. To issue a certificate for your domain controller, follow the steps below: a)Open the Server Manager, click Manage > Add Roles and Features and install the Active Directory Certificate Services > Certification Authority. A new Certification Authority will be created in Trusted Root Certification Authorities. b)Click the notification (yellow triangle) in the Server Manager and Configure Active Directory Certificate Services on the destination server. In the Role Services, select Certification Authority. Finish the configuration by clicking Next. c)Navigate to Start > type certlm.msc and press Enter to run the Certificates Microsoft Management Console snap-in > Certificates - Local Computer > Personal > right-click the empty pane > All Tasks > Request New Certificate > Enroll Domain Controller role. d)Verify that the issued certificate contains the domain controller's FQDN. e)On your ESET PROTECT server, import the CA you generated to the certificate store (using certlm.msc tool) > Local Machine > the Trusted Root Certification Authorities folder. f)Restart the ESET PROTECT server computer. 2.When providing connection settings to the AD server, type the FQDN of the domain controller (as provided in the domain controller certificate) in the Server or Host field. IP address is no longer sufficient for LDAPS. To enable fallback to LDAP protocol, select the check box Use LDAP instead of Active Directory in the Static Group Synchronization or User Synchronization task. |
Syslog server - You can have ESET PROTECT On-Prem send notifications and event messages to your Syslog server. Also, you can export logs from a client computer's ESET product and send them to the Syslog server.
Static Groups - Enables automatic pairing of found computers to computers already present in Static Groups. Pairing works on reported hostname by ESET Management Agent and if it cannot be trusted then it should be disabled. If pairing fails, the computer will be placed into the Lost and Found group.
Repository - Location of the repository where all installation files are stored.
•The default ESET repository is set to AUTOSELECT (it points to: http://repository.eset.com/v1). It automatically determines the repository server with the best connection based on the geographic location (IP address) of ESET PROTECT Server (by using CDN - Content Delivery Network). Therefore, you do not need to change the repository settings. •Optionally, you can set a repository that uses only ESET servers: http://repositorynocdn.eset.com/v1 •Never use an IP address to access the ESET repository. •You can create and use an offline repository. |
Participate in product improvement program - Enable or disable the submission of crash reports and anonymous telemetry data to ESET (OS version and type, ESET product version and other product-specific information).
Trace log verbosity - Set the log verbosity to determine the level of information that will be collected and logged, from Trace (informational) to Fatal (most important critical information).
The latest ESET PROTECT Server log files can be found here:
•Windows: C:\ProgramData\ESET\RemoteAdministrator\Server\EraServerApplicationData\Logs
•Linux: /var/log/eset/RemoteAdministrator/Server/
You can setup exporting logs to Syslog here.
Database cleanup - To prevent a database overload, you can use this option to regularly clean logs. The database cleanup automatically deletes these types of logs: SysInspector logs, Diagnostics logs, logs that are not collected anymore (logs from removed devices, logs from removed report templates). The database cleanup process runs every night at midnight by default. Changes to this setting take effect following the next cleanup. You can set the cleaning interval for each of these types of logs:
Log type |
Example of log type |
---|---|
Detection logs |
•Antivirus • ESET Inspect Alerts • Firewall • HIPS • Web protection (filtered websites) |
Management logs |
•Tasks •Triggers •Exported configuration •Enrollment |
Audit logs |
•Audit Log and the Audit log report. |
Monitoring logs |
•Device Control •Web Control •Logged users |
Diagnostic logs are cleaned every day. The user cannot change the cleaning interval.
During database cleanup, items in Detections corresponding to the cleaned Incident logs are deleted as well (regardless of detection status). By default, the cleanup period for Incident logs (and Detections) is set to 6 months. You can change the interval in More > Settings. |
Customization
Customize UI - You can add a custom logo to the ESET PROTECT Web Console, the reports generated via Server Task and email notifications.
|
Web Console |
Reports |
Notifications |
---|---|---|---|
None |
Basic design, no custom logo |
ESET PROTECT On-Prem logo on the side of the footer. |
ESET PROTECT On-Prem logo on the side of the header. |
Co-branding |
Custom logo for Web Console |
A custom logo in the report footer - ESET PROTECT On-Prem logo and your logo. |
A custom logo in the notification header - ESET PROTECT On-Prem logo and your logo. |
White-labeling (requires MSP license) |
Custom logo for Web Console |
A custom logo in the report footer - no ESET PROTECT On-Prem logo, only your logo. |
A custom logo in the notification header. Next to it is Powered by ESET PROTECT On-Prem. |
Company logo
•Dark background logo (Web Console header) - This logo will be displayed in the top corner of Web Console.
•Light background logo - This logo will be displayed in the header (for MSP license owners) or footer (co-branding setting) of reports generated via Server Task and in the header of email notifications.
Click to select a logo. Click to download current logo. Click to remove current logo.
Reports & Notifications
•Customize reports - Enable this option to use the selected logo in reports and/or to add a footer text.
•Report footer text - Type the text that will be added to the bottom corner of reports generated in PDF format.
A custom logo cannot be used together with custom footer text. Logo has the same position as footer text. If logo and footer are used simultaneously, only logo will be visible. When using the White-labeling setting, the custom logo will appear in the upper corner of the report; a smaller powered by ESET logo is placed in bottom corner, instead of footer text. |