Mindflux 1 Posted October 1, 2019 Posted October 1, 2019 Is there a technical limitation to why ESMC cannot also host a definitions mirror? If I use the mirror tool I have to use up one of my license seats to allow the tool to download updates... which ESMC should already do and distribute them for you. I skipped v6 of the entire line of products because of how wonky things were, v7 seems better but this would be great if ESMC could host the updates too...
BaldNerd 3 Posted October 1, 2019 Posted October 1, 2019 (edited) On ESET Security Management Center the mirror has been replaced with an Apache HTTP Proxy. Please see https://help.eset.com/esmc_install/70/en-US/apache_http_proxy.html I think that is what you are looking for. Let me know. Robbie // The Bald Nerd Edited October 1, 2019 by BaldNerd
Mindflux 1 Posted October 1, 2019 Author Posted October 1, 2019 That should work.. perhaps it should be a default ON sort of thing, though?
BaldNerd 3 Posted October 1, 2019 Posted October 1, 2019 When you first setup the VA there was a checkbox to enable it. You mustn't have spotted it during setup. It's easy to enable in the settings after the fact though, so no harm done. No, I don't think it should be on by default. If the user is setting up the ESMC server behind a VPN or on the WAN, that would create a lot of unnecessary traffic as the devices check in. It's better to let the devices by default get their definitions directly from ESET's servers, and only proxy (mirror) them if specifically enabled by the admin. Hope that helps! Robbie // The Bald Nerd
Mindflux 1 Posted October 1, 2019 Author Posted October 1, 2019 I do see in the docs there was a checkbox I missed. I don't see how to enable it after the fact, without using SSH, though.. which has been done. I guess I'll see where this goes.
BaldNerd 3 Posted October 1, 2019 Posted October 1, 2019 (edited) Under Advanced Server Settings: Edited October 1, 2019 by BaldNerd
Mindflux 1 Posted October 1, 2019 Author Posted October 1, 2019 That's to USE the HTTP proxy, not configure it for client use if I am not mistaken?
Administrators Marcos 5,466 Posted October 2, 2019 Administrators Posted October 2, 2019 You'll need to configure the proxy both in qgent and Endpoint policies
Mindflux 1 Posted October 2, 2019 Author Posted October 2, 2019 (edited) Hi, I've done that. How do I confirm it's working? I see data in the access_log, but I also see some messages like "AH01797: client denied by server configuration: proxy:esmc:2222" in the error_log. I do see /var/cache/httpd has grown since last night. Edited October 2, 2019 by Mindflux
ESET Staff MichalJ 434 Posted October 2, 2019 ESET Staff Posted October 2, 2019 @Mindflux You are right. If you have not selected the setting during VA setup, setting in server settings won´t enable it. You have following options: Install HTTP proxy on a dedicated windows box, ideally using all in one isntaller Add it to the VA. AFAIK this steps should work: https://help.eset.com/era_deploy_va/65/en-US/enable_apache_http_proxy.html
Recommended Posts