Matus

Hi guys. We're very sorry for the inconvenience. We'll surely adjust a tooltip. To your question, why suddenly it starts to appear is that we've added a new message in case license is not available and it was implemented in current AV module 1548. In next version 1549 we'll also provide a more specific description of the error in computer details > alerts. Also, we've adjusted behavior in an environment with ESET proxy, so in case you have licensed EDTD and you experienced some issues, it should much better. Thank you for understanding and we're really sorry for inconveniences.

Hi Guys, if there is a portion of endpoints which reports some error message please check, if a particular endpoint has EDTD license. Go into ESMC Computers > Show details If you don't have it, for such endpoints you'll need to do a new activation task. We've started to show proper information via module update, that why it's sudden. We're also working on a way how to add such endpoints into Dynamic Group in ESMC so some "join dynamic group trigger" or recurrent activation task can be planned.

Hi Brandobot, you can find logs from installation in /var/log/install.log, however, please know that there is more information than just log from ESET products. I'd strongly recommend contacting support directly - https://www.eset.com/us/support/contact/?intcmp=btn-support-request#/business-support/install-activate-endpoint-product/install-endpoint Thank you

exactly:)

Hi EJ, It works a little weird due to architecture which is solved in v7. Let me explain. By executing OD scan in webGUI or command line "esets_scan", settings from product (esets.cfg) (or ERA policy) are not applied. You'll need to use parameters (check -h). In such case, please use following task: sudo /opt/eset/esets/sbin/esets_scan --exclude="/root" /root executing scan from ERA uses utility /opt/eset/esets/lib/esets_sci which is checking esets.cfg file and in such case it'll exclude what is defined. This is however not usable much for executing via command line as you get no output into console when you use esets_sci Does it make sense for you?

Unfortunately there is nothing smart... as smart I mean that it'll detect automatically what is local drive and what is shared mount. In such case only option (v4.5.x) is to do an exclusion - in ERA/ESMC policy > Antivirus > Exclusions > Files and folders to be excluded from scanning :set there mount points of shared drives. Hopefully if you have multiple servers, they're mounted on the same spot so one policy can solve that issue for all. We're very sorry for inconvenience.

Hi EJ, this function is currently not supported and will be supported with new version 7 (right now it's still not supported in current beta 1). You can however play with it if you like. To sign up for testing, please follow this thread:

Yes, it's known and will be fixed in upcoming update. Seems that there is some miscommunication. We're sorry.

Hi J-gray, we're looking into these issues and splash screen as well as kernel extension error will be fixed within next update planned for beginning of the new year.

Hi Vqhuy, as vShield is End of Life (https://kb.vmware.com/s/article/2144733), I'd advise you to deploy VMware NSX (only part responsible for AV which is free, not networking stuff). In such case, please find compatibility list here: https://www.vmware.com/resources/compatibility/search.php?deviceCategory=security&details=1&partner=611&page=1&display_interval=10&sortColumn= &sortOrder= What you're interested in Guest Introspection (successor to vShield) with documentation available here: https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/com.vmware.nsx.admin.doc/GUID-049EF8ED-224C-4CAF-B6E7-1CD063CCD462.html Long story short, you can deploy newest NSX on vCenter 6.5 with ESXi 6.0 and it'll run fine.

Hi da_yoshman, There should be no negative impact in case latency to ESLC is in acceptable numbers. Unfortunately, it's not possible to say how much impact did Cache brought to you. All connected endpoints did 160.000 requests to Cache for the result, however, it's not clear how many of them received a valid result of a scan. In case you've same files which are not whitelisted, it could bring benefit. However, it might happen that there are stored scan results of files which don't exist on other computers, so these results did not provide any benefit to other computers.

Hi Matthew, Please could you submit all logs to support team for further investigation? Have you enabled "Live Grid Feedback system" when installed directly or "Submit anonymous statistics" in ERA/ESMC policy? This would send us crash logs immediately once it happens. Thank you

Hi VolksDude, the current version is not compatible with vSphere 6.7. We're working on it and it should be available within the next few months, including certification. Thank you for understanding.

Hi Davidenco, XenServer is officially not supported nor tested on regarding .ova, only VMware infrastructure. Unfortunately, it's currently not planned to include support for XenServer, but we'll add it to our Customer Wishlist. For such usecase, I'd recommend to install ESLC as a standalone component on CentOS, where you get full control over everything. Thank you for understanding and sorry for inconveniences.

Hi davidenco, The appliance is closed without access to the shell. In case it doesn't fit you, it's possible to download standalone installation file: https://www.eset.com/int/business/server-antivirus/shared-local-cache/download/#installer-package and install everything by yourself with all the management benefits. If you want to update existing VMtools, which are already included in ESLC, please do an update of the operating system via appliance UI. New VMware tools will be downloaded from VMware YUM repository. Thank you

Hi DarylI, thank you for your answer. I got a better picture now so I can provide a more relevant answer. First of all, unfortunately, a current version of ESET Remote Administrator doesn't handle non-persistent VDIs very good. In case the new machine is created, it'll appear as new machine and it's not linked with old one. This is something which is already in progress and will be fixed in next version of ESET Remote Administrator (ERA) in the middle of the year. Another thing is, that 50,000 VDs at the same time is too much for Virtual Agent Host (VAH) component, which responsibility is to connect ESET Remote Administrator with VMs. All virtual machines would be protected without any issues, however in case of assigning new policy, creating new tasks or transfers of logs fro VMs to ERA would be very slow. It would be great if there would be multiple VAH components deployed, but current limitation is 1 VAH per 1 NSX Manager and VMware limits is 1 NSX Manager to 1 vCenter. In case you'd manage this infrastructure with multiple vCenters where you'd have deployed multiple NSX Managers, you could have multiple VAH components. From our tests it seems that 20,000 VMs is max which VAH is able to handle and personally I'd recommend lower number. ESET Remote Administrator can however handle 50,000 machines without any issues (you'll need however appropriate HW on that server, see links above). In case of further questions, do not hesitate to contact me. Thank you very much.

Hi Daryll, thank you for your answer. Regard ESET Remote Administrator, for detail sizing of ESET Remote Administrator, please check our documentation: http://help.eset.com/era_install/65/en-US/index.html?infrastructure_sizing.htm http://help.eset.com/era_install/65/en-US/index.html?installation_deployment_scenarios.htm ESET Remote Administrator does not support clustering for the case you have described. For such installation, ERA Proxy should be used, and then reporting to one centralized server. Regarding ESET Virtualization Security for VMware, we're currently evaluating your scale. Are you willing to deploy VMware agent-less protection, not standard ESET Endpoint, right? Can you tell us, whether those VDIs are persistent or non-persistent? Thank you very much.

Hi Daryll, There is no official scaling document yet. Please, could you tell us, how many VMs do you have per Host (interval) and how many hosts do you have? Thank you

Hi Tommy, as data in ESLC are not permanent and serves as a cache, it doesn't make any sense to backup them. What I'd advise you is to do a VMware snapshot after configuration and putting offline. Basically, data which were in cache 2 days ago are not valid now (due to updates in ESET product modules, which could change the cached results)...

Hi Randy, did you follow precisely manual for installation: http://help.eset.com/evs_nsx/16/en-US/installation_nsx.htm ... and I mean really precisely? What exactly do you mean with "upload NSX"? How customize template is after uploading NSX? Flow should be: assuming VMware NSX manager and everything is configured download and deploy evs_nsx.ova ... during this process, you'll customize template ( https://download.eset.com/com/eset/apps/business/evsa/nsx/latest/evs_nsx.ova ) connect to deployed template and choose "register to NSX manager" go to VMware vCenter > Networking & Security > Installation > Service Deployment > Add ESET Service (Virtualization Security Appliance) Please inform me if that helps. Thank you very much

Hi Hungtt, I'm glad you deployed it successfully. We're aware about this information, which might be confusing. As you followed installation guide I believe, everything went smoothly.

Hi Superzpy, Yes, Windows 10 and Server 2016 are supported by EVS for NSX. I'd recommend you to do some POC with our partner to help you onboarding with ESET Virtualization Security

Hi Superzpy, I'd like to correct Peter a little, unfortunately version for vShield doesn't support that version, only version for NSX, which is only product in full support. In case you've migrated/plan to migrate to v6.5, please consider upgrading vShield Manager to NSX Manager. Thank you for understanding

Hi Rimvydukas, currently if you would like to use own certificate from ERA for vagent host, you have to deploy it with pre-installed certificate and then using ERA policy for vagent host change certificate to your own from ERA list. Please tell me if you were able to do that.

Hi Hungtt, In current version we're officially compatible with NSX 6.2. You can find list of supported OS here: https://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.admin.doc/GUID-D04D1521-8EBC-449F-AD57-EF829075A25D.html With next update, we'll introduce support of NSX 6.3 and list can be found here: https://pubs.vmware.com/nsx-63/index.jsp#com.vmware.nsx.admin.doc/GUID-D04D1521-8EBC-449F-AD57-EF829075A25D.html We're working on Linux OS support in same update. List of supported Linux OS is available here: https://pubs.vmware.com/nsx-63/index.jsp#com.vmware.nsx.admin.doc/GUID-636788A7-BB64-483A-A48D-4E62B3AFC0C8.html Thanks!