ESET PROTECT ESSENTIAL On-Prem

BUNDLE SOLUTION

ESET PROTECT ESSENTIAL On-Prem features

A. ESET ENDPOINT ANTIVIRUS

Antivirus and Antispyware
Eliminates all types of threats, including viruses, rootkits, worms and spyware.
Optional cloud-powered scanning:
Whitelisting of safe files based on file reputation database in the cloud for better detection and faster scanning.
Only information about executable and archive files is sent to the cloud – such data are not personally attributable.
Virtualization Support
ESET Shared Local Cache stores metadata about already scanned files within the virtual environment so same files are not scanned again resulting in boosted scan speed.
ESET module updates and virus signatures database are stored outside of the default location, thus these don’t have to be downloaded every time after the virtual machine is reverted to default snapshot.
Host-Based Intrusion Prevention System (HIPS)
Enables you to define rules for system registry, processes, applications and files.
Provides tampering protection and detects threats based on system behavior.
Exploit Blocker
Strengthens security of applications on users’ systems, such as web browsers, PDF readers, email client or MS office components, which are commonly exploited.
Monitors process behaviors and looks for suspicious activities typical of exploits.
Strengthens protection against targeted attacks and previously unknown exploits, i.e. zero-day attacks.
Advanced Memory Scanner
Monitors the behavior of malicious processes and scans them once they decloak in the memory. This allows for effective infection prevention even from heavily obfuscated malware.
Cross-Platform Protection
ESET security solutions for Windows are capable of detecting Mac OS threats and vice-versa, delivering better protection in multi-platform environments.
Anti-Phishing
Protects end users from attempts by fake websites masquerading as trustworthy ones to acquire sensitive information such as usernames, passwords or banking and credit card details.
Device Control
Blocks unauthorized devices (CDs/DVDs and USBs) from your system.
Enables you to create rules for user groups to comply with your company policies.
Soft blocking notifies the end user his device is blocked and gives him the option to access the device, with activity logged.
Idle-State Scanner
Aids system performance by performing full scan proactively when the computer is not in use.
Helps speed up subsequent scans by populating the local cache.
First Scan after Installation
Provides the option to automatically run low priority on-demand scan 20 minutes after installation, assuring protection from the outset.
Update Rollback
Lets you revert to a previous version of protection modules and virus signature database.
Allows you to freeze updates as desired – opt for temporary rollback or delay until manually changed.
Postponed Updates
Provides the option to download from three specialized update servers: pre-release (beta users), regular release (recommended for non-critical systems) and postponed release (recommended for company-critical systems – approximately 12 hours after regular release).
Local Update Server
Saves company bandwidth by downloading updates only once, to a local mirror server.
Mobile workforce updates directly from ESET Update Server when the local mirror is not available.
Secured (HTTPS) communication channel is supported.
RIP & Replace
Other security software is detected and uninstalled during installation of ESET Endpoint solutions.
Supports both 32 and 64‑bit systems.
Customizable GUI Visibility
Visibility of Graphical User Interface (GUI) to end user can be set to: Full, Minimal, Manual or Silent.
Presence of ESET solution can be made completely invisible to end user, including no tray icon or notification windows.
By hiding the GUI completely, the “egui.exe” process does not run at all, resulting in even lower system resource consumption by the ESET solution.
ESET License Administrator
Makes it possible to handle all licenses transparently, from one place via web browser. You can merge, delegate and manage all licenses centrally in real-time, even if you are not using ESET Remote Administrator.
Touchscreen Support
Supports touch screens and high-resolution displays.
More padding for and complete rearrangement of GUI elements.
Basic frequently used actions accessible from tray menu.
Low System Demands
Delivers proven protection while leaving more system resources for programs that end users regularly run.
Can be deployed on older machines without the need for an upgrade, thereby extending hardware lifetime.
Conserves battery life for laptops that are away from the office, using battery mode.
Right-to-Left Language Support
Native right-to-left language support (e.g. for Arabic) for optimum usability.
Remote Management
ESET Endpoint solutions are fully manageable via ESET Remote Administrator.
Deploy, run tasks, set up policies, collect logs, and get notifications and an overall security overview of your network – all via a single web-based management console.

SYSTEM REQUIREMENTS

• Included products

ESET Endpoint Antivirus for Windows
ESET Endpoint Antivirus for Mac
ESET Endpoint Antivirus for Linux

• Supported operating systems

Microsoft Windows 10, 8.1, 8, 7
macOS 10.12 and later
Ubuntu Desktop 18.04 LTS 64-bit and RedHat Enterprise Linux (RHEL) Desktop 7 64-bit

B. ESET MOBILE SECURITY

Real-time Scanning
Ensures that all installation files and installed apps are automatically screened for malware. You stay well-protected against online and offline  threats including viruses, trojans and ransomware.
On-demand Scanning
Whenever you suspect foul play, run a scan on your  phone. It takes place silently in the background, without interrupting your  ongoing activities. Access logs and detailed scan results to check for detected threats.
ESET Live Grid
Ensures real-time protection against emerging threats by using in-the-cloud technology collecting malware samples from ESET product users from all over the world.
USB On-The-Go Scanner
Every connected USB device will be checked first to prevent malware accessing your  smart phone.
Anti-Phishing
Protects against malicious websites attempting to acquire your  sensitive information – usernames, passwords, banking information or credit card details.
Apps Permissions
See which of your  apps has access to what information on your  smartphone or tablet. Also monitors sensitive device settings that can  lower security such as Debugging Mode that can  allow a connection to the system via USB.
Scheduled Scan
Schedule a regular scan for malware at a convenient time – overnight or while the phone is charging if desired.
App Lock
Keeps your  applications safe  against unauthorized access. Additional authentification is required when accessing sensitive apps so content can  be hidden when lending the device to someone.
Automatic updates
Constant updates of your  virus signature database.
Connected Home Monitor
Monitor your  home network easily and with confidence. All devices connected to your  home network are identified and automatically checked for vulnerabilities. Your router is also  monitored to identify vulnerabilities and increase your  level of protection when connected to a new network. Password strength is also  checked and open ports are analyzed.
Proactive Anti-Theft
It acts when it detects suspicious behavior. If incorrect Screen lock (PIN, pattern, password) or unauthorized SIM is inserted, device gets locked and snapshots from phone cameras are automatically sent to my.eset.com. The information includes the phone‘s location, current IP address, inserted SIM details and other data. The user can  mark the device as missing at my.eset.com and start Location tracking or send Custom on-screen Message or even Wipe the device contents.
Custom On-screen Message
Send  a custom message to the missing device to contact the finder. The message will appear on screen even when the device is locked.
Location Tracking
When the device is marked as missing, the location is regularly sent to my.eset.com and displayed on the map, helping you track its position in time. If the device‘s location changes, its location is sent to my.eset.com for up to date tracking.
Camera Snapshots
Snapshots are automatically and regularly sent from the phone‘s front and back camera to my.eset.com if the device is marked as missing. This helps to identify its location or its finder.
Low Battery Alert
When the device is low on battery, its current position and camera snapshots are automatically sent to my.eset.com before the device shuts off.
SIM Guard
Lets you stay in control of your  phone if it goes missing. Your phone will be locked when unauthorized SIM card will be inserted.
Anti-Theft Optimization
Automatic notification when settings are limiting Anti-Theft’s functionality (GPS turned off for example).
Security Report
Gives you a monthly insight into how ESET protects your  device. The report gives you information about the number of scanned files, blocked web pages and much more.
Security Audit
See which of your  apps has access to what information on your  smartphone or tablet. Also monitors sensitive device settings that can  lower security such as Debugging Mode that can  allow a connection to the system via USB.

SYSTEM REQUIREMENTS

• Included products

ESET Endpoint Security for Android

ESET MDM for iOS & iPadOS 

• Supported operating systems

Android 5 (Lollipop) and later

iOS 8 and later. ESET MDM for iOS & iPadOS requires ESET PROTECT management console

C. ESET FILE SECURITY

Antivirus and Antispyware
Eliminates all types of threats, including viruses, rootkits, worms and spyware
Optional cloud-powered scanning:
Whitelisting of safe  files based on file reputation database in the cloud for better detection and faster scanning.
Only information about executable and archive files is sent to the cloud – such data is not personally attributable.
Virtualization Support
ESET Shared Local Cache stores metadata about already scanned files within the virtual environment so identical files are not scanned again, resulting in boosted scan speed.
ESET module updates and virus signatures database are stored outside of the default location, so these don’t have to be downloaded every time a virtual machine is reverted to default snapshot.
Hyper-V Storage Scan
Scans Microsoft Windows® servers with enabled Hyper-V role for malware, without a need to have another instance of antivirus product in place. Saves time by scanning the hard-drive contents with no pre-arrangements or system down-time and provides separate reports based on the scan results. For enhanced performance, lower memory consumption and lower CPU usage, scans can  be carried out on virtual machines while they are turned off.
Exploit Blocker 
Strengthens security of applications such as web browsers, PDF readers, email clients or MS office components, which are commonly exploited.
Monitors process behaviors and looks for suspicious activities  typical of exploits.
Strengthens protection against targeted attacks and previously unknown exploits, i.e. zero-day attacks.
Advanced Memory Scanner
Monitors the behavior of malicious processes and scans them once they decloak in the memory. This allows for effective infection prevention, even from heavily obfuscated malware.
Native Clustering Support
Allows you to configure the solution to automatically replicate settings when installed in a cluster environment. An intuitive wizard makes it easy to interconnect several installed nodes of ESET File Security within a cluster and manage them as one, eliminating the need to replicate changes in configuration manually to other nodes in the cluster.
Storage Scan 
Allows you to easily set up on-demand scans of connected Network Attached Storage (NAS).
Combined with ESET Shared Local Cache installed within the network, this can drastically reduce the amount of disk input/output operations on network drives.
Specialized Cleaners 
Provides most relevant critical malware standalone cleaners within the product interface for malware which cannot be removed by the regular cleaner.
Host-Based Intrusion Prevention System (HIPS)
Enables you to define rules for system registry, processes, applications and files.
Provides anti-tamper protection and detects threats based on system behavior.
Anti-Phishing 
Protects you from attempts by fake websites to acquire sensitive information.
Device Control
Blocks unauthorized portable devices from connecting to the server.
Enables you to create rules for user groups to comply with your company policies.
Soft blocking – notifies the end user that his device is blocked and gives him the option to access the device, with activity logged.
Idle-State Scanner 
Aids system performance by performing a full scan proactively when the computer is not in use.
Helps speed up subsequent scans by populating the local cache.
Update Rollback 
Lets you revert to a previous version of protection modules and virus signature database.
Allows you to freeze updates as desired - opt for temporary rollback or delay until manually changed.
Postponed Updates
Provides the option to download from three specialized update servers: pre-release (beta users), regular release (recommended for non-critical systems) and postponed release (recommended for companycritical systems - approximately 12 hours after regular release).
Local Update Server 
Saves company bandwidth by downloading updates only once - to a local mirror server.
Mobile workforce updates directly from ESET Update Server when the local mirror is not available.
Secured (HTTPS) communication channel is supported.
Process Exclusions
The admin can define processes which are ignored by the real-time protection module – all file operations that can be attributed to these privileged processes are considered to be safe. This is especially useful for processes that often interfere with real-time protection, like backup or live virtual machine migration. Excluded process can access even unsafe files or objects without triggering an alert.
Windows Management Instrumentation (WMI) Provider Provides the possibility to monitor key functionalities of ESET File Security via Windows Management Instrumentation framework. This allows integration of ESET File Server into 3rd party management and SIEM software, such as Microsoft System Center Operations Manager, Nagios, and others.
Customizable GUI Visibility 
Visibility of Graphical User Interface (GUI) to end user can be set to: Full, Minimal, Manual or Silent.
Presence of ESET solution can be made completely invisible to end user, including no tray icon or notification windows.
By hiding the GUI completely, the “egui.exe” process does not run at all, resulting in even lower system resource consumption by the ESET solution.
ESET License Administrator 
Makes it possible to handle all licenses transparently, from one place via web browser. You can merge, delegate and manage all licenses centrally in real-time, even if you are not using ESET Remote Administrator.
Component-Based Installation
Allows you to choose which components to install:
– Real-Time File System Protection
– Web protocol Filtering
– Device Control
– Graphical User Interface (GUI)
– E-mail Client Protection
– ESET Log Collector
– ESET SysInspector
– ESET SysRescue
– Offline Help
Remote Management 
ESET Endpoint solutions are fully manageable via ESET Remote Administrator.
Deploy, run tasks, set up policies, collect logs, and get notifications and an overall security overview of your network – all via a single web-based management console.
ESET Log Collector 
A simple tool which collects all logs relevant for troubleshooting, assisted by ESET’s technical support, and bundles them into a single archive which can be sent via email or uploaded to a shared network drive to speed up the troubleshooting process.

SYSTEM REQUIREMENTS

• Supported Windows operating systems

Microsoft Windows Server 2019, 2016, 2012, 2008R2, 2008 SP2
Microsoft Windows Server Core 2016, 2012, 2008R2, 2008
Microsoft Small Business Server 2011, 2008

• Included products

ESET File Security for Microsoft Windows Server
ESET File Security for Linux
ESET File Security for Microsoft Azure

• Requirements for ESET File Security for Linux

Supports the main distributions including RedHat Enterprise Linux (RHEL), CentOS, Ubuntu Server, Debian, SUSE Linux Enterprise Server, Amazon Linux and Oracle Linux.

D. ESET PROTECT On Premises

ESET Remote Administrator Server
ESET Remote Administrator’s server component can be installed on Windows as well as Linux servers and also comes as a virtual appliance. It handles communication with agents, and collects and stores application data in the database.
Independent Agent
The agent is a small application that handles the remote management communication and runs independently of the security solution itself. It connects to ESET Remote Administrator and executes tasks, collects logs from ESET applications, interprets and enforces policies, and performs other tasks, e.g. software deployment and general computer monitoring. As the agent executes tasks and interprets server logic locally, it reacts to and eliminates security issues even when the client is not connected to the server.
Web-Console
The front-end component of ESET Remote Administrator, the web-console, manages everyday network security. It has a role in interpreting the data stored in the database, visualizing it in the form of cleardashboards and lists with drill-down capabilities, and commands the agents and other ESET applications. In addition, it offers a huge array of customization options to suit the needs of any administrator by providing an easy “look & see” overview of the entire network’s security.
ESET Remote Administrator Proxy
The proxy handles collection and aggregation of data from machines in distant locations and forwards it to the centralized ESET Remote Administrator server. Remote locations no longer require ESET Remote Administrator server installation; the proxy alone will suffice. It’s possible to install several proxies in large and complex environments and connect them to a central server. The hierarchy and access rights are enforced by the central server, and through its access rights structure.
Rogue Detection Sensor
This component of ESET Remote Administrator is used to discover unprotected and unmanaged machines in the network by listening to their traces. It provides the administrator with improved visibility of all devices located within the corporate network. Discovered machines are immediately
located and reported in a predefined report allowing the admin to move them to a specific static group and proceed with management tasks.
Multi-Platform Support
ESET Remote Administrator runs on both Windows and Linux machines. The general installer deploys ESET Remote Administrator, including server, database and other components, in one step. The admin can also install component-by-component, or deploy as a virtual appliance.
ESET License Administrator
Makes it possible to handle all licenses transparently, from one place via web browser.
You can merge, delegate and manage all licenses centrally in real-time.
Endpoint Deployment
ESET Remote Administrator offers several methods of endpoint deployment, making the process smooth and quick. All installers’ metadata is stored on the server, so it’s easy to utilize different installers for different customers (useful for MSPs) or create groups with specific settings, policies or license credentials.
Multi-tenancy
A single instance of ESET Remote Administrator can serve multiple independent users with specific access and privileges – while the user cannot see the data of other users. It is also possible to grant three levels of access to each object – read / use / write – as well as granular access settings for different types of tasks. Multi-tenancy is ideal for large enterprises with one centralized server and different admins managing only endpoints in their respective locations, or for MSPs managing multiple customers from a single server but who need to ensure that customers are not able to see the data of other users.
Secure Peer Communication
ESET Remote Administrator now utilizes the Transport Layer Security (TLS) 1.0 standard and employs its own created and distributed certificates to digitally sign and encrypt communication between the solution’s individual components for peer identification. The admin can build a public key infrastructure (PKI) with certificates and certification authority during the installation process, or at a later date. Alternatively, admins can choose to use their own certificates. Certificates are then assigned during the deployment of each ESET Remote Administrator component, resulting in secure communication and a secure network environment.
2FA-Protected Login
To validate the identities of users logging in to ESET Remote Administrator, it’s possible to enable twofactor authentication (2FA) directly from the web console. Up to 10 accounts can be 2FA-protected for free. After a simple self-enrollment directly from the web-console, the user will receive a link via SMS to download the ESET Secure Authentication mobile app – which is then used to generate random onetime passwords. Once 2FA is set up, one-time passwords are used to complement and strengthen the authentication process.
Integrated ESET SysInspector®
ESET SysInspector is a diagnostic tool that helps troubleshoot a wide range of system issues and is integrated into the ESET Remote Administrator web-console. The admin is able to view all generated SysInspector snapshots directly for a particular client. This allows the admin to track-back security incidents or system changes chronologically.
Dynamic and Static Groups
ESET Remote Administrator uses a client-centric approach, similar to the Active Directory with which ESET Remote Administrator syncs automatically, and adopts its group structure. Clients can be assigned to either static or dynamic groups. The admin sets inclusion criteria for a dynamic group; thereafter, any client that meets these criteria is moved automatically to the respective dynamic group. It is also
possible to assign a policy to a dynamic group, with this policy applied to clients upon entry to the respective dynamic group and withdrawn upon exit. This happens without any admin/user interaction.
Policies
The admin can define policies per security product and clearly specify their mutual relationship. Policies are executed on the agent, so even without a connection to the ESET Remote Administrator server the agent is able to apply policies assigned to a specific dynamic group in the event that a client enters that dynamic group. For even easier management, the admin can choose from predefined policy templates for each ESET security product, according to the needs of various clients, e.g. applying specific policy templates for laptops or servers, and restrictive or soft policies.
Triggers
By configuring triggers, the admin is able to define if and when a specific task is executed. Triggers can be paired with dynamic groups and execute the tasks on a client once it enters the group. Scheduled triggers provide the ability to specify task execution according to date, time, day and repeat frequency.
Tasks
Tasks are created in wizard-style steps and clearly sorted for various ESET security products; this also includes pre-configured tasks.
Reports
Admins can choose from pre-defined report templates or create custom ones, just using a selected set of data and values. ESET Remote Administrator collects only data which is necessary for generating reports, with the remaining logs stored on the client, resulting in better database performance. Each report template can be viewed in the web-console as a dashboard element to provide the administrator with an excellent real-time overview of network security, including drill-down possibilities. What’s more, it allows action to be taken if necessary. Apart from displaying reports via web-console, they can be exported to a PDF / PS / CSV and saved to a predefined location or sent as an email notification report.
Notifications
It’s critical for administrators to get notification of any security issues happening in the network, in order to react immediately. The admin can configure notification options via a wizard-style series of steps, or use any of the predefined notification templates. Templates can be mapped to the specific dynamic group memberships of clients or triggered by specific indications or events as they are recorded in event logs.
IBM QRadar Integration
All major ESET events are exported in LEEF format, which is natively recognized by IBM QRadar. ESET Remote Administrator is shown as a “Log Source” for these events in the IBM QRadar console.
SYSTEM REQUIREMENTS

• Supported operating systems

Windows Server 2012, 2012 R2, 2016, 2019
Windows Storage Server 2012 R2, 2016
Microsoft SBS 2008, 2011
Ubuntu, RHEL Server, CentOS, SLED, SLES, OpenSUSE, Debian

• Deployment in Microsoft Azure

See ESET's remote management console as a virtual machine in Microsoft Azure Marketplace.