Jump to content

ESET Bridge BETA (new solution for ESET traffic caching and forwarding)


Recommended Posts

  • ESET Moderators

We are delighted to announce the launch of the ESET Bridge BETA program.

 

ESET Bridge is a new solution for caching and forwarding traffic of ESET products heading to ESET's online services.

ESET Bridge, built on NGINX, is a successor of the HTTP Proxy.

To name some of the new features and improvements:

  • Integration with ESET PROTECT which will allow users to manage ESET Bridge
  • HTTPS traffic caching
  • Certificates deployment via ESET PROTECT
  • Watchdog functionality
  • Crash dump functionality

To test the mentioned features, it is required to deploy:

  • ESET PROTECT BETA build 
  • ESET Bridge BETA build
  • Endpoint 10 BETA build

These installation binaries are available at https://forum.eset.com/files/category/9-eset-bridge-beta/

 

Supported OSes for ESET Bridge are Windows Server 2016/2019/2022 and Linux - Linux systems compatible with ESET PROTECT 9.1 Server component

 

Detailed ESET Bridge help is available at https://help.eset.com/ebe/1/en-US/

 

As usually, by downloading and using the builds, you agree with our BETA program agreement, which is available at https://forum.eset.com/files/file/58-eset-beta-program-agreement/

To ask a question or report any issues, you encounter during the BETA just post a reply here.

 

We are looking forward to your participation and feedback,
Peter on behalf of the teams involved

Link to comment
Share on other sites

  • ESET Insiders

Hello Peter,

So this is for on prem only correct?  I would not mind beta testing the ESET Endpoint Security v 10 if it is compatible with ESET Protect Cloud.

Please advise.

Thanks,

Jim

Link to comment
Share on other sites

  • ESET Moderators

Hello Jim / @Trooper,

as of now it is compatible with the on-prem deployment only 😞 (the ESET Bridge management, cert distribution for https caching)

It can be deployed as a stand-alone, not managed proxy for the current endpoints as well.

Peter

Link to comment
Share on other sites

Hi

1. I have installed eset-bridge on linux (ubuntu20.04) after rebooting there is an error. Problem: ESET Bridge Proxy is non-functional, Problem Detail:  The proxy could not be started, and the functionality is missing. (screenshot attached)

log Sep 07 03:11:39 eset-bridge Bridge[1391]: nginx: [warn] the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /var/opt/eset/bridge/nginx/conf/nginx.conf:1
Sep 07 03:11:39 eset-bridge Bridge[1391]: nginx: [emerg] cannot load certificate "/var/opt/eset/bridge/nginx/conf/nginx.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/var/opt/eset>

reboot and restart EsetBridge service doesn't fix the problem, any suggestions?

2. how to ensure that eset-bridge has cached downloads and updates?
is it true that default cache path linux /var/opt/eset/bridge/nginx/data/eset_cache ?

Thanks,

2022-09-07_10h08_56.png

Link to comment
Share on other sites

  • ESET Staff

Hello @obee,

In an unmanaged environment, when the ESET Bridge is installed as a standalone application, not with the EP All-in-one installer, certificates will need to be deployed manually from ESET Protect via policies to have the HTTPS caching working. More information can be found here: https://help.eset.com/ebe/1/en-US/installation.html?caching_https.html

The behavior described above can be reproduced if the HTTPS caching option is enabled in Bridge policy but there was no certificate provided in the policy screen.

Regarding the second question, the cache path provided is correct.
Also the cache.log file from the nginx/logs folder can be inspected for MISS or HIT tags to check whether the data was fetched from the cache or from the upstream servers.

Hope it helps!

Ingemar

Link to comment
Share on other sites

  • ESET Insiders
On 9/5/2022 at 7:20 AM, Peter Randziak said:

Hello Jim / @Trooper,

as of now it is compatible with the on-prem deployment only 😞 (the ESET Bridge management, cert distribution for https caching)

It can be deployed as a stand-alone, not managed proxy for the current endpoints as well.

Peter

 

Thanks Peter.  Looking forward to when I can beta test the EES for use with Protect Cloud.

Cheers!

Link to comment
Share on other sites

  • 4 weeks later...

is it possible to custom cache path eset-bridge on linux ?
i saw a default example for a custom cache directory only for windows %PROGRAMDATA%

I've tried the settings and the result is a warning like the following image:
Selection_1217.thumb.png.266a161d89b2c7a4efa8c3f9799a4496.png

here's my configuration :

Selection_1220.thumb.png.a0f7bf7c50f812c652dd079b026cd21c.png

Link to comment
Share on other sites

  • ESET Staff

Hi @madara,

I was consulting this morning your situation and the recommendation is following:

  1. The custom folder needs to be created and also accessible by the eset-bridge user before applying the policy.
  2. The eset bridge user needs access rights to that foler with
    1. sudo chown -R eset-bridge:eset-bridge /DATA
  3. After applying the policy the Bridge server needs restart:
    1. sudo systemctl restart EsetBridge.service

If anything please do let me know and hopefully this will revoke the issue you are currently experiencing.

Thanks.

Ingemar

Link to comment
Share on other sites

16 hours ago, IggyPop said:

Hi @madara,

I was consulting this morning your situation and the recommendation is following:

  1. The custom folder needs to be created and also accessible by the eset-bridge user before applying the policy.
  2. The eset bridge user needs access rights to that foler with
    1. sudo chown -R eset-bridge:eset-bridge /DATA
  3. After applying the policy the Bridge server needs restart:
    1. sudo systemctl restart EsetBridge.service

If anything please do let me know and hopefully this will revoke the issue you are currently experiencing.

Thanks.

Ingemar


Thanks now can run on /DATA

Selection_1225.png.3f446e7b47cc748730ac814abb5bdbc3.png

if in the sub folder is there a way to make it run? for example /DATA/cache

I have tried but now it doesn't work if it's in the cache sub folder

Link to comment
Share on other sites

  • ESET Staff

Hi @madara,

you should be able to follow same steps as before.

On 10/10/2022 at 12:00 PM, IggyPop said:

Hi @madara,

I was consulting this morning your situation and the recommendation is following:

  1. The custom folder needs to be created and also accessible by the eset-bridge user before applying the policy.
  2. The eset bridge user needs access rights to that foler with
    1. sudo chown -R eset-bridge:eset-bridge /DATA
  3. After applying the policy the Bridge server needs restart:
    1. sudo systemctl restart EsetBridge.service

If anything please do let me know and hopefully this will revoke the issue you are currently experiencing.

Thanks.

Ingemar

Thanks.

Ingemar

Link to comment
Share on other sites

  • 1 month later...

Hi,

I have installed ESET Bridge using All-in-one installer ESET Protect 10.0 and the Bridge certificate has not been created automatically.

Do you know what CN and host I should type for Bridge cert?

 

I have only Agent, Proxy Server and Server certificates.

bridge.png

Link to comment
Share on other sites

Hi @IggyPop

thanks for the reply.

The released version included to Protect server version: 10.0.14.0. 

In all official manuals is information that if I use All-in-one installer to install ESET Bridge, the certificate will be added automatically.

Edited by extor
Link to comment
Share on other sites

  • 2 months later...

Hello, could you help me. I just updated my esetprotect console to version 10.0.14.0. I have 2 sites with http proxy installed. in http proxy in the configuration file I could change the default route and put it in another disk, for example the disk: D. but with bridge the part that says custom cache directory I don't know how the path to put should be. my environment is esetprotect windows server 2019.

This is how I have it, I already gave permission to the network service folder.

image.thumb.png.c9bb19fb63a2cac1ebfd71765aa80ce1.png

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...