ESET PROTECT Components Upgrade task

Recommendations before upgrading

We recommend using the ESET PROTECT Components Upgrade task available in the ESET PROTECT Web Console to upgrade your ESET PROTECT infrastructure. Carefully review the directions here before upgrading.



ESET PROTECT 8 automatically notifies you when a new version of the ESET PROTECT Server is available.

For additional instructions to upgrade ESET PROTECT to the latest version guide, see our Knowledgebase article.

Are you upgrading from ERA/ESMC Virtual Appliance?

Are you upgrading an environment with ERA Proxy?

hmtoggle_plus0The ESET PROTECT Server instance is installed on a failover cluster?
hmtoggle_plus0Important instructions before upgrading Apache HTTP Proxy on Microsoft Windows
hmtoggle_plus0Important instructions before upgrading Apache HTTP Proxy on Virtual Appliance




You can upgrade to ESET PROTECT 8.0 only from ERA version 6.5 and later.

Back up the following data before you start the upgrade task:

All certificates (Certificate Authority, Server Certificate and Agent Certificate)

Export your Certification Authority Certificates from an old ESET PROTECT Server to a .der file and save to external storage.

Export your Peer Certificates (for ESET Management Agent, ESET PROTECT Server) and private key .pfx file from an old ESET PROTECT Server and save to external storage.

Your ERA/ESMC database. If you have an older unsupported database installed (MySQL 5.5 or MSSQL 2008), upgrade your database to a compatible database version before upgrading the ESET PROTECT Server.


Make sure that you have a supported operating system before upgrading to ESET PROTECT 8.0.

ESET PROTECT Server component version 8.0 is not compatible with 32-bit machines (x86 architecture). Upgrading a 32-bit Server machine from versions 6.5-7.0 to 8.0 will fail.

If you have already run the upgrade and now your system is not working, you need to manually reinstall all ESET PROTECT components to the original version.

If you want to upgrade, you need to migrate your current ESET PROTECT to a 64-bit machine, and after successful migration, you can run the upgrade task.

ESET PROTECT 8.0 uses LDAPS as the default protocol for Active Directory synchronization. If you upgraded from versions 6.5-7.1 on a Windows machine to ESET PROTECT 8.0 and you were using the Active Directory synchronization, synchronization tasks will fail in ESET PROTECT 8.0.

To upgrade ESET security products, use the Software Install task. Run the task using the latest installer package to install the latest version over your existing product.

Recommended upgrade procedure

1.Upgrade the ESET PROTECT Server - Select only the machine with the ESET PROTECT Server as target for the ESET PROTECT Components Upgrade task.



When upgrading from ERA 6.x, make sure to upgrade to the ESET PROTECT Server before upgrading the Agents. ESET Management Agents use a new communication protocol and are not able to connect to ERA 6.x Server.


2.Select some client computers (as a test sample - at least one client from each operating system and bitness) and run the ESET PROTECT Components Upgrade task on them.

We recommend that you use Apache HTTP Proxy (or any other transparent web proxy with caching enabled) to limit the network load. The test client machines will trigger the download/caching of the installers. The next time the task is run, the installers will be distributed to client computers directly from the cache.

3.After the computers with upgraded ESET Management Agent are successfully connecting to the ESET PROTECT Server, proceed with upgrading the rest of the clients.




To upgrade ESET Management Agents on all managed computers in the network, select the Static Group All as target for the ESET PROTECT Components Upgrade task. Computers that were already upgraded before will not be upgraded again.

List of upgraded components:


ESET Management Agent

ESET PROTECT Web Console - only applies when Apache Tomcat was installed to its default installation folder in both Windows and Linux distributions, including ESET PROTECT Virtual Appliance (for example: /var/lib/tomcat8/webapps/, /var/lib/tomcat7/webapps/, /var/lib/tomcat/webapps/).



oApache Tomcat is not upgraded during the ESET PROTECT Web Console upgrade via the Components Upgrade task.

oESET PROTECT Web Console upgrade does not work if Apache Tomcat was installed in a custom location.

oIf a custom version of Apache Tomcat is installed (manual installation of the Tomcat service), the subsequent ESET PROTECT Web Console upgrade via the All-in-one installer or via Components Upgrade Task is not supported.

ESET PROTECT Mobile Device Connector. We recommend that you upgrade MDM to version 6.5 before upgrading your environment to version 8.0.

Components that must be upgraded manually:

Apache Tomcat (we strongly recommend that you keep Apache Tomcat up-to-date, see Upgrading Apache Tomcat)

Database Server

Apache HTTP Proxy (can be achieved using All-in-one installer, see Upgrading Apache HTTP Proxy)

ESET Rogue Detection Sensor - Use the Software Install task for upgrade. Alternatively, install a newer version over the older version (follow the installation instructions for Windows or Linux). If you installed RD Sensor with ESMC 7.2, you do not need to upgrade it, as there are no new RD Sensor releases.




If the components upgrade fails on a machine running the ESET PROTECT Server or Web Console, you may not be able to log into the Web Console remotely. We recommend that you configure physical access to the server machine before performing this upgrade. If you cannot arrange for physical access to the machine, make sure you can log onto it with administrative privileges using a remote desktop. We recommend that you back up your ESET PROTECT Server and Mobile Device Connector databases before performing this operation. To back up your Virtual Appliance, create a snapshot or clone your virtual machine.

Verify whether you can access the ESET PROTECT repository from an upgraded computer.

Re-running the ESET PROTECT Components Upgrade task will not work if there is at least one component already upgraded to the newer version.

If there is no clear reason for the failure, you can upgrade components manually. See our instructions for Windows or Linux.

For more suggestions to resolve upgrade issues, see general troubleshooting information.