Why are we installing Java on a server? Doesn’t this create a security risk? The majority of all security companies and security frameworks recommend that you uninstall Java from computers and especially from servers.

The ESET PROTECT Web Console requires Java/OpenJDK to function. Java is an industry standard for web-based consoles and all major web consoles are using Java and a Web Server (Apache Tomcat) for their operation. Java is necessary to support a multi-platform web server. It is possible to install a Web Server on a dedicated machine for security reasons.



Starting January 2019, Oracle JAVA SE 8 public updates for business, commercial or production use require a commercial license. If you do not purchase a JAVA SE subscription, you can transition to a no-cost alternative. See the supported versions of JDK.

How do I determine which port the SQL Server is using?

There are multiple ways to determine the port used by the SQL Server. You can get the most accurate result via the SQL Server Configuration Manager. See the figure below for an example of where to locate this information in SQL Configuration Manager:


After installing SQL Server Express (included in my ESET PROTECT package) on my Windows Server 2012 it does not appear to be listening on a standard SQL port. It is most likely listening to a port other than the default port 1433.


How do I configure MySQL to accept large packet size?

See MySQL installation and configuration for Windows or Linux.


If I install SQL myself, how should I create a database for ESET PROTECT?

You do not have to. A database is created by the Server.msi installer, not by the ESET PROTECT Installer. The ESET PROTECT Installer is included to simplify steps for you, it installs the SQL Server and then the  database is created by the server.msi installer.


Can the ESET PROTECT Installer create a new database for me in an existing MS SQL Server installation, if I give it the proper MS SQL Server connection details and credentials? It would be convenient if the installer supported different versions of SQL Server (2012, 2014, etc.).

The database is created by Server.msi. So, yes, it can create an ESET PROTECT database for you on individually installed SQL Server instances. The supported versions of MS SQL Server are 2012 and later. The ESET PROTECT 8.1 All-in-one installer installs Microsoft SQL Server Express 2019 by default. If you use an older Windows edition (Server 2012 or SBS 2011), Microsoft SQL Server Express 2014 will be installed by default. The installer automatically generates a random password for database authentication (stored in %PROGRAMDATA%\ESET\RemoteAdministrator\Server\EraServerApplicationData\Configuration\startupconfiguration.ini).


If installing on an existing SQL Server, should the SQL Server use built-in Windows Authentication mode by default?

No, because Windows Authentication mode can be disabled on the SQL Server and the only way to log in is to use SQL Server Authentication (entering a Username and Password). During the installation of the ESET PROTECT Server, the Mixed mode authentication (SQL Server Authentication and Windows Authentication) is required. When manually installing the SQL Server, we recommend you create a root password (root user is named "sa", which stands for security admin) and store it for later in a safe place. The root password may be needed when upgrading the ESET PROTECT Server. You can set the Windows Authentication after the installation of the ESET PROTECT Server.


Can I use MariaDB instead of MySQL?

No, MariaDB is not supported. Make sure to install a supported version of MySQL Server and ODBC Connector. See MySQL installation and configuration.

I had to install Microsoft .NET Framework 4 as the ESET PROTECT Installer pointed me to (http://www.microsoft.com/en-us/download/details.aspx?id=17851), but that did not work on a fresh installation of Windows Server 2012 R2 with SP1.

This installer cannot be used on Windows Server 2012 because of the Windows Server 2012 security policy. Microsoft .NET Framework must be installed via the Add Roles and Features Wizard.


It is very difficult to tell whether the SQL Server installation is running. How can I tell what is happening if the installation takes more than 10 minutes?

The SQL Server installation can, in rare cases, take up to 1 hour. Install times depend on system performance.


How do I reset the Administrator password for my Web Console (entered during set up)?

It is possible to reset the password by running the server installer and choosing Repair. Be aware the password may be required to gain access to the ESET PROTECT database if you did not use Windows Authentication during creation of the database.



Please be careful since some of the repair options can potentially remove stored data.

Password reset disables the 2FA.


When importing a file containing a list of computers to add to ESET PROTECT, what is the format required for the file?

The format is the following lines:

All is the required name of root group.


Can you use IIS instead of Apache? What about another HTTP server?

IIS is an HTTP server. The web console needs a Java servlet container (like Tomcat) to run, and the HTTP server is not sufficient. There have been solutions about how to change IIS into a Java servlet container, but in general, this is not supported.



We do not use Apache HTTP Server, we use Apache Tomcat, which is a different product.


Does ESET PROTECT have a command-line interface?

Yes, we have the ESET PROTECT ServerApi.


Can you install ESET PROTECT on a domain controller?

Do not install SQL Server on a Domain Controller (for example, Windows SBS / Essentials). We recommend that you install ESET PROTECT on a different server or do not select the SQL Server Express component during installation (this requires you to use your existing SQL or MySQL Server to run the ESET PROTECT database).


Will the ESET PROTECT Server installation detect if SQL is already installed on the system? What happens if it does? What about MySQL?

ESET PROTECT will check for SQL running on a system if you are using the installation wizard and you have selected SQL express to install. In the event there is already an SQL running on a system, the wizard will display a notification to uninstall the existing SQL, and then run the installation again, or install ESET PROTECT without SQL Express. See database requirements for ESET PROTECT.


Where can I find an ESET PROTECT component mapped by its release version?

See our Knowledgebase article.


How do I perform an upgrade of ESET PROTECT to the latest version?

See upgrade procedures.


How can I update a system without an Internet connection?

Using HTTP Proxy installed on a machine that can connect to the ESET update servers (where update files are cached) and pointing Endpoints to that HTTP Proxy on a local network. If your server does not have an Internet connection, you can enable the mirror feature of the Endpoint product on one machine, use a USB drive to deliver update files to this computer and configure all other offline computers to use it as an update server.

For details on how to perform an offline installation, follow these instructions.


How do I reinstall my ESET PROTECT Server and connect it to an existing SQL server if the SQL server was set up automatically by the initial ESET PROTECT install?

If you are installing the new instance of the ESET PROTECT Server using the same user account (for example, a domain administrator’s account) under which you have installed the original ESET PROTECT Server, you can use MS SQL Server via Windows Authentication.


How do I fix issues with Active Directory sync on Linux?

Verify your domain name is entered in all capital letters (administrator@TEST.LOCAL instead of administrator@test.local).


Is there a way to use my own network resource (like SMB share) instead of the repository?

You can choose to provide the direct URL where a package is located. If you are using a file share, specify it in a following format: file:// followed by the full network path to the file, for example:



How do I reset or change my password?

Ideally, the administrator account should only be used to create accounts for individual admins. Once admin accounts are created, the administrator password should be saved and the administrator account should not be used. This practice allows for the administrator account to be used for password reset/account details only.

How to reset the password of a built-in ESET PROTECT Administrator account:

1.Open Programs and Features (run appwiz.cpl), locate the ESET PROTECT Server and right-click.

2.Select Change from the context menu.

3.Choose Repair.

4.Specify database connection details.

5.Select Use existing database and apply upgrade.

6.Deselect Use password already Stored in database and enter a new password.

7.Log into the ESET PROTECT Web Console with your new password.



We strongly recommend that you create additional accounts with specific access rights based on your desired account competencies.


How do I change ESET PROTECT Server and ESET PROTECT Web Console ports?

It is necessary to change the port in your webserver configuration to allow webserver connections to the new port. To do so, follow the steps below:

1.Shut down your webserver.

2.Modify the port in your webserver configuration.

a)Open the file webapps/era/WEB-INF/classes/sk/eset/era/g2webconsole/server/modules/config/EraWebServerConfig.properties

b)Set the new port number (for example, server_port=44591)

3.Start the webserver again.


Can I upgrade from ERA v.5 to ESET PROTECT 8 directly via All-in-one installer?

The direct upgrade is not supported - see Migration from ERA 5.x.


I am receiving error messages or have problems with ESET PROTECT, what should I do?

See Troubleshooting FAQs.