Jump to content
garyd

ESMC / ERA - questions

Recommended Posts

Hi Experts,

 

Tell me, out of the box is ERA / ESMC meant to provide all clients (PCs & Servers)  the AV client installation/deploy, DATs and Engine updates with-out the clients having to have an internet connection at all?

Like is ERA /ESMC an actual repository in its own right? i.e. saving on clients having to connect to the internet etc

 

Reason I ask is a couple of my customers are on an OT network (Operational Technology) or Automation network where-by there is zero internet connectivity, and only ERA is aloud to connect to ESETs servers / domains etc on the internet.

I have noticed a couple of times modules updates only work if the client  PC has a connection to the internet...

 

Cheers

Share this post


Link to post
Share on other sites

You should have at least one machine with Internet connection to download updates. You can then install HTP Proxy on it (a part of the ESMC All-in-one installer) so that it caches install and update files for the other machines. It is pre-configured to allow connections only to ESET's servers. One thing worth of mentioning is that wake-up calls won't work since machines won't be able to communicate with epns.eset.com directly bypassing the proxy.

Do you have a completely offline environment that a mirror would need to be created elsewhere and its content transferred, e.g. using a flash disk? When deploying ESMC Agent or installing a security product, it's possible to use a local path to the appropriate installer, e.g. in a software install task.

Share this post


Link to post
Share on other sites

In this matter, answer to your direct question is : NO, ESMC / ERA is not serving as repository for update modules / installation files.
You have however following options:

  1. If you have selected the option to setup Apache HTTP Proxy during the installation it will configure all ESMC components and security products to communicate via the HTTP Proxy which is set up on the ESMC server.
  2. You can use whatever proxy you have, and just configure ESMC server / agents / security products, to communicate via the proxy. It should be by default caching installers.
  3. If you have completely offline environment, as Marcos suggested you can use mirror tool for creating a update mirror, and then host it either using a web server (like IIS) or let the clients update from a folder that is accessible by them. You will have to configure their policies. In this setup, also activation via offline file is needed + you won´t be able to use ESET Live Grid as it´s a cloud based reputation system.

In your setup, the option 1 would be the one I would recommend.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×