Jump to content

Not happy with ERA 6


Recommended Posts

 

I too am seriously considering switching back to v5. In v5 I could install the client on a computer, type in the IP address of the management server on the local client and set the refresh period to 0 and it would grab the default config I had set up on the server immediately. ERA 5's interface looked a bit dated, but it was functional and just plain worked once you knew where the settings were. ERA 6 was a serious PITA to set up, and then activating clients is really hit or miss as to when the server will push the activation task out to the client. I can't tell where to find the computers using my license, as one was stolen and two were re-imaged and I'm not sure how to free up those uses of our license. 
 
Once again this is devs thinking "Wow, it'd be cool if we..." or "We could make this look like a hip website if we just... " and not giving much (if any) thought to user experience. 5 never required an agent and worked great. Now 6 has been mostly hassle and headaches from deployment to activation, to monitoring and control through ERA. Not impressed, and I've been a fan of home and business ESET for years.  

 

 

Agent is good thing since they are here to ensure client is getting policy enforced even when not present in LAN, like notebooks. It's common approach in antivirus industry as I've seen.

My guess is they will eventually offer cloud solution like most antivirus solutions already do. So eventually agent could be told to enforce specific policy when it's connecting to cloud ERA or LAN ERA....

Link to post
Share on other sites
  • Replies 224
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

 

Are you bringing mirror server feature to ERA server?

ERA 6.2 will bring a command line tool for creating a mirror which you can subsequently make available to clients via Apache (or another http server) or network shares.

 

 

Thank you! I have many clients in LAN that don't have any access to internet.

Link to post
Share on other sites

I too was a V4 + 5 user and am totally dumbfounded as to how v6 is supposed to be better. I loved 4 and 5.

 

Administration is painful, manual install of ESET Agent and AV typically ends in the client not showing in ERA as having either installed.

 

Deployment is painful and having to click through multiple screens to get to the error that is vague has been frustrating. I cannot watch the progress of a task move along either. Is it still going did then next task I started override the last? Who knows?

 

The last thing I'd like to add is that just because everyone is doing it it doesn't mean you should too. Why a web based admin console? functionality is painfully less than before. Really!!!, we can't do a select all then remove 3-4 clients to omit? I have to instead manually click 60 clients to avoid 3?

 

All in all I feel like they really took 3 steps back trying to make the console web based and pretty. ESET's claims to more functionality might be correct but the new ERA being so convoluted and unintuitive that it really doesn't matter if there is or isn't increased functionality. To me simple things seem more difficult, or harder to find, or not possible. Simple example.... how do you filter out all AD detected clients WITHOUT the Agent installed? It's not in the pre-configured filtering. That seems like a pretty common sense filter to have to me.

 

Unfortunately We tried another AV solution for a year as a cost savings test so I cannot go back to ERA 5. I'm stuck with 6

Link to post
Share on other sites

My company has run ESET for the past few years as I recommended it to them after having used it personally for the previous 10 years. But ERA 6 is awful. We have so many problems with this web console. Updates in the browser are slow, it caches content from previous requests, it only remotely installs/activates clients about half the time, doesn't work with our clients on v5, tasks always have to be added instead of ran at a new target. We have many more issues and the latest is not being able to use the web console at all (I will post a new thread on this).

All in all, we are gutted we renewed this year with ESET and will be looking elsewhere when our renewal comes up.

Link to post
Share on other sites

6.2 has just be released, it would be worth giving it a go.

 

I saw this as a post not long after posting. Unfortunately at the moment I cannot get onto the Web Console (it seems to have broken itself).

Downloading 6.2 now :)

Edited by aaclive
Link to post
Share on other sites
  • Administrators

 

6.2 has just be released, it would be worth giving it a go.

 

I saw this as a post not long after posting. Unfortunately at the moment I cannot get onto the Web Console (it seems to have broken itself).

Downloading 6.2 now :)

 

 

Should you run into an issue or need assistance, please create a new topic and we'll be glad to help. I understand that the first impression after jumping from ERA v5 to ERA v6 is not good which is understandable as ERA 6 is a brand new generation built from scratch and based on users' requests. It is more robust and complex compared to its previous versions, however, virtual appliances make it easy to deploy. The new version offers possibilities that were previously impossible to accomplish, e.g. you can configure a policy that will automatically disconnect a client from network if an unresolved threat is detected and connect it back once a full disk scan has run (automatically) and the threat has been cleaned.

Link to post
Share on other sites

I understand that the first impression after jumping from ERA v5 to ERA v6 is not good which is understandable as ERA 6 is a brand new generation built from scratch and based on users' requests. It is more robust and complex compared to its previous versions, however, virtual appliances make it easy to deploy. The new version offers possibilities that were previously impossible to accomplish, e.g. you can configure a policy that will automatically disconnect a client from network if an unresolved threat is detected and connect it back once a full disk scan has run (automatically) and the threat has been cleaned.

Marcos. Glad to hear this info. Helps us better appreciate the vision for the changes. Would love to hear more of this stuff, as it helps us understand the long term goal, and therefore endure the short term pain whilst we get there!

Looking forward to finding time to install v6.2

Thanks.

Mike

Link to post
Share on other sites

 ERA 6 is a brand new generation built from scratch and based on users' requests.  e.g. you can configure a policy that will automatically disconnect a client from network if an unresolved threat is detected and connect it back once a full disk scan has run (automatically) and the threat has been cleaned.

 

How many users requests? I didn't ask for this.

 

It's is a great NAC like feature, but ESET should not have turned ERA into a 'duck' on the process.  

 

In my case: Everything works with ERA 5 for the 6k+ clients in 16 places. ERA 6 didn't hit 10 success implementations. 

 

I know that is your job to calm things down, but really, ESET should admit failure on releasing this before it's time.

At least in my country ESET ended not recommending to use ERA 6 until further notice.  

Link to post
Share on other sites

 

 ERA 6 is a brand new generation built from scratch and based on users' requests.  e.g. you can configure a policy that will automatically disconnect a client from network if an unresolved threat is detected and connect it back once a full disk scan has run (automatically) and the threat has been cleaned.

 

How many users requests? I didn't ask for this.

 

It's is a great NAC like feature, but ESET should not have turned ERA into a 'duck' on the process.  

 

In my case: Everything works with ERA 5 for the 6k+ clients in 16 places. ERA 6 didn't hit 10 success implementations. 

 

I know that is your job to calm things down, but really, ESET should admit failure on releasing this before it's time.

At least in my country ESET ended not recommending to use ERA 6 until further notice.  

 

 

Which country? :)

It certainly looks as unfinished product. I think they saw competition moving their solutions to web based management at faster rate and sadly they thought they should move to web too. But they did it at quality cost. Cloud and web are cool. But my suggestion to ESET would be to design hybrid solution. Cloud ERA as backup in case of disaster, virtual applicance or server beeing brought down for various reasons.

We are still on v5 and now in plan to test latest release 6.2 to check is it improved over 6.1 release.

Link to post
Share on other sites

 

 

 ERA 6 is a brand new generation built from scratch and based on users' requests.  e.g. you can configure a policy that will automatically disconnect a client from network if an unresolved threat is detected and connect it back once a full disk scan has run (automatically) and the threat has been cleaned.

 

How many users requests? I didn't ask for this.

 

It's is a great NAC like feature, but ESET should not have turned ERA into a 'duck' on the process.  

 

In my case: Everything works with ERA 5 for the 6k+ clients in 16 places. ERA 6 didn't hit 10 success implementations. 

 

I know that is your job to calm things down, but really, ESET should admit failure on releasing this before it's time.

At least in my country ESET ended not recommending to use ERA 6 until further notice.  

 

 

Which country? :)

It certainly looks as unfinished product. I think they saw competition moving their solutions to web based management at faster rate and sadly they thought they should move to web too. But they did it at quality cost. Cloud and web are cool. But my suggestion to ESET would be to design hybrid solution. Cloud ERA as backup in case of disaster, virtual applicance or server beeing brought down for various reasons.

We are still on v5 and now in plan to test latest release 6.2 to check is it improved over 6.1 release.

 

 

Brazil.

Link to post
Share on other sites
  • 3 weeks later...
  • 2 weeks later...

Our business has been using ESET 5 endpoint and the remote admin console for a while now, and I finally decided it was time to make the move to version 6.

 

So far, I'm afraid I'm in the camp with the "unsatisfied" folks in this message thread, even though I just started deploying this using the latest version 6.2.

 

As we have a VMWare ESXi server already, I decided to use the virtual appliance for the ERA 6, running CentOS Linux. (Good for us, since I'd be stuck using up a Windows server license otherwise, setting up a new VM just for this application.) Just successfully downloading the appliance was a struggle though. My transfer of the 6GB file kept failing, about 3-4GB into it - and it didn't appear "auto resume" was supported for the transfers. When it finally did download successfully, it was only after a LONG wait because it appeared ESET didn't have much available bandwidth. (We're on a 50mbit symmetrical broadband circuit here but my transfer rates never got about 240K per second or so.... painfully slow!)

 

As others have commented, it seems the Linux documentation is really lacking. For starters, once I got the virtual appliance up and running, I realized it was complaining that its OS was out of date. Luckily, I knew enough about CentOS to know that I could issue the "yum update" command from the console to download the update patches ... but didn't see this mentioned anyplace in the instructions. (Honestly, shouldn't this be built into the web console GUI so people can just click a button to update the centOS?)

 

Another issue is with the lack of ability to use ssh to connect to a terminal session in this virtual appliance. By default, it seems to be disabled. The setup wizard should at least offer the option to enable ssh for a range of IP addresses so it can be used on the local network. (Yes, I get that this is a function of CentOS itself and not your ERA software -- but you shouldn't make users know enough about Linux to reconfigure these basic features that will clearly be used by sysadmins wanting to work with the appliance.)

 

Now that I have the box up and running, I'm encountering the same problem others have reported, where even if I manually install the agent on a Windows server and provide the correct information to point it to the ERA appliance, it never checks in. (I know at least *some* sort of communication happened between the agent and the ERA 6 appliance, because I asked it to create the machine name in a specific part of the group folder tree in ERA and it showed up there. But after that, I can't get the ERA to display anything other than "unknown" beside the machine name.) Maybe this is just user error of some kind, but I'm 3 days into working with this thing so far and still can't make a single workstation "check in" with any valid info.  Not impressed at all, especially given the fact I had version 5 up and running in one afternoon.

Link to post
Share on other sites
  • Administrators

My transfer of the 6GB file kept failing, about 3-4GB into it - and it didn't appear "auto resume" was supported for the transfers. When it finally did download successfully, it was only after a LONG wait because it appeared ESET didn't have much available bandwidth.

 

Recently there have been temporary performance issues with the download servers. I've made a quick test now and downloading the ova file took me ~2 minutes.

 

For starters, once I got the virtual appliance up and running, I realized it was complaining that its OS was out of date. Luckily, I knew enough about CentOS to know that I could issue the "yum update" command from the console to download the update patches ... but didn't see this mentioned anyplace in the instructions. (Honestly, shouldn't this be built into the web console GUI so people can just click a button to update the centOS?)

We plan some improvements in this regard for future versions of ERA.

 

Another issue is with the lack of ability to use ssh to connect to a terminal session in this virtual appliance. By default, it seems to be disabled. The setup wizard should at least offer the option to enable ssh for a range of IP addresses so it can be used on the local network. (Yes, I get that this is a function of CentOS itself and not your ERA software -- but you shouldn't make users know enough about Linux to reconfigure these basic features that will clearly be used by sysadmins wanting to work with the appliance.)

Thanks for the suggestion. I've passed it to the product manager responsible for ERA to consider it for future versions.

 

 

Now that I have the box up and running, I'm encountering the same problem others have reported, where even if I manually install the agent on a Windows server and provide the correct information to point it to the ERA appliance, it never checks in. (I know at least *some* sort of communication happened between the agent and the ERA 6 appliance, because I asked it to create the machine name in a specific part of the group folder tree in ERA and it showed up there. But after that, I can't get the ERA to display anything other than "unknown" beside the machine name.) Maybe this is just user error of some kind, but I'm 3 days into working with this thing so far and still can't make a single workstation "check in" with any valid info.

 

Please check status.html in C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs on problematic clients. If it doesn't contain any error, check trace.log for possible errors. You can create a new topic for this issue and attach the log to it so that we could check it out.

Link to post
Share on other sites

We started using v6.x Eset RA Server right out of the gate at the end of December 2014, and believe you me, there have been times that I've wanted to throw the whole thing out the window, but we stuck with it, grew with Eset as they continued to improve the system (as they always do), and as of 6.2, managing some 6900 endpoints, I can't imagine life without it anymore.  I used the v5.x ERAS/ERAC for two years and yes, I missed it, and there are a few things I still do miss, but I "get what they are doing with six."  And when you consider where they can take it, with things like the Rogue Detection Scanner (let's add some SIEM functionality yeah?), and all the tools they've provide us sys admins - well, my hats off to the engineers on this one.  

Link to post
Share on other sites

Well said. My thoughts exactly. i started v6 with the "beta" (the USA-only version), and initially I found it complex. But it meant I moved from 5 installs of ERA 5 on client servers to a single install on my own server, which in turn allows me to manage everything from the one place. Yes there are frustrations, but there are also a heck of a lot of nice things.

Link to post
Share on other sites

We started using v6.x Eset RA Server right out of the gate at the end of December 2014, and believe you me, there have been times that I've wanted to throw the whole thing out the window, but we stuck with it, grew with Eset as they continued to improve the system (as they always do), and as of 6.2, managing some 6900 endpoints, I can't imagine life without it anymore.  I used the v5.x ERAS/ERAC for two years and yes, I missed it, and there are a few things I still do miss, but I "get what they are doing with six."  And when you consider where they can take it, with things like the Rogue Detection Scanner (let's add some SIEM functionality yeah?), and all the tools they've provide us sys admins - well, my hats off to the engineers on this one.  

 

 

Well said. My thoughts exactly. i started v6 with the "beta" (the USA-only version), and initially I found it complex. But it meant I moved from 5 installs of ERA 5 on client servers to a single install on my own server, which in turn allows me to manage everything from the one place. Yes there are frustrations, but there are also a heck of a lot of nice things.

 

 

It would be really wrong to say that ESET products don't do their job. However...I value my time and my company money. We have 100 workstations on single location and for now we still use v5. It's console is much more responsive and informative that v6. Since I'm the only person testing and integrating solutions I really don't have time for unfinished and undocumented products like v6. Pool for documentation? Seriously? Is this really something that should be in question? With no documentation I can only guess how entire system works, as they point out to so many people here on forum, that they don't understand new v6 system. No full offline mirror? Seriously? (ok, not until 6.2, and still it's just separate download that can't be controlled from GUI. Still no documentation? Seriously?)

 

After testing two releases I'm waiting for third one until license expires and I have to make decision should we stay on v5, should we switch to v6 or look for other solution on market.

I have suggested to ESET to take approach to their development like Microsoft did with Windows 10. More open and constructive way of communicating to customers on what to expect in future releases.

So far all we get on forum posts is "soon to be released, that will fix this and that".

 

I often ask myself am I wrong, have I missed something, but I have many colleagues that share my problems and thoughts in regard to v6.

Also subscribed to this forum and every day I get posts that people report problems that I really wonder how many people will switch to v6 at all.

 

Regards.

Link to post
Share on other sites

We started using v6.x Eset RA Server right out of the gate at the end of December 2014, and believe you me, there have been times that I've wanted to throw the whole thing out the window, but we stuck with it, grew with Eset as they continued to improve the system (as they always do), and as of 6.2, managing some 6900 endpoints, I can't imagine life without it anymore.  I used the v5.x ERAS/ERAC for two years and yes, I missed it, and there are a few things I still do miss, but I "get what they are doing with six."  And when you consider where they can take it, with things like the Rogue Detection Scanner (let's add some SIEM functionality yeah?), and all the tools they've provide us sys admins - well, my hats off to the engineers on this one.

 

 

Well said. My thoughts exactly. i started v6 with the "beta" (the USA-only version), and initially I found it complex. But it meant I moved from 5 installs of ERA 5 on client servers to a single install on my own server, which in turn allows me to manage everything from the one place. Yes there are frustrations, but there are also a heck of a lot of nice things.

 

 

It would be really wrong to say that ESET products don't do their job. However...I value my time and my company money. We have 100 workstations on single location and for now we still use v5. It's console is much more responsive and informative that v6. Since I'm the only person testing and integrating solutions I really don't have time for unfinished and undocumented products like v6. Pool for documentation? Seriously? Is this really something that should be in question? With no documentation I can only guess how entire system works, as they point out to so many people here on forum, that they don't understand new v6 system. No full offline mirror? Seriously? (ok, not until 6.2, and still it's just separate download that can't be controlled from GUI. Still no documentation? Seriously?)

 

After testing two releases I'm waiting for third one until license expires and I have to make decision should we stay on v5, should we switch to v6 or look for other solution on market.

I have suggested to ESET to take approach to their development like Microsoft did with Windows 10. More open and constructive way of communicating to customers on what to expect in future releases.

So far all we get on forum posts is "soon to be released, that will fix this and that".

 

I often ask myself am I wrong, have I missed something, but I have many colleagues that share my problems and thoughts in regard to v6.

Also subscribed to this forum and every day I get posts that people report problems that I really wonder how many people will switch to v6 at all.

 

Regards.

Agreed 100%. We are still on 5. Version 6 doesn't work for us either

Alex

Link to post
Share on other sites
  • 1 month later...

 

Agreed 100%. We are still on 5. Version 6 doesn't work for us either

Alex

 

 

+1

Same here. Imho ERA 6 is a complete joke. The UI is a mess and carrying out tasks takes much more time than old era. 

I understand having an agent is beneficial, I already had that on kaspersky before we switched, but that does not in any way come close to what kaspersky offered. I'm inclined to switch back to that if it wasn't so horribly performance hungry on the client side. 

 

 

Does anybody know if there will be a version of Business Antivirus 5 that does not conflict with windows 10 threshold 2 update? 

The latest version is deactivated and unusable if you install the update. 

Link to post
Share on other sites

Hi all

 

I have successfully completed a migration from V5 to V6

I did have some initial issues which are partly due to unclear documentation and partly due to me not digesting the information but in general it works reliably

 

Here are a few key points

 

1. Internet access.

Unless you create offline repositories or go for the full blown Apache HTTP Proxy installation all installation steps require internet access to ESET servers

Agent - Offline Install library required

Eset Endpoint - Offline Install library required

Activation - Check out some of your licences to an offline activation licence on the RAS

Signature Updates - Set up an update mirror on a computer/server  with ESET Endpoint or file security and access the internet then us ethe client to create a mirror for others to update from

 

I initially objected to this and created a mirror for updates but decided to go full internet

I only manage 80 computers, almost all laptops, so when out of office I was happy for them to get updates directly from ESET rather than from my mirror which I would have to expose to the internet fro access.

This particularly applies to our globe trotting staff. I did however open port 2222 on the CISCO firewall and allow the machines to report in to the ERAC via  a publicly registered DNS name.

For particular machines that I did not want to have internet access I used our proxy service to block them from all but ESET and some Microsoft background services

 

2. ESET remote administrator name on the certificate and agent policy

I was having trouble getting agents to communicate particularly from outside of the office

ESET support helped me identify the problem which was:-

The communication between the Agent and the RAS is protected by a certificate that you create on he console . You MUST use the same RAS name in the Agent policy as you have entered in the certificate

I had registered the local computer hostname for the server in the certificate then changed the name for the agent to be the externally registered DNS name creating a mis-match.

The good news is that in your certificate you can register multiple names for the RAS for it to accept e.g.

IP address

Local host mane

Fully qualified domain name e.g hostname.domain.local

External DNS name

 

Actually in the end I just used the External DNS name for both internal and external connections for consistency and registered that DNS name in our internal DNS

 

Hope that makes some ones learning curve faster than mine

 

Cheers

Link to post
Share on other sites
  • 2 weeks later...

OK Here my issue. It is with ESET support. I'm trying to get End Point Security to work in ERA 6. Was able to deploy it through the console, I could update the policies. Then I hit a snag. I wanted block usb devices and if you look at the rule in the client it was very similar to 5. You setup a group in Active Directory but in 6 console you had to use a SID. After several hours working on how to set that up with very little documentation I think I have something that will work, but it didn't. So I started a chat with ESET support and they could not find documentation on how to do it and they said the would send me and email with information. I never did get an email. So I opened up another case online and referred to the previous case. Still no response. If you have a product that the customers are having issues with I think you step up your support and at least make an effort to respond even if you don't have the fix in place. Make every effort to make it easy to get support. I've moved my test environment back to 5 and will stay there until I see a big improvement in the 6 product and support for it. I'm just glad I didn't move all my clients to 6 as documented in the migration instructions. 

Link to post
Share on other sites

I just started using it for the 1st time.  Symantec always worked for me. I'm so sorry I changed to this. I tried to do a refund from the reseller but they couldnt do it.  I am stuck with this product and cant wait till I can go to something, anything else! Support is horrible, takes forever to get a live person, then chat takes forever.  I'm so done and still have 11 more months to go.

Link to post
Share on other sites
  • Administrators

I just started using it for the 1st time.  Symantec always worked for me. I'm so sorry I changed to this. I tried to do a refund from the reseller but they couldnt do it.  I am stuck with this product and cant wait till I can go to something, anything else! Support is horrible, takes forever to get a live person, then chat takes forever.  I'm so done and still have 11 more months to go.

 

If you have raised a support ticket, please supply me with the ticket ID so than I can inquire colleagues from the US about details of the ticket. Although this forum does not serve as a replacement of contacting customer care, there are many knowledgeable users and moderators here who will be happy to share their knowledge with you.

Link to post
Share on other sites

I just started using it for the 1st time.  Symantec always worked for me. I'm so sorry I changed to this. I tried to do a refund from the reseller but they couldnt do it.  I am stuck with this product and cant wait till I can go to something, anything else! Support is horrible, takes forever to get a live person, then chat takes forever.  I'm so done and still have 11 more months to go.

 

I suggest you try ERA V5 and wait for V6 to be finished for production since you are stuck as most of us are here.

Link to post
Share on other sites

I just started using it for the 1st time.  Symantec always worked for me. I'm so sorry I changed to this. I tried to do a refund from the reseller but they couldnt do it.  I am stuck with this product and cant wait till I can go to something, anything else! Support is horrible, takes forever to get a live person, then chat takes forever.  I'm so done and still have 11 more months to go.

 

 

Same suggestion as bbahes, go for latest ERA V5, you will see were ESET shines.
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...