ESET PROTECT ADVANCED On Prem

BUNDLE SOLUTION

ESET PROTECT ADVANCED On Prem features

A. ESET ENDPOINT SECURITY
Antivirus and Antispyware
Eliminates all types of threats, including viruses, rootkits, worms and  spyware
Optional cloud-powered scanning:
Whitelisting of safe  files based on file reputation database in the cloud  for better detection and  faster scanning. Only information about executable and  archive files is sent to the cloud  – such data are  not personally attributable.
Virtualization Support
ESET Shared Local Cache stores metadata about already scanned files within the virtual environment so identical files are  not scanned again, resulting in boosted scan speed.
ESET module updates and  virus signatures database are  stored outside of the default location, so these don’t  have to be downloaded every  time a virtual machine is reverted to default snapshot.
Host-Based Intrusion Prevention System (HIPS)
Enables you to define rules  for system registry, processes, applications and  files. Provides anti-tamper protection and  detects threats based on system behavior.
Exploit Blocker
Strengthens security of applications such as web browsers, PDF readers, email clients or MS office components, which are  commonly exploited.
Monitors process behaviors and  looks  for suspicious activities typical of exploits.
Strengthens protection against targeted attacks and  previously unknown exploits, i.e. zero-day attacks that could  be used by crypto-ransomware to enter the targeted system.
Advanced Memory Scanner
Monitors the behavior of malicious processes and  scans them once they decloak in the memory. This allows for effective infection prevention, even from  heavily  obfuscated malware,
often detecting crypto-ransomware prior  to it encrypting valuable files.
Client Antispam
Effectively filters out spam and  scans all incoming emails for malware. Native support for Microsoft Outlook (POP3, IMAP, MAPI).
Cross-Platform Protection
ESET security solutions for Windows are  capable of detecting Mac OS threats and  vice-versa, delivering better protection in multi-platform environments.
Web Control
Limits website access by category, e.g. gaming, social  networking, shopping and  others. Enables you to create rules  for user  groups to comply with your  company policies.
Soft blocking – notifies the end  user  that the website is blocked giving him an option to access the website, with activity logged.
Anti-Phishing
Protects end  users from  attempts by fake websites to acquire sensitive information such as usernames, passwords or banking and  credit card  details.
Two-Way Firewall
Prevents unauthorized access to your  company network. Provides anti-hacker protection and  data exposure prevention. Lets you define trusted networks, making all other connections, such as to
public  Wi-Fi, in ‘strict’ mode by default. Troubleshooting wizard guides you through a set  of questions, identifying problematic rules,  or allowing you to create new ones.
Vulnerability Shield
Improves detection of Common Vulnerabilities and  Exposures (CVEs) on widely  used protocols such as SMB, RPC and  RDP.
Protects against vulnerabilities for which a patch has  not yet been released or deployed.
Botnet Protection
Protects against infiltration by botnet malware – preventing spam and  network attacks launched from  the endpoint.
Device Control
Blocks unauthorized devices (CDs/DVDs  and  USBs) from  your  system. Enables you to create rules  for
user  groups to comply with your  company policies.  Soft blocking – notifies the end  user  that his device is blocked and  gives him the option to access the device,  with activity logged.
Idle-State Scanner
Aids system performance by performing a full scan proactively when the computer is not in use. Helps  speed up subsequent scans by populating the local cache.
First Scan after Installation
Provides the option to automatically run  low priority on-demand scan 20 minutes after installation, assuring protection from  the outset.
Update Rollback
Lets you revert to a previous version of protection modules and  virus signature database.
Allows you to freeze updates as desired - opt for temporary rollback or delay  until  manually changed.
Postponed Updates
Provides the option to download from  three specialized update servers: pre-release (beta users), regular release (recommended for non-critical systems) and  postponed release (recommended for company- critical systems – approximately 12 hours after regular release).
Local Update Server
Saves  company bandwidth by downloading updates only once, to a local mirror server.
Mobile  workforce updates directly from  ESET Update Server when the local mirror is not available. Secured (HTTPS) communication channel is supported.
RIP & Replace
Other security software is detected and  uninstalled during installation of ESET Endpoint solutions. Supports both 32 and  64-bit systems.
Customizable GUI Visibility
Visibility of Graphical User  Interface (GUI) to end  user  can  be set  to: Full, Minimal,  Manual or Silent. Presence of ESET solution can  be made completely invisible  to end  user,  including no tray  icon or notification windows.
By hiding the GUI completely, the “egui.exe” process does not run  at all, resulting in even lower system resource consumption by the ESET solution.
ESET License Administrator
Makes it possible to handle all licenses transparently, from  one  place via web browser. You can merge, delegate and  manage all licenses centrally in real-time, even if you are  not using ESET Remote Administrator.
Touchscreen Support
Supports touch screens and  high-resolution displays.
More padding for and  complete rearrangement of GUI elements. Basic frequently used actions accessible from  tray  menu.
Low System Demands
Delivers proven protection while  leaving more system resources for programs that end  users regularly run. Can be deployed on older machines without the need for an upgrade, thereby extending hardware lifetime. Conserves battery life for laptops that are  away from  the office, using battery mode.
Right-to-Left Language Support
Native right-to-left language support (e.g. for Arabic)  for optimum usability.
Remote Management
ESET Endpoint solutions are  fully manageable via ESET Remote Administrator.
Deploy,  run  tasks, set  up policies,  collect logs, and  get notifications and  an overall security overview of your  network – all via a single  web-based management console.

SYSTEM REQUIREMENTS

• Included products

ESET Endpoint Security for Windows
ESET Endpoint Security for Mac
ESET Endpoint Antivirus for Windows
ESET Endpoint Antivirus for Mac
ESET Endpoint Antivirus for Linux

• Supported operating systems

Microsoft Windows 10, 8.1, 8, 7
macOS 10.12 and later
Ubuntu Desktop 18.04 LTS 64-bit and RedHat Enterprise Linux (RHEL) Desktop 7 64-bit

B. ESET MOBILE SECURITY

Real-time Scanning
Ensures that all installation files and installed apps are automatically screened for malware. You stay well-protected against online and offline  threats including viruses, trojans and ransomware.
On-demand Scanning
Whenever you suspect foul play, run a scan on your  phone. It takes place silently in the background, without interrupting your  ongoing activities. Access logs and detailed scan results to check for detected threats.
ESET Live Grid
Ensures real-time protection against emerging threats by using in-the-cloud technology collecting malware samples from ESET product users from all over the world.
USB On-The-Go Scanner
Every connected USB device will be checked first to prevent malware accessing your  smart phone.
Anti-Phishing
Protects against malicious websites attempting to acquire your  sensitive information – usernames, passwords, banking information or credit card details.
Apps Permissions
See which of your  apps has access to what information on your  smartphone or tablet. Also monitors sensitive device settings that can  lower security such as Debugging Mode that can  allow a connection to the system via USB.
Scheduled Scan
Schedule a regular scan for malware at a convenient time – overnight or while the phone is charging if desired.
App Lock
Keeps your  applications safe  against unauthorized access. Additional authentification is required when accessing sensitive apps so content can  be hidden when lending the device to someone.
Automatic updates
Constant updates of your  virus signature database.
Connected Home Monitor
Monitor your  home network easily and with confidence. All devices connected to your  home network are identified and automatically checked for vulnerabilities. Your router is also  monitored to identify vulnerabilities and increase your  level of protection when connected to a new network. Password strength is also  checked and open ports are analyzed.
Proactive Anti-Theft
It acts when it detects suspicious behavior. If incorrect Screen lock (PIN, pattern, password) or unauthorized SIM is inserted, device gets locked and snapshots from phone cameras are automatically sent to my.eset.com. The information includes the phone‘s location, current IP address, inserted SIM details and other data. The user can  mark the device as missing at my.eset.com and start Location tracking or send Custom on-screen Message or even Wipe the device contents.
Custom On-screen Message
Send  a custom message to the missing device to contact the finder. The message will appear on screen even when the device is locked.
Location Tracking
When the device is marked as missing, the location is regularly sent to my.eset.com and displayed on the map, helping you track its position in time. If the device‘s location changes, its location is sent to my.eset.com for up to date tracking.
Camera Snapshots
Snapshots are automatically and regularly sent from the phone‘s front and back camera to my.eset.com if the device is marked as missing. This helps to identify its location or its finder.
Low Battery Alert
When the device is low on battery, its current position and camera snapshots are automatically sent to my.eset.com before the device shuts off.
SIM Guard
Lets you stay in control of your  phone if it goes missing. Your phone will be locked when unauthorized SIM card will be inserted.
Anti-Theft Optimization
Automatic notification when settings are limiting Anti-Theft’s functionality (GPS turned off for example).
Security Report
Gives you a monthly insight into how ESET protects your  device. The report gives you information about the number of scanned files, blocked web pages and much more.
Security Audit
See which of your  apps has access to what information on your  smartphone or tablet. Also monitors sensitive device settings that can  lower security such as Debugging Mode that can  allow a connection to the system via USB.

SYSTEM REQUIREMENTS

• Included products

ESET Endpoint Security for Android

ESET MDM for iOS & iPadOS 

• Supported operating systems

Android 5 (Lollipop) and later

iOS 8 and later. ESET MDM for iOS & iPadOS requires ESET PROTECT management console

C. ESET FILE SECURITY

Antivirus and Antispyware
Eliminates all types of threats, including viruses, rootkits, worms and spyware
Optional cloud-powered scanning:
Whitelisting of safe  files based on file reputation database in the cloud for better detection and faster scanning.
Only information about executable and archive files is sent to the cloud – such data is not personally attributable.
Virtualization Support
ESET Shared Local Cache stores metadata about already scanned files within the virtual environment so identical files are not scanned again, resulting in boosted scan speed.
ESET module updates and virus signatures database are stored outside of the default location, so these don’t have to be downloaded every time a virtual machine is reverted to default snapshot.
Hyper-V Storage Scan
Scans Microsoft Windows® servers with enabled Hyper-V role for malware, without a need to have another instance of antivirus product in place. Saves time by scanning the hard-drive contents with no pre-arrangements or system down-time and provides separate reports based on the scan results. For enhanced performance, lower memory consumption and lower CPU usage, scans can  be carried out on virtual machines while they are turned off.
Exploit Blocker 
Strengthens security of applications such as web browsers, PDF readers, email clients or MS office components, which are commonly exploited.
Monitors process behaviors and looks for suspicious activities  typical of exploits.
Strengthens protection against targeted attacks and previously unknown exploits, i.e. zero-day attacks.
Advanced Memory Scanner
Monitors the behavior of malicious processes and scans them once they decloak in the memory. This allows for effective infection prevention, even from heavily obfuscated malware.
Native Clustering Support
Allows you to configure the solution to automatically replicate settings when installed in a cluster environment. An intuitive wizard makes it easy to interconnect several installed nodes of ESET File Security within a cluster and manage them as one, eliminating the need to replicate changes in configuration manually to other nodes in the cluster.
Storage Scan 
Allows you to easily set up on-demand scans of connected Network Attached Storage (NAS).
Combined with ESET Shared Local Cache installed within the network, this can drastically reduce the amount of disk input/output operations on network drives.
Specialized Cleaners 
Provides most relevant critical malware standalone cleaners within the product interface for malware which cannot be removed by the regular cleaner.
Host-Based Intrusion Prevention System (HIPS)
Enables you to define rules for system registry, processes, applications and files.
Provides anti-tamper protection and detects threats based on system behavior.
Anti-Phishing 
Protects you from attempts by fake websites to acquire sensitive information.
Device Control
Blocks unauthorized portable devices from connecting to the server.
Enables you to create rules for user groups to comply with your company policies.
Soft blocking – notifies the end user that his device is blocked and gives him the option to access the device, with activity logged.
Idle-State Scanner 
Aids system performance by performing a full scan proactively when the computer is not in use.
Helps speed up subsequent scans by populating the local cache.
Update Rollback 
Lets you revert to a previous version of protection modules and virus signature database.
Allows you to freeze updates as desired - opt for temporary rollback or delay until manually changed.
Postponed Updates
Provides the option to download from three specialized update servers: pre-release (beta users), regular release (recommended for non-critical systems) and postponed release (recommended for companycritical systems - approximately 12 hours after regular release).
Local Update Server 
Saves company bandwidth by downloading updates only once - to a local mirror server.
Mobile workforce updates directly from ESET Update Server when the local mirror is not available.
Secured (HTTPS) communication channel is supported.
Process Exclusions
The admin can define processes which are ignored by the real-time protection module – all file operations that can be attributed to these privileged processes are considered to be safe. This is especially useful for processes that often interfere with real-time protection, like backup or live virtual machine migration. Excluded process can access even unsafe files or objects without triggering an alert.
Windows Management Instrumentation (WMI) Provider Provides the possibility to monitor key functionalities of ESET File Security via Windows Management Instrumentation framework. This allows integration of ESET File Server into 3rd party management and SIEM software, such as Microsoft System Center Operations Manager, Nagios, and others.
Customizable GUI Visibility 
Visibility of Graphical User Interface (GUI) to end user can be set to: Full, Minimal, Manual or Silent.
Presence of ESET solution can be made completely invisible to end user, including no tray icon or notification windows.
By hiding the GUI completely, the “egui.exe” process does not run at all, resulting in even lower system resource consumption by the ESET solution.
ESET License Administrator 
Makes it possible to handle all licenses transparently, from one place via web browser. You can merge, delegate and manage all licenses centrally in real-time, even if you are not using ESET Remote Administrator.
Component-Based Installation
Allows you to choose which components to install:
– Real-Time File System Protection
– Web protocol Filtering
– Device Control
– Graphical User Interface (GUI)
– E-mail Client Protection
– ESET Log Collector
– ESET SysInspector
– ESET SysRescue
– Offline Help
Remote Management 
ESET Endpoint solutions are fully manageable via ESET Remote Administrator.
Deploy, run tasks, set up policies, collect logs, and get notifications and an overall security overview of your network – all via a single web-based management console.
ESET Log Collector 
A simple tool which collects all logs relevant for troubleshooting, assisted by ESET’s technical support, and bundles them into a single archive which can be sent via email or uploaded to a shared network drive to speed up the troubleshooting process.

SYSTEM REQUIREMENTS

• Supported Windows operating systems

Microsoft Windows Server 2019, 2016, 2012, 2008R2, 2008 SP2
Microsoft Windows Server Core 2016, 2012, 2008R2, 2008
Microsoft Small Business Server 2011, 2008

• Included products

ESET File Security for Microsoft Windows Server
ESET File Security for Linux
ESET File Security for Microsoft Azure

• Requirements for ESET File Security for Linux

Supports the main distributions including RedHat Enterprise Linux (RHEL), CentOS, Ubuntu Server, Debian, SUSE Linux Enterprise Server, Amazon Linux and Oracle Linux.

D. ESET FULL DISK ENCRYPTION

All products managed from one console
ESET Full Disk Encryption works within the ESET PROTECT console, helping administrators to save time thanks to familiarity with the existing management environment and concepts.
Fully validated
Patented technology to protect data for businesses of all sizes. ESET Full Disk Encryption is FIPS 140-2 validated with 256 bit AES encryption.
Powerful encryption
ESET Full Disk Encryption encrypts system disks, partitions and entire drives to ensure that everything stored on each PC or laptop is locked down and secure, protecting you against loss or theft.
Cross-platform coverage
Manage encryption on Windows machines and native macOS encryption (FileVault) from a single dashboard.
Add additional devices at any time
You can increase the number of devices covered by your license at any time.
Single-click deployment
Manage full disk encryption across your entire network from a cloud‑based console. ESET PROTECT single pane of glass allows admins to deploy, activate and manage encryption on their connected endpoints with a single click.
Password policies
Admin can set mandatory password attributes, number of passwords retries, and expiry period. From a policy setting it is possible to grant a user the option to change their password whenever they want to.

SYSTEM REQUIREMENTS

Supported operating systems:
Microsoft Windows 7, 8, 8.1, 10
macOS 10.14 (Mojave) and higher
Requirements
deployed ESET PROTECT console on-premises

E. ESET DYNAMIC THREAT DEFENSE (CLOUD SANDBOX)

Ransomware and zero-day threats detection
Detect new, never-before-seen types of threats. ESET utilizes three different machine learning models once a file is submitted. After that, it runs the sample through a full sandbox, simulating user behavior to trick anti-evasive techniques. Next, a deep learning neural network is used to compare the behavior seen versus historical behavioral data. Finally, the latest version of ESET's scanning engine is used to take everything apart and analyze it for anything unusual.
Granular reports
An admin can create a report of ESET Dynamic Threat Defense data in the ESET PROTECT console. They can either use one of the pre-defined reports or make a custom one.
Transparent full visibility
Every analyzed sample status is visible in the ESET PROTECT console, which provides transparency to all data sent to ESET LiveGrid®.
Automatic protection
The endpoint or server product automatically decides whether a sample is good, bad or unknown. If the sample is unknown, it is sent to ESET Dynamic Threat Defense for analysis. Once the analysis is finished, the result is shared, and the endpoint products respond accordingly.
Mail Security protection
Not only does ESET Dynamic Threat Defense work with files, but it also works directly with ESET Mail Security, to ensure that malicious emails are not delivered to your organization.
Mobility
Nowadays, employees often do not work on the premises. The Cloud Sandbox analyzes files no matter where users are.
Proactive protection
If a simple is found suspicious, it is blocked from execution while ESET Dynamic Threat Defense analyzes it. That way, potential threats are prevented from wreaking havoc on the system.
Tailored customization
ESET allows per-computer detailed policy configuration for ESET Dynamic Threat Defense so the admin can control what is sent and what should happen based on the receiving result.
Manual submission
At any time, a user or admin can submit samples via an ESET compatible product for analysis and get the full result. Admins will see who sent what and what the result was directly in the ESET PROTECT console.

SYSTEM REQUIREMENTS

A working ESET Business Account or ESET MSP Administrator account synchronized with a ESET management console
ESET PROTECT on-premises console deployed
Version 7.x of compatible ESET security products installed or newer
A Valid license for ESET Dynamic Threat Defense or bundled solution license with Cloud Sandbox component included
Activated Security products with ESET Dynamic Threat Defense License
ESET Dynamic Threat Defense enabled in policies for compatible Security products
Network requirements on opened ports 

F. ESET PROTECT On Premises

ESET Remote Administrator Server
ESET Remote Administrator’s server component can be installed on Windows as well as Linux servers and also comes as a virtual appliance. It handles communication with agents, and collects and stores application data in the database.
Independent Agent
The agent is a small application that handles the remote management communication and runs independently of the security solution itself. It connects to ESET Remote Administrator and executes tasks, collects logs from ESET applications, interprets and enforces policies, and performs other tasks, e.g. software deployment and general computer monitoring. As the agent executes tasks and interprets server logic locally, it reacts to and eliminates security issues even when the client is not connected to the server.
Web-Console
The front-end component of ESET Remote Administrator, the web-console, manages everyday network security. It has a role in interpreting the data stored in the database, visualizing it in the form of cleardashboards and lists with drill-down capabilities, and commands the agents and other ESET applications. In addition, it offers a huge array of customization options to suit the needs of any administrator by providing an easy “look & see” overview of the entire network’s security.
ESET Remote Administrator Proxy
The proxy handles collection and aggregation of data from machines in distant locations and forwards it to the centralized ESET Remote Administrator server. Remote locations no longer require ESET Remote Administrator server installation; the proxy alone will suffice. It’s possible to install several proxies in large and complex environments and connect them to a central server. The hierarchy and access rights are enforced by the central server, and through its access rights structure.
Rogue Detection Sensor
This component of ESET Remote Administrator is used to discover unprotected and unmanaged machines in the network by listening to their traces. It provides the administrator with improved visibility of all devices located within the corporate network. Discovered machines are immediately
located and reported in a predefined report allowing the admin to move them to a specific static group and proceed with management tasks.
Multi-Platform Support
ESET Remote Administrator runs on both Windows and Linux machines. The general installer deploys ESET Remote Administrator, including server, database and other components, in one step. The admin can also install component-by-component, or deploy as a virtual appliance.
ESET License Administrator
Makes it possible to handle all licenses transparently, from one place via web browser.
You can merge, delegate and manage all licenses centrally in real-time.
Endpoint Deployment
ESET Remote Administrator offers several methods of endpoint deployment, making the process smooth and quick. All installers’ metadata is stored on the server, so it’s easy to utilize different installers for different customers (useful for MSPs) or create groups with specific settings, policies or license credentials.
Multi-tenancy
A single instance of ESET Remote Administrator can serve multiple independent users with specific access and privileges – while the user cannot see the data of other users. It is also possible to grant three levels of access to each object – read / use / write – as well as granular access settings for different types of tasks. Multi-tenancy is ideal for large enterprises with one centralized server and different admins managing only endpoints in their respective locations, or for MSPs managing multiple customers from a single server but who need to ensure that customers are not able to see the data of other users.
Secure Peer Communication
ESET Remote Administrator now utilizes the Transport Layer Security (TLS) 1.0 standard and employs its own created and distributed certificates to digitally sign and encrypt communication between the solution’s individual components for peer identification. The admin can build a public key infrastructure (PKI) with certificates and certification authority during the installation process, or at a later date. Alternatively, admins can choose to use their own certificates. Certificates are then assigned during the deployment of each ESET Remote Administrator component, resulting in secure communication and a secure network environment.
2FA-Protected Login
To validate the identities of users logging in to ESET Remote Administrator, it’s possible to enable twofactor authentication (2FA) directly from the web console. Up to 10 accounts can be 2FA-protected for free. After a simple self-enrollment directly from the web-console, the user will receive a link via SMS to download the ESET Secure Authentication mobile app – which is then used to generate random onetime passwords. Once 2FA is set up, one-time passwords are used to complement and strengthen the authentication process.
Integrated ESET SysInspector®
ESET SysInspector is a diagnostic tool that helps troubleshoot a wide range of system issues and is integrated into the ESET Remote Administrator web-console. The admin is able to view all generated SysInspector snapshots directly for a particular client. This allows the admin to track-back security incidents or system changes chronologically.
Dynamic and Static Groups
ESET Remote Administrator uses a client-centric approach, similar to the Active Directory with which ESET Remote Administrator syncs automatically, and adopts its group structure. Clients can be assigned to either static or dynamic groups. The admin sets inclusion criteria for a dynamic group; thereafter, any client that meets these criteria is moved automatically to the respective dynamic group. It is also
possible to assign a policy to a dynamic group, with this policy applied to clients upon entry to the respective dynamic group and withdrawn upon exit. This happens without any admin/user interaction.
Policies
The admin can define policies per security product and clearly specify their mutual relationship. Policies are executed on the agent, so even without a connection to the ESET Remote Administrator server the agent is able to apply policies assigned to a specific dynamic group in the event that a client enters that dynamic group. For even easier management, the admin can choose from predefined policy templates for each ESET security product, according to the needs of various clients, e.g. applying specific policy templates for laptops or servers, and restrictive or soft policies.
Triggers
By configuring triggers, the admin is able to define if and when a specific task is executed. Triggers can be paired with dynamic groups and execute the tasks on a client once it enters the group. Scheduled triggers provide the ability to specify task execution according to date, time, day and repeat frequency.
Tasks
Tasks are created in wizard-style steps and clearly sorted for various ESET security products; this also includes pre-configured tasks.
Reports
Admins can choose from pre-defined report templates or create custom ones, just using a selected set of data and values. ESET Remote Administrator collects only data which is necessary for generating reports, with the remaining logs stored on the client, resulting in better database performance. Each report template can be viewed in the web-console as a dashboard element to provide the administrator with an excellent real-time overview of network security, including drill-down possibilities. What’s more, it allows action to be taken if necessary. Apart from displaying reports via web-console, they can be exported to a PDF / PS / CSV and saved to a predefined location or sent as an email notification report.
Notifications
It’s critical for administrators to get notification of any security issues happening in the network, in order to react immediately. The admin can configure notification options via a wizard-style series of steps, or use any of the predefined notification templates. Templates can be mapped to the specific dynamic group memberships of clients or triggered by specific indications or events as they are recorded in event logs.
IBM QRadar Integration
All major ESET events are exported in LEEF format, which is natively recognized by IBM QRadar. ESET Remote Administrator is shown as a “Log Source” for these events in the IBM QRadar console.
SYSTEM REQUIREMENTS

• Supported operating systems

Windows Server 2012, 2012 R2, 2016, 2019
Windows Storage Server 2012 R2, 2016
Microsoft SBS 2008, 2011
Ubuntu, RHEL Server, CentOS, SLED, SLES, OpenSUSE, Debian

• Deployment in Microsoft Azure

See ESET's remote management console as a virtual machine in Microsoft Azure Marketplace.