Jump to content

Best Practices for File Security for Windows Server


Recommended Posts

I've historically just used ESET's default configurations for their product deployments. However, as I'm completely new to ESET File Security,  I'm curious if there are any best-practice guides for setting this up for Windows domain controllers. I've been unable to find anything like this in the knowledge base. 

I used ERA to deploy these installations and during the installer creation I was able to select a built-in policy (Antivirus - REal-time scanner only) which claims that it is "Optimized performance for server." Is this the best-practice for File Security deployments?

Thanks all!

Link to comment
Share on other sites

  • chockomonkey changed the title to Best Practices for File Security for Windows Server
  • ESET Staff

Hi,

all ESET server products are designed to run fine with the default configuration. We don't have any additional configuration steps for domain controllers.

The policy you mentioned is definitely not a best-practice for EFSW deployments. You would sacrifice some security features for performance - while it disables some less important protections (e.g. Web and email), it disables HIPS as well.

Link to comment
Share on other sites

  • 3 weeks later...

Thanks for the reply, filips. 

How exactly do I apply the default configuration? For Endpoint there is a "Balanced" policy, but there isn't such a policy for File Security.

Is it simply in the absence of a policy it uses the default config? 

Link to comment
Share on other sites

Thanks for the confirmation, but your answer leads me to another question--

In the case that I want to change something via policy (so that i can apply the desired change to multiple computers), does the lack of a default policy in Remote Administrator means I have nothing to tweak? Or, if I create a new policy myself, is it in the default state out of the box so that I could apply it with minor things changed? Or perhaps, do policies work like Group Policy for windows servers--in that, only what you set or change in the policy is actually pushed to the workstation?

 

Link to comment
Share on other sites

  • ESET Staff

You can create a new policy (it will be in default state) and apply only some changes to settings. And/or you can also use the policy to force the default value - so it cannot be changed using UI on client.

Some resources:

https://support.eset.com/kb5928/?viewlocale=en_US

https://support.eset.com/kb3594/?locale=en_US

Edited by filips
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...