ESET Endpoint Antivirus for Linux 10 BETA

Peter Randziak · May 9, 2023

Dear Linux community,

We are pleased to announce BETA availability of the version 10 of ESET Endpoint Antivirus for Linux.
As the feedback from real-life deployment is very important to ensure the high quality of our products, we would like to invite you to participate in this BETA program.

To mention just few of the new features and improvements:

Web access protection to scan HTTP and HTTPS communication
Advanced Machine Learning – a high-powered detection engine in the cloud
Detection level settings in Real-Time & Machine Learning protection
Added Direct cloud communication module to enable receiving instant notifications from various ESET services
Improve stability of the On-Access protection
Added support for RHEL 9 and Linux Mint 21
Added Ukrainian localization
Various under the hood improvements and fixes

The installation binary is available at https://forum.eset.com/files/file/108-eea_10020/
As usually by joining the BETA program, you agree with the ESET BETA program agreement

The online help is available at https://help.eset.com/eeau/10/en-US/

Please open a new topic in this forum to share your feedback or to report an issue.
In case of any issues caused by the Web access protection, please capture the problematic communication via Wireshark and provide us with the packet capture to check.

We are looking forward to your participation and feedback provided.
Peter on behalf of the teams involved

Nightowl · May 10, 2023

I will give it a try , thank you.

Can I upgrade with my current license or I need a different kind of license?

Peter Randziak · May 10, 2023

Hello @Nightowl,

thank you for your interest in the BETA program participation.
The activations of the BETA build are not restricted, so your standard license will work.
In case you need one for the BETA testing, just drop me a private message.

Peter

Nightowl · May 10, 2023

1 hour ago, Peter Randziak said:

Hello @Nightowl,

thank you for your interest in the BETA program participation.
The activations of the BETA build are not restricted, so your standard license will work.
In case you need one for the BETA testing, just drop me a private message.

Peter

I would just use my current one, I will just upgrade ESET in my computer as v9 is already installed.

Thank you

Edited May 10, 2023 by Nightowl

Nightowl · May 11, 2023

For now ESET Protect still reads me as 9.1.4.0

I'm now like this :

Product name: ESET Endpoint Antivirus
Product version: 10.0.2.0
Operating system: Ubuntu 22.04
Machine: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz, 15680 MB RAM

Edit : I sent a request to upgrade Agent , and then Protect was able to read v10

2nd edit :

I think also the web protection is working

but I cannot test it right now , because firewall filters will catch before

There should be new settings added from ESET protect or it's same policy of before?

Edited May 11, 2023 by Nightowl

Peter Randziak · May 11, 2023

Hello @Nightowl,

thank you for trying it our and for the feedback provided.

5 hours ago, Nightowl said:

There should be new settings added from ESET protect or it's same policy of before?

Support for new features / settings will have to be added as usually, so they will be manageable from the management console.

Peter

Nightowl · May 11, 2023

9 minutes ago, Peter Randziak said:

Hello @Nightowl,

thank you for trying it our and for the feedback provided.

Support for new features / settings will have to be added as usually, so they will be manageable from the management console.

Peter

I can't manage to find the policy if I understood you right it will be added right?

Thank you also.

Nightowl · May 12, 2023

It seems that HTTPS filtering broke down FortiClient VPN application , I had to downgrade for now.

azeu666 · May 12, 2023

ESET PROTECT Essential On-Prem.

Upgraded to EEA_10.0.2.0 10.0.2.0 on a test machine.

Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.

When I run: sudo systemctl stop eea.service, able to access the blocked websites.

When I run: sudo systemctl start eea.service, unable to access the blocked websites.

Downgraded back to 9.1.4.0.

Edited May 12, 2023 by azeu666

azeu666 · May 13, 2023

Peter Randziak advised: "To mention just few of the new features and improvements."

Where is the changelog presenting all the new features and improvements?

The Beta version blocks Mullvad VPN 2023.3 for Linux with Wireguard Obfuscation set to UDP over TCP, and Quantun-resistant tunnel set to on.

Will the custom scan be integrated with the supported Linux file managers, thus eliminating the need to type the path?

Edited May 13, 2023 by azeu666

Peter Randziak · May 15, 2023

On 5/11/2023 at 2:22 PM, Nightowl said:

I can't manage to find the policy if I understood you right it will be added right?

If you mean the policy to mange the new settings i.e. those which were added in the version 10 only (i.e. are not available in the version 9), this is a BAU that those are being added later.

Peter Randziak · May 15, 2023

Hello @Nightowl nad @azeu666

On 5/12/2023 at 5:57 PM, Nightowl said:

It seems that HTTPS filtering broke down FortiClient VPN application , I had to downgrade for now.

On 5/12/2023 at 9:23 PM, azeu666 said:

Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.

On 5/13/2023 at 8:39 AM, azeu666 said:

The Beta version blocks Mullvad VPN 2023.3 for Linux with Wireguard Obfuscation set to UDP over TCP, and Quantun-resistant tunnel set to on.

sad to hear that you face such issue, glad you reported it here in BETA program.

We would like to check it with the Dev team, please provide us with:

1. Diagnostics logs captured with the collector script https://help.eset.com/eeau/10/en-US/collect_logs.html

please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value.

2. pair of Wireshark logs one with the protection enabled i.e. from a attempt when the connection fails due to traffic filtering and second from an attempt with the protection disabled so the connection succeeds so we can compare them

Once you have the diagnostics logs collected and the 2 Wireshark logs, please pack them to an archive, upload to a safe location and send me and @TomasP the download details so we can check it with the dev team.

Thank you in advance,
Peter

azeu666 · May 15, 2023

3 hours ago, Peter Randziak said:

Hello @Nightowl nad @azeu666

sad to hear that you face such issue, glad you reported it here in BETA program.

<cut>

please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value.

As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem. I am not running Eset Endpoint for Linux (V7+).

Dai Tomiyama · May 16, 2023

We too are in the process of downloading the build and checking out the new features.
I have one question, we have a test environment where we are getting modules from a mirror tool.

I am referring to the "ep10" folder since the EEAU version is 10, but the module has not been distributed and I am not able to update the module via the mirror tool.
Will this be distributed soon?

Sorry if I am posting to the wrong place.

Nightowl · May 16, 2023

14 hours ago, azeu666 said:

As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem. I am not running Eset Endpoint for Linux (V7+).

It's just the name of the policy used to control Endpoint v10 from ESET Protect

17 hours ago, Peter Randziak said:

We would like to check it with the Dev team, please provide us with:

I will try to do this asap because I reverted to v9 , but mine can be reproduced just by having FortiClient VPN installed , and then install ESET v10 , FortiClient VPN will have a broken GUI after that. , removing ESET fixes FortiClient.

Marcos · May 16, 2023

23 minutes ago, Dai Tomiyama said:

I am referring to the "ep10" folder since the EEAU version is 10, but the module has not been distributed and I am not able to update the module via the mirror tool.

Will this be distributed soon?

Beta versions update from ESET beta server. The mirror tool is intended only for mirroring non-beta update files. Beta versions are not generally intended for massive deployment in networks.

Marcos · May 16, 2023

18 minutes ago, Nightowl said:

I will try to do this asap because I reverted to v9 , but mine can be reproduced just by having FortiClient VPN installed , and then install ESET v10 , FortiClient VPN will have a broken GUI after that. , removing ESET fixes FortiClient.

Did you try to create exceptions using application or certificate rules?

Nightowl · May 16, 2023

7 minutes ago, Marcos said:

Did you try to create exceptions using application or certificate rules?

Where I can find this options bro? and what I should change? maybe just turn off the scan for the VPN's port?

Marcos · May 16, 2023

2 minutes ago, Nightowl said:

Where I can find this options bro? and what I should change? maybe just turn off the scan for the VPN's port?

Nightowl · May 16, 2023

Just now, Marcos said:

It's weird when I had it installed , the policy was out-of-date , it didn't have options for Web Access Protection , I will try again when I get home.

Marcos · May 16, 2023

3 minutes ago, Nightowl said:

It's weird when I had it installed , the policy was out-of-date , it didn't have options for Web Access Protection , I will try again when I get home.

Should it not be there, please check the version of installed modules in Help -> About:

Update module   1080 (20230313)
Translation support module   1969 (20230427)
SysInspector module   1281.1 (20210407)
SSL module   1075 (20230504)
Push Notification Service module   1131.6 (20230426)
Configuration module   2066.3 (20230424)

Edit: The above Config. engine module is being released in small batches which is why you might not have received it yet. If you don't use the ESET PROTECT instance for managing production machines, you could switch to the pre-release update channel to get the latest module (a restart of the ESET PROTECT server service may be needed to force update).

Nightowl · May 16, 2023

21 minutes ago, Marcos said:

Should it not be there, please check the version of installed modules in Help -> About:

Update module   1080 (20230313)
Translation support module   1969 (20230427)
SysInspector module   1281.1 (20210407)
SSL module   1075 (20230504)
Push Notification Service module   1131.6 (20230426)
Configuration module   2066.3 (20230424)

Edit: The above Config. engine module is being released in small batches which is why you might not have received it yet. If you don't use the ESET PROTECT instance for managing production machines, you could switch to the pre-release update channel to get the latest module (a restart of the ESET PROTECT server service may be needed to force update).

Yes I manage through ESET Protect in Cloud , I will try again and report back.

Peter Randziak · May 16, 2023

On 5/13/2023 at 8:39 AM, azeu666 said:

Where is the changelog presenting all the new features and improvements?

A changelog will be available with the GA release, but it will more or less contain the same info.
The Web access protection is the top new feature, besides that the other improvements mentioned improve the security and usability of the product.

On 5/13/2023 at 8:39 AM, azeu666 said:

Will the custom scan be integrated with the supported Linux file managers, thus eliminating the need to type the path?

We have such in the backlog so we would like to bring it in the future releases...

Peter Randziak · May 16, 2023

Hello @azeu666,

17 hours ago, azeu666 said:

As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem. I am not running Eset Endpoint for Linux (V7+).

The ESET PROTECT Essential On-Prem is a name of the bundle you bought to protect your company.

The "Eset Endpoint for Linux (V7+)." is the product deployed on the Linux workstations, note that this BETA program is for "ESET Endpoint Antivirus for Linux 10 BETA".

As the dev team is interested in checking the report below

On 5/12/2023 at 9:23 PM, azeu666 said:

Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.

can you please provide us with the requested logs to check it with them?

Thank you, Peter

azeu666 · May 16, 2023

49 minutes ago, Peter Randziak said:

Hello @azeu666,

The ESET PROTECT Essential On-Prem is a name of the bundle you bought to protect your company.

The "Eset Endpoint for Linux (V7+)." is the product deployed on the Linux workstations, note that this BETA program is for "ESET Endpoint Antivirus for Linux 10 BETA".

As the dev team is interested in checking the report below

can you please provide us with the requested logs to check it with them?

Thank you, Peter

I am referring to: "please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value. "

How am I to accomplish the above?

Edited May 16, 2023 by azeu666

Sign In

ESET Endpoint Antivirus for Linux 10 BETA

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Recently Browsing 0 members

Quick search

FAQ

Topics