Jump to content
sokol-4ever

connect agent to ESMC

Recommended Posts

Posted (edited)

Hello,

If we are an MSSP provider and want to provide ESET services  to customers, what is the best way to connect clients (EES, ERA) to the ESMC that is on our side (MSSP provider)?

Edited by sokol-4ever

Share this post


Link to post
Share on other sites

In general, for the MSP / MSSP use-cases there are three options: 

  1. Host it in a public cloud, where agents will be able to see the server over public internet (we have for example Azure image available, however after deployment this should be upgraded to ESMC 7.0). 
  2. Make your private cloud instance accessible from the internet (the port on which ESMC server is listening to agents). 
  3. Use HTTP Proxy, for forwarding the connections from the outside, if the server is not directly visible from the internet. 

Share this post


Link to post
Share on other sites
Posted (edited)

Thanks for the answer MichalJ. 

1.Which of these options is the most popular according to statistics?.

2. Where can I find information about use HTTP Proxy? 

3. Can I use my proxy server or do I need to install Apache HTTP Proxy. Do I need to install something else on the client side or just specify the use of a proxy in the agent settings?

Thanks.

Edited by sokol-4ever

Share this post


Link to post
Share on other sites

Hello,

  1. I will get in touch with our team, to get you the information. Based on our Product Management research, it would be a merge of 2 & 3 (so ESMC running in a MSP datacenter / collocation, accessible from the internet, either via proxy, or some other solution).
  2. Details are in our documentation: https://help.eset.com/esmc_install/70/en-US/?arch_proxy.html 
  3. Of course, you can use any 3rd party proxy you have, you just need to configure it in a way, that it will allow communication of ESMC Agents with the server (inbound) and ESMC access to various ESET services. 

Share this post


Link to post
Share on other sites
Posted (edited)

Hello,

2. Make your private cloud instance accessible from the internet (the port on which ESMC server is listening to agents).

Are there any best practices (recommendations) on how best to connect the client, in terms of security hack?

 

Edited by sokol-4ever

Share this post


Link to post
Share on other sites

I have requested some advice from our documentation/support team, as I do not have any recommendations by myself.  In general, common practice would be to simply limit the ports to the ones needed for ESET. List is available in the KB article - https://support.eset.com/kb332/.

If the webconsole is accessible from the outside, for sure use the 2FA, and refrain from using default Administrator account, for which set exceptionally strong password. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...