BUNDLE SOLUTION
|
ESET PROTECT ESSENTIAL On-Premises |
ESET PROTECT ENTRY On-Premises |
ESET PROTECT ADVANCED On-Premises |
ESET PROTECT COMPLETE On-Premises |
ESET PROTECT ENTERPRISE On-Premises |
ESET PROTECT MAIL PLUS On-Premises |
Cloud-Based Console (ESET PROTECT CLOUD)
|
|
|
|
|
|
|
On-Premises Console (ESET PROTECT)
|
✓ |
✓ |
✓ |
✓ |
✓ |
✓ |
Endpoint Antivirus
|
✓ |
✓ |
✓ |
✓ |
✓ |
|
Endpoint Security
|
|
✓ |
✓ |
✓ |
✓ |
|
File Server Security
|
✓ |
✓ |
✓ |
✓ |
✓ |
|
Full Disk Encryption
|
|
|
✓ |
✓ |
✓ |
|
Cloud Sandbox
|
|
|
✓ |
✓ |
✓ |
✓ |
Mail Server Security
|
|
|
|
✓ |
|
✓ |
Cloud Microsoft 365 Protection
|
|
|
|
✓ |
|
|
Endpoint Detection & Response (EDR)
|
|
|
|
|
✓ |
|
ESET PROTECT COMPLETE On Prem features
A. ESET ENDPOINT SECURITY
Antivirus and Antispyware
Eliminates all types of threats, including viruses, rootkits, worms and spyware
Optional cloud-powered scanning:
Whitelisting of safe files based on file reputation database in the cloud for better detection and faster scanning. Only information about executable and archive files is sent to the cloud – such data are not personally attributable.
Virtualization Support
ESET Shared Local Cache stores metadata about already scanned files within the virtual environment so identical files are not scanned again, resulting in boosted scan speed.
ESET module updates and virus signatures database are stored outside of the default location, so these don’t have to be downloaded every time a virtual machine is reverted to default snapshot.
Host-Based Intrusion Prevention System (HIPS)
Enables you to define rules for system registry, processes, applications and files. Provides anti-tamper protection and detects threats based on system behavior.
Exploit Blocker
Strengthens security of applications such as web browsers, PDF readers, email clients or MS office components, which are commonly exploited.
Monitors process behaviors and looks for suspicious activities typical of exploits.
Strengthens protection against targeted attacks and previously unknown exploits, i.e. zero-day attacks that could be used by crypto-ransomware to enter the targeted system.
Advanced Memory Scanner
Monitors the behavior of malicious processes and scans them once they decloak in the memory. This allows for effective infection prevention, even from heavily obfuscated malware,
often detecting crypto-ransomware prior to it encrypting valuable files.
Client Antispam
Effectively filters out spam and scans all incoming emails for malware. Native support for Microsoft Outlook (POP3, IMAP, MAPI).
Cross-Platform Protection
ESET security solutions for Windows are capable of detecting Mac OS threats and vice-versa, delivering better protection in multi-platform environments.
Web Control
Limits website access by category, e.g. gaming, social networking, shopping and others. Enables you to create rules for user groups to comply with your company policies.
Soft blocking – notifies the end user that the website is blocked giving him an option to access the website, with activity logged.
Anti-Phishing
Protects end users from attempts by fake websites to acquire sensitive information such as usernames, passwords or banking and credit card details.
Two-Way Firewall
Prevents unauthorized access to your company network. Provides anti-hacker protection and data exposure prevention. Lets you define trusted networks, making all other connections, such as to
public Wi-Fi, in ‘strict’ mode by default. Troubleshooting wizard guides you through a set of questions, identifying problematic rules, or allowing you to create new ones.
Vulnerability Shield
Improves detection of Common Vulnerabilities and Exposures (CVEs) on widely used protocols such as SMB, RPC and RDP.
Protects against vulnerabilities for which a patch has not yet been released or deployed.
Botnet Protection
Protects against infiltration by botnet malware – preventing spam and network attacks launched from the endpoint.
Device Control
Blocks unauthorized devices (CDs/DVDs and USBs) from your system. Enables you to create rules for
user groups to comply with your company policies. Soft blocking – notifies the end user that his device is blocked and gives him the option to access the device, with activity logged.
Idle-State Scanner
Aids system performance by performing a full scan proactively when the computer is not in use. Helps speed up subsequent scans by populating the local cache.
First Scan after Installation
Provides the option to automatically run low priority on-demand scan 20 minutes after installation, assuring protection from the outset.
Update Rollback
Lets you revert to a previous version of protection modules and virus signature database.
Allows you to freeze updates as desired - opt for temporary rollback or delay until manually changed.
Postponed Updates
Provides the option to download from three specialized update servers: pre-release (beta users), regular release (recommended for non-critical systems) and postponed release (recommended for company- critical systems – approximately 12 hours after regular release).
Local Update Server
Saves company bandwidth by downloading updates only once, to a local mirror server.
Mobile workforce updates directly from ESET Update Server when the local mirror is not available. Secured (HTTPS) communication channel is supported.
RIP & Replace
Other security software is detected and uninstalled during installation of ESET Endpoint solutions. Supports both 32 and 64-bit systems.
Customizable GUI Visibility
Visibility of Graphical User Interface (GUI) to end user can be set to: Full, Minimal, Manual or Silent. Presence of ESET solution can be made completely invisible to end user, including no tray icon or notification windows.
By hiding the GUI completely, the “egui.exe” process does not run at all, resulting in even lower system resource consumption by the ESET solution.
ESET License Administrator
Makes it possible to handle all licenses transparently, from one place via web browser. You can merge, delegate and manage all licenses centrally in real-time, even if you are not using ESET Remote Administrator.
Touchscreen Support
Supports touch screens and high-resolution displays.
More padding for and complete rearrangement of GUI elements. Basic frequently used actions accessible from tray menu.
Low System Demands
Delivers proven protection while leaving more system resources for programs that end users regularly run. Can be deployed on older machines without the need for an upgrade, thereby extending hardware lifetime. Conserves battery life for laptops that are away from the office, using battery mode.
Right-to-Left Language Support
Native right-to-left language support (e.g. for Arabic) for optimum usability.
Remote Management
ESET Endpoint solutions are fully manageable via ESET Remote Administrator.
Deploy, run tasks, set up policies, collect logs, and get notifications and an overall security overview of your network – all via a single web-based management console.
SYSTEM REQUIREMENTS
- Included products
ESET Endpoint Security for Windows
ESET Endpoint Security for Mac
ESET Endpoint Antivirus for Windows
ESET Endpoint Antivirus for Mac
ESET Endpoint Antivirus for Linux
- Supported operating systems
Microsoft Windows 10, 8.1, 8, 7
macOS 10.12 and later
Ubuntu Desktop 18.04 LTS 64-bit and RedHat Enterprise Linux (RHEL) Desktop 7 64-bit
B. ESET MOBILE SECURITY
Real-time Scanning
Ensures that all installation files and installed apps are automatically screened for malware. You stay well-protected against online and offline threats including viruses, trojans and ransomware.
On-demand Scanning
Whenever you suspect foul play, run a scan on your phone. It takes place silently in the background, without interrupting your ongoing activities. Access logs and detailed scan results to check for detected threats.
ESET Live Grid
Ensures real-time protection against emerging threats by using in-the-cloud technology collecting malware samples from ESET product users from all over the world.
USB On-The-Go Scanner
Every connected USB device will be checked first to prevent malware accessing your smart phone.
Anti-Phishing
Protects against malicious websites attempting to acquire your sensitive information – usernames, passwords, banking information or credit card details.
Apps Permissions
See which of your apps has access to what information on your smartphone or tablet. Also monitors sensitive device settings that can lower security such as Debugging Mode that can allow a connection to the system via USB.
Scheduled Scan
Schedule a regular scan for malware at a convenient time – overnight or while the phone is charging if desired.
App Lock
Keeps your applications safe against unauthorized access. Additional authentification is required when accessing sensitive apps so content can be hidden when lending the device to someone.
Automatic updates
Constant updates of your virus signature database.
Connected Home Monitor
Monitor your home network easily and with confidence. All devices connected to your home network are identified and automatically checked for vulnerabilities. Your router is also monitored to identify vulnerabilities and increase your level of protection when connected to a new network. Password strength is also checked and open ports are analyzed.
Proactive Anti-Theft
It acts when it detects suspicious behavior. If incorrect Screen lock (PIN, pattern, password) or unauthorized SIM is inserted, device gets locked and snapshots from phone cameras are automatically sent to my.eset.com. The information includes the phone‘s location, current IP address, inserted SIM details and other data. The user can mark the device as missing at my.eset.com and start Location tracking or send Custom on-screen Message or even Wipe the device contents.
Custom On-screen Message
Send a custom message to the missing device to contact the finder. The message will appear on screen even when the device is locked.
Location Tracking
When the device is marked as missing, the location is regularly sent to my.eset.com and displayed on the map, helping you track its position in time. If the device‘s location changes, its location is sent to my.eset.com for up to date tracking.
Camera Snapshots
Snapshots are automatically and regularly sent from the phone‘s front and back camera to my.eset.com if the device is marked as missing. This helps to identify its location or its finder.
Low Battery Alert
When the device is low on battery, its current position and camera snapshots are automatically sent to my.eset.com before the device shuts off.
SIM Guard
Lets you stay in control of your phone if it goes missing. Your phone will be locked when unauthorized SIM card will be inserted.
Anti-Theft Optimization
Automatic notification when settings are limiting Anti-Theft’s functionality (GPS turned off for example).
Security Report
Gives you a monthly insight into how ESET protects your device. The report gives you information about the number of scanned files, blocked web pages and much more.
Security Audit
See which of your apps has access to what information on your smartphone or tablet. Also monitors sensitive device settings that can lower security such as Debugging Mode that can allow a connection to the system via USB.
SYSTEM REQUIREMENTS
- Included products
ESET Endpoint Security for Android
ESET MDM for iOS & iPadOS
- Supported operating systems
Android 5 (Lollipop) and later
iOS 8 and later. ESET MDM for iOS & iPadOS requires ESET PROTECT management console
C. ESET FILE SECURITY
Antivirus and Antispyware
Eliminates all types of threats, including viruses, rootkits, worms and spyware
Optional cloud-powered scanning:
Whitelisting of safe files based on file reputation database in the cloud for better detection and faster scanning.
Only information about executable and archive files is sent to the cloud – such data is not personally attributable.
Virtualization Support
ESET Shared Local Cache stores metadata about already scanned files within the virtual environment so identical files are not scanned again, resulting in boosted scan speed.
ESET module updates and virus signatures database are stored outside of the default location, so these don’t have to be downloaded every time a virtual machine is reverted to default snapshot.
Hyper-V Storage Scan
Scans Microsoft Windows® servers with enabled Hyper-V role for malware, without a need to have another instance of antivirus product in place. Saves time by scanning the hard-drive contents with no pre-arrangements or system down-time and provides separate reports based on the scan results. For enhanced performance, lower memory consumption and lower CPU usage, scans can be carried out on virtual machines while they are turned off.
Exploit Blocker
Strengthens security of applications such as web browsers, PDF readers, email clients or MS office components, which are commonly exploited.
Monitors process behaviors and looks for suspicious activities typical of exploits.
Strengthens protection against targeted attacks and previously unknown exploits, i.e. zero-day attacks.
Advanced Memory Scanner
Monitors the behavior of malicious processes and scans them once they decloak in the memory. This allows for effective infection prevention, even from heavily obfuscated malware.
Native Clustering Support
Allows you to configure the solution to automatically replicate settings when installed in a cluster environment. An intuitive wizard makes it easy to interconnect several installed nodes of ESET File Security within a cluster and manage them as one, eliminating the need to replicate changes in configuration manually to other nodes in the cluster.
Storage Scan
Allows you to easily set up on-demand scans of connected Network Attached Storage (NAS).
Combined with ESET Shared Local Cache installed within the network, this can drastically reduce the amount of disk input/output operations on network drives.
Specialized Cleaners
Provides most relevant critical malware standalone cleaners within the product interface for malware which cannot be removed by the regular cleaner.
Host-Based Intrusion Prevention System (HIPS)
Enables you to define rules for system registry, processes, applications and files.
Provides anti-tamper protection and detects threats based on system behavior.
Anti-Phishing
Protects you from attempts by fake websites to acquire sensitive information.
Device Control
Blocks unauthorized portable devices from connecting to the server.
Enables you to create rules for user groups to comply with your company policies.
Soft blocking – notifies the end user that his device is blocked and gives him the option to access the device, with activity logged.
Idle-State Scanner
Aids system performance by performing a full scan proactively when the computer is not in use.
Helps speed up subsequent scans by populating the local cache.
Update Rollback
Lets you revert to a previous version of protection modules and virus signature database.
Allows you to freeze updates as desired - opt for temporary rollback or delay until manually changed.
Postponed Updates
Provides the option to download from three specialized update servers: pre-release (beta users), regular release (recommended for non-critical systems) and postponed release (recommended for companycritical systems - approximately 12 hours after regular release).
Local Update Server
Saves company bandwidth by downloading updates only once - to a local mirror server.
Mobile workforce updates directly from ESET Update Server when the local mirror is not available.
Secured (HTTPS) communication channel is supported.
Process Exclusions
The admin can define processes which are ignored by the real-time protection module – all file operations that can be attributed to these privileged processes are considered to be safe. This is especially useful for processes that often interfere with real-time protection, like backup or live virtual machine migration. Excluded process can access even unsafe files or objects without triggering an alert.
Windows Management Instrumentation (WMI) Provider Provides the possibility to monitor key functionalities of ESET File Security via Windows Management Instrumentation framework. This allows integration of ESET File Server into 3rd party management and SIEM software, such as Microsoft System Center Operations Manager, Nagios, and others.
Customizable GUI Visibility
Visibility of Graphical User Interface (GUI) to end user can be set to: Full, Minimal, Manual or Silent.
Presence of ESET solution can be made completely invisible to end user, including no tray icon or notification windows.
By hiding the GUI completely, the “egui.exe” process does not run at all, resulting in even lower system resource consumption by the ESET solution.
ESET License Administrator
Makes it possible to handle all licenses transparently, from one place via web browser. You can merge, delegate and manage all licenses centrally in real-time, even if you are not using ESET Remote Administrator.
Component-Based Installation
Allows you to choose which components to install:
– Real-Time File System Protection
– Web protocol Filtering
– Device Control
– Graphical User Interface (GUI)
– E-mail Client Protection
– ESET Log Collector
– ESET SysInspector
– ESET SysRescue
– Offline Help
Remote Management
ESET Endpoint solutions are fully manageable via ESET Remote Administrator.
Deploy, run tasks, set up policies, collect logs, and get notifications and an overall security overview of your network – all via a single web-based management console.
ESET Log Collector
A simple tool which collects all logs relevant for troubleshooting, assisted by ESET’s technical support, and bundles them into a single archive which can be sent via email or uploaded to a shared network drive to speed up the troubleshooting process.
SYSTEM REQUIREMENTS
- Supported Windows operating systems
Microsoft Windows Server 2019, 2016, 2012, 2008R2, 2008 SP2
Microsoft Windows Server Core 2016, 2012, 2008R2, 2008
Microsoft Small Business Server 2011, 2008
- Included products
ESET File Security for Microsoft Windows Server
ESET File Security for Linux
ESET File Security for Microsoft Azure
- Requirements for ESET File Security for Linux
Supports the main distributions including RedHat Enterprise Linux (RHEL), CentOS, Ubuntu Server, Debian, SUSE Linux Enterprise Server, Amazon Linux and Oracle Linux.
D. ESET MAIL SERVER SECURITY
Antivirus and Antispyware
Eliminates all types of threats, including viruses, rootkits, worms and spyware with optional cloudpowered scanning for even better performance and detection.
Optional cloud-powered scanning:
Whitelisting of safe files based on file reputation database in the cloud for better detection and faster scanning. Only information about executable and archive files is sent to the cloud – such data is not personally attributable.
Antispam and Anti-Phishing
Stops spam and phishing attempts, and delivers high interception rates without the need to manually set a Spam Confidence Level (SCL) Threshold. After installation, the antispam module is ready to run without the need to manually tune settings or thresholds.
Local Quarantine Management
Each mailbox owner can directly interact, via a standalone browser, with spam or suspected-malware messages that have been denied delivery to the mailbox. Based on privileges set by the admin, the user can sort quarantined messages, search among them and execute allowed actions messageby-message, or by group – all via web browser. Actions vary based on the reason a message was quarantined. A regular email report summarizing quarantined messages with embedded links to execute actions can be sent to the user.
Database On-Demand Scan
Administrators can choose which databases and, in particular, which mailboxes will be scanned. These scans can be further limited by using the modification time-stamp of each message to choose which should be inspected, thereby reducing to a minimum the server resources devoted to the task.
Message Processing Rules
Message processing rules offer a wide range of combinations by which every single message can be handled. The evaluated parameters include standard fields like subject, sender, body and specific message header, but also allow further conditional processing depending on previous anti-spam filtering or antivirus scanner results. Corrupted or password-protected archives are detected and attachments are screened internally to determine real file type, not only purported extension. Rules can be changed according to the desired actions.
Exploit Blocker
Strengthens the security of applications such as web browsers, PDF readers, email clients and MS office components, which are commonly exploited. Monitors process behaviors and looks for suspicious activities typical of exploits. Strengthens protection against targeted attacks and previously unknown exploits, i.e. zero-day attacks.
Advanced Memory Scanner
Monitors the behavior of malicious processes and scans them once they decloak in the memory. This allows for effective infection prevention, even from heavily obfuscated malware.
Host-Based Intrusion Prevention System (HIPS)
Enables you to define rules for system registry, processes, applications and files. Provides anti-tamper protection and detects threats based on system behavior.
Device Control
Blocks unauthorized portable devices from connecting to the server. Enables you to create rules for user groups to comply with your company policies. Allows soft blocking, which notifies the end user that his device is blocked and gives him the option to access it, with activity logged.
Snapshot Independence
ESET updates and program modules can be stored outside of the default location – so are not affected by reverting to an earlier snapshot of the virtual machine. As a result, the updates and modules don’t have to be downloaded every time a virtual machine is reverted to an earlier snapshot and the reverted machine can utilize untouched updates and avoid large downloads, resulting in faster snapshot recovery times.
Native Clustering Support
Allows you to configure the solution to automatically replicate settings when installed in a cluster environment. Our intuitive wizard makes it easy to interconnect several installed nodes of ESET Mail Security within a cluster and manage them as one, eliminating the need to replicate changes in
configuration manually to other nodes in the cluster.
ESET Shared Local Cache
ESET Shared Local Cache compares the metadata of files with the metadata of those that have already been stored, and automatically skips previously whitelisted clean files. Whenever a new, previously unscanned file is found, it’s automatically added to the cache.
This means that files already scanned on one virtual machine are not repeatedly scanned on other virtual machines within the same virtual environment, resulting in a significant scanning boost. As communication happens over the same physical hardware, there is practically no delay in scanning, resulting in considerable resource savings.
Windows Management Instrumentation (WMI) Provider
Provides the possibility to monitor key functionalities of ESET Mail Security via Windows Management Instrumentation framework. This allows integration of ESET Mail Server into 3rd party management and SIEM software, such as Microsoft System Center Operations Manager, Nagios, and others.
Process Exclusions
The admin can define processes which are ignored by the real-time protection module – all file operations that can be attributed to these privileged processes are considered to be safe. This is especially useful for processes that often interfere with real-time protection, like backup or live virtual
machine migration. Excluded process can access even unsafe files or objects without triggering an alert.
Incremental Micro-Definitions
Regular updates and actualizations are downloaded and applied incrementally in small packages.
This concept conserves system resources and internet bandwidth without any noticeable impact on the speed of the whole network infrastructure and servers, or on endpoints system demands on memory or the CPU.
Component-Based Installation
Apart from the required components, ESET allows you to choose to install only those components you need:
– Real-Time File System Protection
– Web and Email Protection
– Device Control
– Graphical User Interface (GUI)
– ESET Log Collector
– and others
Remote Management
ESET Mail Security is fully manageable via ESET Remote Administrator. Deploy, run tasks, set up policies, collect logs, and get notifications and an overall security overview of your network – all via a single webbased management console.
ESET Log Collector
A simple tool which collects all logs relevant for troubleshooting, assisted by ESET’s technical support, and bundles them into a single archive which can be sent via email or uploaded to a shared network drive to speed up the troubleshooting process.
ESET License Administrator
Makes it possible to handle all licenses transparently, from one place via web browser. You can merge, delegate and manage all licenses centrally in real-time, even if you are not using ESET Remote Administrator.
SYSTEM REQUIREMENTS
ESET Mail Security FOR MICROSOFT EXCHANGE SERVER
Operating systems:
Microsoft Windows Server 2019, 2016, 2012 R2, 2012, 2008 R2, 2008 SP2,
Microsoft Small Business Server 2011, 2008,
Mail Servers:
Microsoft Exchange Server 2019, 2016, 2013, 2010, 2007
Compatible with ESET PROTECT console.
ESET Mail Security FOR IBM DOMINO
Operating systems:
Microsoft Windows Server 2019, 2016, 2012 R2, 2012, 2008 R2, 2008 SP2
IBM Domino 6.5.4 and newer
HCL Domino 11
Compatible with ESET PROTECT console.
E. ESET CLOUD OFFICE SECURITY (CLOUD MICROSOFT 365 PROTECTION)
Anti-spam
Now using an enhanced, award-winning engine with improved performance, this essential component filters all spam emails and keeps user mailboxes free of unsolicited or undesired messages.
Anti-malware
Scans all incoming emails and attachments as well as all new and changed files. This helps keep the user’s mailbox free of malware and prevents the spread of malware through cloud storage across multiple devices.
Anti-phishing
Prevents users from accessing web pages that are known to be phishing sites. Email messages can contain links that lead to phishing web pages. ESET Cloud Office Security searches the message body and the subject of incoming email messages to identify such links (URLs). The links are compared against the phishing database, which is being constantly updated.
Notifications
Notifications greatly improve admins’ efficiency by removing the need to constantly check the dashboard. When a potentially suspicious new activity is detected within ESET Cloud Office Security, it can send out an email to notify admins or users so that they are immediately made aware of the threat.
Automatic protection
With this option enabled, admins can be sure that new users created within the Microsoft 365 tenant will be automatically protected without the need to go to the console to add them separately.
Quarantine manager
An admin can inspect objects in this storage section and decide to delete or release them. This feature offers simple management of emails and files that have been quarantined by our security product. On top of that, the admin can download quarantine items and investigate them with other tools locally.
Multitenancy
Add unlimited tenants and serve multiple companies from a single dedicated ESET Cloud Office Security console.
Rules
ESET’s comprehensive rule system allows administrators to manually define email filtering conditions and actions to take with the filtered emails.
SYSTEM REQUIREMENTS
Supported browsers
Mozilla Firefox
Microsoft Edge
Google Chrome
Opera
Safari
Note: For the best experience with the ESET Cloud Office Security, we recommend that you keep your web browsers up-to-date.
Following is required to start your Microsoft 365 protection
Supported Microsoft 365 subscription plan
Admin access to Azure Active Directory (Azure AD)
Azure Cloud Services – Exchange | OneDrive | Sharepoint | Teams
An account in ESET Business Account or ESET MSP Administrator portal
F. ESET FULL DISK ENCRYPTION
All products managed from one console
ESET Full Disk Encryption works within the ESET PROTECT console, helping administrators to save time thanks to familiarity with the existing management environment and concepts.
Fully validated
Patented technology to protect data for businesses of all sizes. ESET Full Disk Encryption is FIPS 140-2 validated with 256 bit AES encryption.
Powerful encryption
ESET Full Disk Encryption encrypts system disks, partitions and entire drives to ensure that everything stored on each PC or laptop is locked down and secure, protecting you against loss or theft.
Cross-platform coverage
Manage encryption on Windows machines and native macOS encryption (FileVault) from a single dashboard.
Add additional devices at any time
You can increase the number of devices covered by your license at any time.
Single-click deployment
Manage full disk encryption across your entire network from a cloud‑based console. ESET PROTECT single pane of glass allows admins to deploy, activate and manage encryption on their connected endpoints with a single click.
Password policies
Admin can set mandatory password attributes, number of passwords retries, and expiry period. From a policy setting it is possible to grant a user the option to change their password whenever they want to.
SYSTEM REQUIREMENTS
Supported operating systems:
Microsoft Windows 7, 8, 8.1, 10
macOS 10.14 (Mojave) and higher
Requirements
deployed ESET PROTECT console on-premises
G. ESET DYNAMIC THREAT DEFENSE (CLOUD SANDBOX)
Ransomware and zero-day threats detection
Detect new, never-before-seen types of threats. ESET utilizes three different machine learning models once a file is submitted. After that, it runs the sample through a full sandbox, simulating user behavior to trick anti-evasive techniques. Next, a deep learning neural network is used to compare the behavior seen versus historical behavioral data. Finally, the latest version of ESET's scanning engine is used to take everything apart and analyze it for anything unusual.
Granular reports
An admin can create a report of ESET Dynamic Threat Defense data in the ESET PROTECT console. They can either use one of the pre-defined reports or make a custom one.
Transparent full visibility
Every analyzed sample status is visible in the ESET PROTECT console, which provides transparency to all data sent to ESET LiveGrid®.
Automatic protection
The endpoint or server product automatically decides whether a sample is good, bad or unknown. If the sample is unknown, it is sent to ESET Dynamic Threat Defense for analysis. Once the analysis is finished, the result is shared, and the endpoint products respond accordingly.
Mail Security protection
Not only does ESET Dynamic Threat Defense work with files, but it also works directly with ESET Mail Security, to ensure that malicious emails are not delivered to your organization.
Mobility
Nowadays, employees often do not work on the premises. The Cloud Sandbox analyzes files no matter where users are.
Proactive protection
If a simple is found suspicious, it is blocked from execution while ESET Dynamic Threat Defense analyzes it. That way, potential threats are prevented from wreaking havoc on the system.
Tailored customization
ESET allows per-computer detailed policy configuration for ESET Dynamic Threat Defense so the admin can control what is sent and what should happen based on the receiving result.
Manual submission
At any time, a user or admin can submit samples via an ESET compatible product for analysis and get the full result. Admins will see who sent what and what the result was directly in the ESET PROTECT console.
SYSTEM REQUIREMENTS
A working ESET Business Account or ESET MSP Administrator account synchronized with a ESET management console
ESET PROTECT on-premises console deployed
Version 7.x of compatible ESET security products installed or newer
A Valid license for ESET Dynamic Threat Defense or bundled solution license with Cloud Sandbox component included
Activated Security products with ESET Dynamic Threat Defense License
ESET Dynamic Threat Defense enabled in policies for compatible Security products
Network requirements on opened ports
H. ESET PROTECT On Premises
ESET Remote Administrator Server
ESET Remote Administrator’s server component can be installed on Windows as well as Linux servers and also comes as a virtual appliance. It handles communication with agents, and collects and stores application data in the database.
Independent Agent
The agent is a small application that handles the remote management communication and runs independently of the security solution itself. It connects to ESET Remote Administrator and executes tasks, collects logs from ESET applications, interprets and enforces policies, and performs other tasks, e.g. software deployment and general computer monitoring. As the agent executes tasks and interprets server logic locally, it reacts to and eliminates security issues even when the client is not connected to the server.
Web-Console
The front-end component of ESET Remote Administrator, the web-console, manages everyday network security. It has a role in interpreting the data stored in the database, visualizing it in the form of cleardashboards and lists with drill-down capabilities, and commands the agents and other ESET applications. In addition, it offers a huge array of customization options to suit the needs of any administrator by providing an easy “look & see” overview of the entire network’s security.
ESET Remote Administrator Proxy
The proxy handles collection and aggregation of data from machines in distant locations and forwards it to the centralized ESET Remote Administrator server. Remote locations no longer require ESET Remote Administrator server installation; the proxy alone will suffice. It’s possible to install several proxies in large and complex environments and connect them to a central server. The hierarchy and access rights are enforced by the central server, and through its access rights structure.
Rogue Detection Sensor
This component of ESET Remote Administrator is used to discover unprotected and unmanaged machines in the network by listening to their traces. It provides the administrator with improved visibility of all devices located within the corporate network. Discovered machines are immediately
located and reported in a predefined report allowing the admin to move them to a specific static group and proceed with management tasks.
Multi-Platform Support
ESET Remote Administrator runs on both Windows and Linux machines. The general installer deploys ESET Remote Administrator, including server, database and other components, in one step. The admin can also install component-by-component, or deploy as a virtual appliance.
ESET License Administrator
Makes it possible to handle all licenses transparently, from one place via web browser.
You can merge, delegate and manage all licenses centrally in real-time.
Endpoint Deployment
ESET Remote Administrator offers several methods of endpoint deployment, making the process smooth and quick. All installers’ metadata is stored on the server, so it’s easy to utilize different installers for different customers (useful for MSPs) or create groups with specific settings, policies or license credentials.
Multi-tenancy
A single instance of ESET Remote Administrator can serve multiple independent users with specific access and privileges – while the user cannot see the data of other users. It is also possible to grant three levels of access to each object – read / use / write – as well as granular access settings for different types of tasks. Multi-tenancy is ideal for large enterprises with one centralized server and different admins managing only endpoints in their respective locations, or for MSPs managing multiple customers from a single server but who need to ensure that customers are not able to see the data of other users.
Secure Peer Communication
ESET Remote Administrator now utilizes the Transport Layer Security (TLS) 1.0 standard and employs its own created and distributed certificates to digitally sign and encrypt communication between the solution’s individual components for peer identification. The admin can build a public key infrastructure (PKI) with certificates and certification authority during the installation process, or at a later date. Alternatively, admins can choose to use their own certificates. Certificates are then assigned during the deployment of each ESET Remote Administrator component, resulting in secure communication and a secure network environment.
2FA-Protected Login
To validate the identities of users logging in to ESET Remote Administrator, it’s possible to enable twofactor authentication (2FA) directly from the web console. Up to 10 accounts can be 2FA-protected for free. After a simple self-enrollment directly from the web-console, the user will receive a link via SMS to download the ESET Secure Authentication mobile app – which is then used to generate random onetime passwords. Once 2FA is set up, one-time passwords are used to complement and strengthen the authentication process.
Integrated ESET SysInspector®
ESET SysInspector is a diagnostic tool that helps troubleshoot a wide range of system issues and is integrated into the ESET Remote Administrator web-console. The admin is able to view all generated SysInspector snapshots directly for a particular client. This allows the admin to track-back security incidents or system changes chronologically.
Dynamic and Static Groups
ESET Remote Administrator uses a client-centric approach, similar to the Active Directory with which ESET Remote Administrator syncs automatically, and adopts its group structure. Clients can be assigned to either static or dynamic groups. The admin sets inclusion criteria for a dynamic group; thereafter, any client that meets these criteria is moved automatically to the respective dynamic group. It is also
possible to assign a policy to a dynamic group, with this policy applied to clients upon entry to the respective dynamic group and withdrawn upon exit. This happens without any admin/user interaction.
Policies
The admin can define policies per security product and clearly specify their mutual relationship. Policies are executed on the agent, so even without a connection to the ESET Remote Administrator server the agent is able to apply policies assigned to a specific dynamic group in the event that a client enters that dynamic group. For even easier management, the admin can choose from predefined policy templates for each ESET security product, according to the needs of various clients, e.g. applying specific policy templates for laptops or servers, and restrictive or soft policies.
Triggers
By configuring triggers, the admin is able to define if and when a specific task is executed. Triggers can be paired with dynamic groups and execute the tasks on a client once it enters the group. Scheduled triggers provide the ability to specify task execution according to date, time, day and repeat frequency.
Tasks
Tasks are created in wizard-style steps and clearly sorted for various ESET security products; this also includes pre-configured tasks.
Reports
Admins can choose from pre-defined report templates or create custom ones, just using a selected set of data and values. ESET Remote Administrator collects only data which is necessary for generating reports, with the remaining logs stored on the client, resulting in better database performance. Each report template can be viewed in the web-console as a dashboard element to provide the administrator with an excellent real-time overview of network security, including drill-down possibilities. What’s more, it allows action to be taken if necessary. Apart from displaying reports via web-console, they can be exported to a PDF / PS / CSV and saved to a predefined location or sent as an email notification report.
Notifications
It’s critical for administrators to get notification of any security issues happening in the network, in order to react immediately. The admin can configure notification options via a wizard-style series of steps, or use any of the predefined notification templates. Templates can be mapped to the specific dynamic group memberships of clients or triggered by specific indications or events as they are recorded in event logs.
IBM QRadar Integration
All major ESET events are exported in LEEF format, which is natively recognized by IBM QRadar. ESET Remote Administrator is shown as a “Log Source” for these events in the IBM QRadar console.
SYSTEM REQUIREMENTS
- Supported operating systems
Windows Server 2012, 2012 R2, 2016, 2019
Windows Storage Server 2012 R2, 2016
Microsoft SBS 2008, 2011
Ubuntu, RHEL Server, CentOS, SLED, SLES, OpenSUSE, Debian
- Deployment in Microsoft Azure
See ESET's remote management console as a virtual machine in Microsoft Azure Marketplace.