bbahes

Welcome to the club! We haven't switched from v5 to v6 at all. Just testing releases in test lab. And as I see we won't. As for reverting to v5...you will have to do everything from scratch. You have option to get old license key file from https://ela.eset.com/portal.

It's not that I think that their support in Croatia is not capable of handling my requests, they did several times, but all they did is to redirect me to KB article which sometimes did not solve my problem. However they will, like once they did, say they will forward request to developers, or announce feature that never came and never report back. I'm posting here in hope that some of ESET developers actually read forums or at least they get direct messages through support team in forum.

In my test lab I had tested most scenarios for deployment. Including AD and custom scripts. However I expect for money I pay, solution that does this for me. I would understand this manual approach if ESET was open source project, but they are commercial company and I am their customer...well until February next year

Spending that amount of money is not that much. But if you count that we would have to invest in hardware (server, ups) as well in license (CALs) than amount you speak about goes up Paying 2000 € every year just to make my own scripts? I know it's possible, but where is value in that software then if I have to make everything on my own...

You should discover already with the new model ERAv6 comes a new way to do the things. The key is deploy the agent, after I do whatever I want. (that's the theory at least) "(this is what most of other solutions do)", By experience not always the "others" do is the only way to do things or "the best". "all paths lead to Rome" (not accurate but valid as example I trying to say). The problem with small to medium companies is that management does not want to invest in IT infrastructure that often. So at the moment in network with nearly 100 clients we don't have active directory, or solution to deploy Agent automatically. Also we have large amount of client notebooks that don't have any access to internet. So we are left with manual deployment. We have tested other solutions and they do offer single installer for agent and security solution. I don't see any reason why ESET shouldn't be able to produce same thing. I agree with you that "what others do isn't allways the best way to do". It's what I have been saying about ERA web interface from first release.

Unlike older versions of ERA, ERA v6 is slow and non intuitive. Even in v5 I used syslog as first thing that would alarm me of virus on network.

What issues are you having with ERA 6.2 that haven't been addressed? - Protect Agent on clients via password (I was able to remove agent as user that had admin privileges, I was not asked for password I set in Access setup via policy). - Protect Security products via password (even after I applied policy for Access setup - Password protect settings I was able to access settings. Only after hiding interface via policy I was unable to access interface permanently) - Program Component Updates via Offline Mirror Tool (my clients that don't have access to internet need central LAN repository for all updates, not just antivirus database. My guess was that you will integrate this in ERA interface and not make it seperate tool. Will this be possible in future?) - Make offline installer feature (just like live installer) that would install era agent and security product installed together on client. Have this installer preconfigured with settings for cennecting to ERA server. (this is what most of other solutions do) - Syslog (bring back logging to syslog I don't want to look at slow ERA V6 at all for threats) - Console (bring back console for people who want to use it. Better yet, create pool for that, you might get surprised) - Clients don't apply policy immediately after they connect to ERA (tested with ERA appliance and virtual Windows 10 clients) - Make detailed documentation (because your documentation is already missing some good explanation of this entire V6 product I suggest that you stop with pools and make full documentation. I have never seen anyone make pool for documenation. If you make pool for what features we want that would be cool. Making this pool on general website and social sites would help in number of voters.)

I admire you for upgrading from v5 to v6 at first place. We are still on v5. I'm running 6.x only on test machines. 6.2 proved to me that it's not ready for production. They pointed out that they will ship several major releases until end of year. So I'm waiting for few more releases to make decision to move away from ESET to other product.

I was able to uninstall agent even with this protection on. If I try to uninstall security product it asks for password I set in policy.

I have decided to put my questions in seperate topic since there are no replies in original. 1. Where is this tool located in ERA appliance? 2. Is there more documentation to this tool other than hxxp://help.eset.com/era_install/62/en-US/mirror_tool_linux.htm 3. Why did you decide not to include Program Component Updates in Offline Mirror? Will you enable this in 6.3?

Hi! Is it possible to protect agent from uninstall on clients with admin privileges like security products?

Do you have guide on how to setup "Offline Mirror Tool" feature? Edit 1: I have found one in: hxxp://help.eset.com/era_install/62/en-US/mirror_tool_linux.htm Edit 2: Why did you decide not to include Program Component Updates in Offline Mirror? Edit 3: Where is this tool located in ERA appliance?

How many users requests? I didn't ask for this. It's is a great NAC like feature, but ESET should not have turned ERA into a 'duck' on the process. In my case: Everything works with ERA 5 for the 6k+ clients in 16 places. ERA 6 didn't hit 10 success implementations. I know that is your job to calm things down, but really, ESET should admit failure on releasing this before it's time. At least in my country ESET ended not recommending to use ERA 6 until further notice. Which country? It certainly looks as unfinished product. I think they saw competition moving their solutions to web based management at faster rate and sadly they thought they should move to web too. But they did it at quality cost. Cloud and web are cool. But my suggestion to ESET would be to design hybrid solution. Cloud ERA as backup in case of disaster, virtual applicance or server beeing brought down for various reasons. We are still on v5 and now in plan to test latest release 6.2 to check is it improved over 6.1 release.

ERA 6.2 will bring a command line tool for creating a mirror which you can subsequently make available to clients via Apache (or another http server) or network shares. Thank you! I have many clients in LAN that don't have any access to internet.

Agent is good thing since they are here to ensure client is getting policy enforced even when not present in LAN, like notebooks. It's common approach in antivirus industry as I've seen. My guess is they will eventually offer cloud solution like most antivirus solutions already do. So eventually agent could be told to enforce specific policy when it's connecting to cloud ERA or LAN ERA....

You can manage your license (e.g. deactivate particular seats) and check its status via ela.eset.com. To speed up pushing a task. send a wake-up call to the desired client(s) and they will connect to ERAS momentarily, if reachable. Should you come across any further issue, feel free to ask. ERA 6 is a brand new generation of ERA and it's not just a simple upgrade of ERA v5. Also we're about to release ERA 6.2 within a couple of days which will bring further enhancements requested by users. Are you bringing mirror server feature to ERA server?

Basically with ERA creating a local mirror, much more data will be downloaded compared to the scenario when clients update regularly via an http proxy server. The difference can be 100-200 MB in favor of updates via an http proxy. That seems false in my setup. I have a server and less than 30 computers. The proxy cache folder is larger than 700mb since installation, and definition downlaods seems AS slow as over the internet. (the proxy is being used, if i turn it off, updates fail straight away). If i make a mirror on any of my computers, and point the rest to it, definition downloads are lightning fast, and the mirror folder is less than 400mb. My guess is that you will have to change policy for clients to stop using proxy if you stop proxy service...they are trying to download updates via proxy which, tries to connect to ESET servers on their behalf and is now down... But in that case, they will, naturally, connect directly to ESET servers.

Just to rename client in ERA we have to use task? Or do you mean renaming client hostname from ERA?

Do you have patch management over servers? Maybe it's related to Microsoft Security Updates... Maybe you can provide trace file here to support?

Regarding temporary user profile, I've had this issue since I installed ESET V5 from first day...but haven't been unable to track what problem is. I still have this issue from time to time have on clients. I've never tested File Security with ERA V6. We are still on V5. Did you test before deployment? Also, what version of File Security did you install on servers?

I didn't have a problem with this - HIPS was disabled in the program's gui on the client. However, why one would like to disable HIPS and lose other important protection layers, such as Exploit blocker and Advanced memory scanner, which can block a huge number of threats upon execution if malware makes it through all other protection layers? That's in fact good. Any exclusion creates a security hole as potential malware in excluded files or folders would remain undetected even if ESET was able to block it otherwise. Wildcards are supported for folders and files, however. If you need to use exclusions, I'd strongly suggest consulting it with Customer care as there's a chance we would be able to solve possible issues in a safe manner. Updates are run via update tasks in Scheduler and this is how it has worked since v2. So you basically need to set up 2 update profiles, each with different setting for updates in different networks. Then you need to create a new update task or edit the existing one and select the primary and secondary update profile. I for one can't think of how this could be made simpler. If you want to discuss particular issues or have questions or suggestions, please create a new topic for each. You made it little bit more simpler in V6 compared to V5. I could imagine few ways to make it simpler and more configurable...Update Server first comes to mind

Well considering I have purchased a large quantity of licenses of your software that I am unable to put on my endpoints because of the problems with ERA I would like more of an answer than "a few weeks" that I have been hearing for about two months now. I think we can all agree that ERA 6.1 is not usable in its current state. But hearing "a few weeks" encourages me to begin spending my time searching for an alternative a/v product. I don't think we should expect too much from this release. Also, it would be really good practice for ESET to start developing their software much like Microsoft started with Windows 10. Speak more publicly about coming changes and new features. Open insider program. That way people would get used to new things, suggest their ideas, vote for features, and better understand why all these new changes. Start talking to your customers. Developing software in secrecy is old school....

It's not lie that commercial enterprise class databases have better performance than free open source alternatives. It's good thing that ESET offered alternative to MSSQL unlike some other antivirus solutions. From what I know you would have to have thousands of clients that are geographically dispersed in order to feel performance hit if on MySQL.

This is the part that I (and my guess, lots of other people here https://forum.eset.com/topic/4301-not-happy-with-era-6/) love most...there is no way to control what you download from ESET and what gets on clients! Client's, once successfully activated via ERA, on their own connect to ESET servers either directly through your internet gateway or trough proxy and update themselves. ESET tried to alleviate situation and made two KB articles. Notice use of word "mirror" "How do I set up a mirror server for ESET Remote Administrator using Apache HTTP Proxy? (6.x)" hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3637 "How do I configure an ESET Endpoint Security or ESET Endpoint Antivirus client to function as a Mirror server? (6.x)" hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3641 So you point your clients via Policy whether directly through gateway, proxy, or to mirror created on client and that's all you can do regarding updates. Hopefully clients will report they have updated...if not ERA will flush you with red warnings in dashboard. By the time they all report that they have updated, successfully I hope, new database is out and process starts all over again. Then in "panic" you use Task "feature" and push update task to clients to make sure they did update. Hopefully they got this task before they start already scheduled update task. If not, more red warnings in dashboard of failed task, and failed update...This is what I got in my test environment.

Apache is open source web server that, if configured, can act as http proxy/cache server, and is available for any Linux distribution, so you don't have to use Windows box. You could install Apache on ERA server and point clients via Policy to that proxy, so in a way it looks like update mirror that was used in ERA v5... Unfortunately, ESET did not include Apache for Linux in their ISO and not even on their International web site, so you are left to find out how to install it on CentOS distribution. Last time I read somewhere on this forum, they promised to fix that in next release, and include it as option in ERA installation. I have Ubuntu 14.04.2 LTS in my test environment. Since they have different package system you will have to use different commands than mine to install Apache, something like yum install httpd. But you better double check for CentOS 6.5 version.