carmik 0 Posted August 24, 2022 Posted August 24, 2022 Got a ESET VA gradually upgraded to the current version 9.1. From the server info page: [quote] ESET PROTECT (Server), Version 9.1 (9.1.2301.0) ESET PROTECT (Web Console), Version 9.1 (9.1.292.0) Copyright (c) 1992-2022 ESET, spol. s r.o. All Rights Reserved. CentOS (64-bit), Version 7.9.2009 Connected Clients: 167 Active Licenses: 4 Installed Components: Update module 1079 (20211110) Translation support module 1936 (20220727) SysInspector module 1281.1 (20210407) SSL module 1070 (20220608) Push Notification Service module 1128.1 (20220525) Configuration module 2021.1 (20220711) [/quote] I was out of office for around 3 weeks and when I returned I viewed the following in the ESET console: As you can see there is a vast number of systems in a waiting state. I understand that these 120 systems will be most likely stagger-updated. However, being away from way I'd expect that some updates would take place (the 8 systems in latest state, as well as the ones in the latest state agent-wise were manually upgraded by me). How does the auto-update mechanism work? How much time does it take for an update to take place? A note on our server setup: the VA is located on our DMZ. Therefore, if the server directly initiates an update by contacting the client, this will not work...
ESET Staff Solution MartinK 384 Posted August 24, 2022 ESET Staff Solution Posted August 24, 2022 I will split it into two parts: ESET Management Agents has a grace period of a few weeks since release of lat version was done. This happened around 2 weeks ago, so AGENTs should slowly start to update itself. Regarding security products, auto-updates are not enabled yet to my knowledge, as there has been an hotfix release very recently to target issues that prevented global deployment.
carmik 0 Posted August 24, 2022 Author Posted August 24, 2022 Thanks for the info Martin, that would explain this behaviour.
carmik 0 Posted September 9, 2022 Author Posted September 9, 2022 (edited) Hello again, something's definitely off. More than 2 weeks have passed since our discussion. During that interval I've seen that agent installations seem to have auto-updated, whereas the actual endpoint software did not. Up to yesterday, all 120 endpoint installations that were in the waiting state remained there (with the exception of some manual updates that I did). Today, all these installations changed state to legacy suddenly. Which would be the next steps to find a solution? PS: For the record, our Eset protect server resides in a network DMZ. The eset protect server is disallowed from reaching our LAN clients. Only our clients can contact it, on ports http/https/ssh/2222 and 2223/8080/3128. I'm stating this in case the update mechanism uses a server push (which won't work) instead of a client push. Even though I believe that everything is handled by communication initiated by the agent, which should work at all times. Edited September 9, 2022 by carmik added graph
carmik 0 Posted September 9, 2022 Author Posted September 9, 2022 On 8/24/2022 at 10:53 AM, MartinK said: Regarding security products, auto-updates are not enabled yet to my knowledge, as there has been an hotfix release very recently to target issues that prevented global deployment. My apologies, missed this part. Does this mean that security updates are auto-updateable at this point?
Recommended Posts