Jump to content

connect agent to ESMC

sokol-4ever
 Share

Recommended Posts

sokol-4ever

sokol-4ever 0

Posted
Posted (edited)

Hello,

If we are an MSSP provider and want to provide ESET services  to customers, what is the best way to connect clients (EES, ERA) to the ESMC that is on our side (MSSP provider)?

Edited by sokol-4ever
Link to comment
Share on other sites
  • ESET Staff
MichalJ

MichalJ 434

Posted
  • ESET Staff
Posted

In general, for the MSP / MSSP use-cases there are three options: 

  1. Host it in a public cloud, where agents will be able to see the server over public internet (we have for example Azure image available, however after deployment this should be upgraded to ESMC 7.0). 
  2. Make your private cloud instance accessible from the internet (the port on which ESMC server is listening to agents). 
  3. Use HTTP Proxy, for forwarding the connections from the outside, if the server is not directly visible from the internet. 
Link to comment
Share on other sites
sokol-4ever

sokol-4ever 0

Posted
  • Author
Posted (edited)

Thanks for the answer MichalJ. 

1.Which of these options is the most popular according to statistics?.

2. Where can I find information about use HTTP Proxy? 

3. Can I use my proxy server or do I need to install Apache HTTP Proxy. Do I need to install something else on the client side or just specify the use of a proxy in the agent settings?

Thanks.

Edited by sokol-4ever
Link to comment
Share on other sites
  • ESET Staff
MichalJ

MichalJ 434

Posted
  • ESET Staff
Posted

Hello,

  1. I will get in touch with our team, to get you the information. Based on our Product Management research, it would be a merge of 2 & 3 (so ESMC running in a MSP datacenter / collocation, accessible from the internet, either via proxy, or some other solution).
  2. Details are in our documentation: https://help.eset.com/esmc_install/70/en-US/?arch_proxy.html 
  3. Of course, you can use any 3rd party proxy you have, you just need to configure it in a way, that it will allow communication of ESMC Agents with the server (inbound) and ESMC access to various ESET services. 
Link to comment
Share on other sites
sokol-4ever

sokol-4ever 0

Posted
  • Author
Posted (edited)

Hello,

2. Make your private cloud instance accessible from the internet (the port on which ESMC server is listening to agents).

Are there any best practices (recommendations) on how best to connect the client, in terms of security hack?

 

Edited by sokol-4ever
Link to comment
Share on other sites
  • ESET Staff
MichalJ

MichalJ 434

Posted
  • ESET Staff
Posted

I have requested some advice from our documentation/support team, as I do not have any recommendations by myself.  In general, common practice would be to simply limit the ports to the ones needed for ESET. List is available in the KB article - https://support.eset.com/kb332/.

If the webconsole is accessible from the outside, for sure use the 2FA, and refrain from using default Administrator account, for which set exceptionally strong password. 

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...