chockomonkey 1 Posted December 6, 2017 Share Posted December 6, 2017 I've historically just used ESET's default configurations for their product deployments. However, as I'm completely new to ESET File Security, I'm curious if there are any best-practice guides for setting this up for Windows domain controllers. I've been unable to find anything like this in the knowledge base. I used ERA to deploy these installations and during the installer creation I was able to select a built-in policy (Antivirus - REal-time scanner only) which claims that it is "Optimized performance for server." Is this the best-practice for File Security deployments? Thanks all! Link to comment Share on other sites More sharing options...
ESET Staff filips 44 Posted December 12, 2017 ESET Staff Share Posted December 12, 2017 Hi, all ESET server products are designed to run fine with the default configuration. We don't have any additional configuration steps for domain controllers. The policy you mentioned is definitely not a best-practice for EFSW deployments. You would sacrifice some security features for performance - while it disables some less important protections (e.g. Web and email), it disables HIPS as well. Link to comment Share on other sites More sharing options...
chockomonkey 1 Posted December 28, 2017 Author Share Posted December 28, 2017 Thanks for the reply, filips. How exactly do I apply the default configuration? For Endpoint there is a "Balanced" policy, but there isn't such a policy for File Security. Is it simply in the absence of a policy it uses the default config? admindt 1 Link to comment Share on other sites More sharing options...
ESET Staff filips 44 Posted January 2, 2018 ESET Staff Share Posted January 2, 2018 That's true - You don't need to apply any policy to run the product with default configuration Link to comment Share on other sites More sharing options...
chockomonkey 1 Posted January 2, 2018 Author Share Posted January 2, 2018 Thanks for the confirmation, but your answer leads me to another question-- In the case that I want to change something via policy (so that i can apply the desired change to multiple computers), does the lack of a default policy in Remote Administrator means I have nothing to tweak? Or, if I create a new policy myself, is it in the default state out of the box so that I could apply it with minor things changed? Or perhaps, do policies work like Group Policy for windows servers--in that, only what you set or change in the policy is actually pushed to the workstation? Link to comment Share on other sites More sharing options...
ESET Staff filips 44 Posted January 2, 2018 ESET Staff Share Posted January 2, 2018 (edited) You can create a new policy (it will be in default state) and apply only some changes to settings. And/or you can also use the policy to force the default value - so it cannot be changed using UI on client. Some resources: https://support.eset.com/kb5928/?viewlocale=en_US https://support.eset.com/kb3594/?locale=en_US Edited January 2, 2018 by filips Link to comment Share on other sites More sharing options...
chockomonkey 1 Posted January 2, 2018 Author Share Posted January 2, 2018 Thanks so much filips. Link to comment Share on other sites More sharing options...
Recommended Posts