MichalJ

Hello, It is not compatible. V5 mirror server won´t work, for updating V6 clients. There are differences in the modules (V5 does not download new modules for V6 products & there were also changes in the communication protocol).

Also, if you were using the older version of the appliance (6.3) I would recommend to try to migrate the database contents to the newer appliance, which is based on CentOS 7, and features the webmin interface, which makes it simpler for upgrading components, as well as the contents of the operating systems. I would suggest following those steps: hxxp://help.eset.com/era_deploy_va/64/en-US/index.html?pull_db_from_other_server.htm Also, we will release a newer version of 6.4 appliance, with couple of fixed bugs either at the end of this, or the beginning of the next week. I would recommend to wait for that one, prior to attempting the database migration.

This feature is already implemented in the code-base, and will be released together with the Endpoint 6.5 / ERA 6.5, which both should be ready until end of the year. However, it might happen, that we will release them publicly in early Q1/2017.

It is possible to uninstall versions of ESET Smart Security / NOD32 Antivirus Home editions using software uninstall task. Current version of the webconsole (6.4.266.0) has a bug, that when you use "software uninstall" task, and instead of "remove 3rd party product" select "remove application from list" you do not see other than business products. This will be fixed next week. Currently, there is a workaround, that you can go to client details, check the installed apps (you have to report all installed apps using ERA agent policy), choose the selected package, and click uninstall. This example below, will uninstall selected instance of ESET Smart Security Premium V10 (early release version available in Slovakia / Czech Republic only), but it will work the same for older versions as well.

Hello, What you should do, is to configure the correct application exclusion for WAP (Web Access Protection). You can do this via application preferences / General / Exclusions / Web&Email and add there the problematic application. Problem obviously is, that you do not know which one it is (as it might differ from versions of OS X and for different user problems). You can however troubleshoot by doing the following: Install the ESET Endpoint Security with Firewall enabled in "default" mode Run X-code Switch off all of the apps / processes which you are able to ... Wait till the network communication reaches the minimal level Switch the firewall to "interactive" mode Run the iPhone simulator, and replicate the problem Remember the apps, which has accessed the internet Add the correct one to the above mentioned exclusions Hope that this helps.

There is a difference between "active threats" dynamic group and "marking threat as resolved in Threats tab". One does not affect the other. Marking threats are resolved is only affecting the "unresolved threats counter" in the computers tab + the corresponding counter in the "threats" tab. The only way, how to remove the computer from the "active threats dynamic group" (as stated above by Marcos) is to run a full in-depth scan with cleaning enabled on the target machine, ideally with the profile set to "strict cleaning". Once the scan is completed, the computer will be removed from the dynamic group. You can automate execution of such task by triggering it by "joined dynamic group trigger", meaning task is started the moment, when the computer enters the dynamic group.

ERA itself has 2FA integrated by the means of ESET Secure Authentication. You can enable it in users settings. What you will need is to install ESET secure authentication app from the respective app-store on your device.

No, this is the correct link: hxxp://help.eset.com/era_deploy_va/64/en-US/index.html?pull_db_from_other_server.htm However, we have identified an issue in the currently released appliance, that prevents sometimes a successful migration. We will release a newer version of ERA appliance next week, so I would suggest to wait for that one.

On top of that, in case of ERA webconsole being accessible publicly, I would recommend a strong password + enabled 2FA for login.

Hello, this is currently not possible.

Reason is, that you have added all license keys directly. Solution would be, to add all of those licenses into one security admin account in ELA and then add this one to ERA. With this setup, you will have all of your licenses in the one view you want.

Hello, as of now, this is not possible. The current security model in ERA V6 works in a way, that you can grant access to groups (static ones) and to functionality modules (tasks / policies ...). Meaning, if you grant access to someone to "tasks" he is able to execute / create / change all of the tasks which are listed in your ERA, however only on the computer which are in groups that they have access to. We are currently working on a larger change of the ERA security model, which should improve the user experience, and allow you to granular control the access rights.

Yes, plus this one: hxxp://help.eset.com/era_install/64/en-US/index.html?difference_connectivity.htm

Hello, I would like to provide you with an update: AFAIK this was solved in the separate thread. There was a change in the live installer scripts, however this was not reflected in the documentation. We will issue a documentation update shortly We are tracking improvement for "IFTTT" (basically be able to selectively run tasks, after another task being executed). Let me please ask you, why a standard "software install" over the V5 version does not work, as this should be a supported scenario (we have a known issue, that this does not work in case of EFSW 4.5 => EFSW 6 upgrade, as restart is needed in between). There are two proxies in the "ERA World". ERA proxy, which allows to aggregate communication from ERA agents to ERA server (could be used for load balancing, or for improving connections of remote branches). Apache HTTP Proxy (which could be installed together with ERA), which is then used for caching of updates, installers, and also forwarding traffic to ESET Servers when needed (live grid, web control, activation servers ...). hxxp://help.eset.com/era_install/64/en-US/index.html?apache_http_proxy.htm/ hxxp://help.eset.com/era_install/64/en-US/index.html?difference_connectivity.htm / hxxp://support.eset.com/kb3639/. You can use any standard web forward proxy with enabled caching instead, you have then to configure it in server settings & policies for agents (advanced / http proxy), and security products (tools / proxy server & updates / use proxy server). It will then route the communication with ESET via this proxy server, and you will benefit from the decreased network load during deployments / software installs / and updates. Joined dynamic group trigger task, is executed every time, when clients enters a dynamic group. This is evaluated by agent, meaning that the task is executed only on the applicable agent. There is no way, how this should affect execution of the task on the other clients in the group (the group view in ERA is only a filter, reported by agents, that they reported membership in such dynamic group) We are working on changing this behavior, so threats will be automatically resolved upon execution of scan task / cleaning / deletion. This is targeted to version 6.5 to be release in December We are working on changing this behavior, so in case a PUA is detected, you will be able to interactively whitelist is. This is most probably coming later, next year. This will be changed in ERA 6.5, which will have a completely new / redesigned internal security model, which will achieve / fix the scenario you are talking about. You would be able to grant granular access to users, they won´t see objects of others.

Basically, policy behavior works as follows: You configure a setting in ERA policy (choose "apply" / "force" flag next to it) - there is no difference between apply / force, except the one, that when you have different overwriting policies, the policy lover in the hierarchy could not overwrite a value, which is set with "force". So the value will be kept from the policy higher in the hierarchy. Please check the documentation about this behavior: hxxp://help.eset.com/era_admin/64/en-US/index.html?admin_pol_flags.htm hxxp://help.eset.com/era_admin/64/en-US/index.html?admin_pol_how_policies_are_applied.htm When you remove the policy, setting remains set on the client (it won´t revert to the default value), unless it is overwritten by a different policy (!) So in this case, it might happen, that the policy number "3" have not set the same set of settings, so the values from the policy number "2" were kept, unless they were overwritten by the policy number "3". So yes, when you remove the policy, settings will be kept, until they are overwritten with a different policy. The difference is, that they are no longer "enforced". So ideally, you should have a "default" policy for each client type set on the "all" group, meaning that if a client for example moves from some dynamic group, the original (desired) settings would be restored. It is described here: hxxp://help.eset.com/era_admin/64/en-US/index.html?admin_pol.htm

Hello, in next few days we will publish an updated .dll for ERA server, that should resolve the timeout issue. We are also working on a service release of ERA webconsole, that would fix some other issues. This one will have to undergo QA process. Once done, it will be available using components upgrade task + we will also repack all of the installers with the new webconsole. We will keep you posted about the progress.

@ Bbahes: You can easily configure a report template for the dashboard, that shows you the current VSDB version reported by clients. You can also configure "maximum database age" in the Endpoint policy, so the client starts reporting a problem with updates, if this is reached (you can set it to one day). This question was already ask, but why you need to know the exact VSDB version, and compare it with the version, that ESET has released (like the data feed from ESET Virus Radar). You still could have a local mirror set-up, which will indicate what is the version on the mirror (you can have two reports). One for mirror, one for the rest. This is tracked as an improvement, and would be possibly resolved in ERA 6.5 (we are currently analyzing the best way, how to do this). @cpetry: The problem with File Security is with the older version, which is currently only in the limited support. Even if you do perform the upgrade locally, restart of the computer is needed. ERA agent currently does not have functionality, that would be able to report task status after a service restart. We are examining options, how to change this behavior for the older versions. I am interested to hear (as well as others were) what other problems you are experiencing with ESET Remote Administrator 6.4? Thank you.

What you have to check is, that how are your updates configured. If you have installed the ESET Remote Administrator using all in one installer / or you use the appliance, you might have checked the option to "install apache http proxy" for updates caching. This creates policies for your agents / endpoints, which instructs them to download updates via http proxy server which is located on the ERA server. The proxy might not be reachable from the remote machines. So check, what policies are applied on the group "all". If there is a policy for "ESET Secuity Product for Windows - HTTP Proxy usage", please make sure, that you create a new policy , where you change those settings (adjust the value in "tools / proxy server" and in the "update profile" to connect directly to ESET servers). Ideally change this also for policies for agents, located in those remote computers. This should resolve your issue.

Yes, and in the window displayed subsequently, you see buttons "add tasks" - which opens you the window (with filters) where you can see tasks previously created / executed on your ERA server.

You should click the "add task" button, which will show you the list of available tasks (already executed ones). This functionality allows you to define a new trigger for already created task (like install previously installed software, run created command, scan with parameters, etc...).

Older appliance is no longer available for download. We recommend downloading the 6.4 appliance which has integrated option for migrating from previous appliance (please consult product documentation for that).

I would not recommend that. As that is basically a standard "AV Remover" feature, that is able to remove any installed antivirus software regardless the vendor (it is 3rd party library integration). According to this KB article, it will also uninstall ESET: hxxp://support.eset.com/kb3527/#removable

Nope, you can adjust the "ESET Remote Administrator Agent" policy, where in section "advanced settings" / "operating system" / "report non-ESET installed applications". Then it will report also other applications.

According to the documentation hxxp://help.eset.com/era_install/64/en-US/index.html?mirror_tool_windows.htmyou should use the parameter --excludedProducts, where you specify the arguments for the versions you do not want to get files for.

So, another update: Workaround: If this happens, open the “Trigger” part, change something in the trigger (e.g. the “Use local time” checkbox), change it back and press “Finish”. We are sorry for the the inconvenience. Bug has been tracked, and will be fixed in the next release of ERA V6 (webconsole).