kvngselassie

Hello @Marcos and Team,
 
I will want to know how to configure the Micro Program Component Update (MicroPCU) in an environment which is completely closed to the internet with 2 update servers acting as ESET Update Servers On-Prem for load balancing and Bandwidth saving purposes. 
1. Do I have to use the {hxxp://IP_Address:2221} method in the Component Update Section
2. Do I have to use the auto-select feature in achieving the required outcome.
 
Note: the environment is completely closed to the internet.

The latest ESET's products (v13.2 and Endpoint 7.3) are compatible with Windows 10 21H1. There should be no difference in performance after upgrade to Windows 10 21H1.

1, Automatic program update will be supported. While the differential so-called uPCU update has been implemented in our security products for a long time, ESMC is not prepared for it 100% yet. It is one of our top priorities to have this in the next version of ESMC also with regard to Windows 10 21H1 update which will require Endpoint 7.3 or newer.
2, Sending a software install task to clients and getting Endpoint updated shouldn't take long as long as you use a http proxy to cache updates and installers. What could happen is that you didn't use an http proxy and you sent a software install task to many clients at once. Then agent on each client started to download installers which congested your Internet bandwidth.
3, Http proxy generally helps with caching update files and installers. It helps save traffic when you send a software install task, when clients download updates and will also help minimize the traffic when we will release a uPCU program updates in the future as well.

For 6000 clients I would recommend using a dedicated server running the http proxy, especially if you would like to extend your license and take advantage of ESET Dynamic Threat Defense to substantially improve protection of your endpoints against ransomware and other malware.

ESMC is a complex mission-critical product and it's important for administrators that it runs reliably all the time. Upgrade should be performed after backing up the database and at the time when administrators can afford to solve possible issues should something go haywire during upgrade. Likewise administrators do not let server systems upgrade automatically and immediately after the OS maker releases updates not addressing critical vulnerabilities.