Not happy with ERA 6

finzlbrother · December 15, 2015

High Quality Software.

Tried to install it on our main server now. I'm trying to use MySQL 5.7 for it.

It installed the remote administrator server and client, created a db, installs apache, then stops with an error that it cannot install the webconsole because it cannot open a .tmp file from the installation folder.

Newest version downloaded yesterday, wow.

Best thing is, if you want to reinstall it it tells you that you must untick admin server and client because it is already installed. BUT YOU CANNOT UNTICK THOSE!

Yay, good work, that's how you make an installer. I'm getting crazy mad with this stuff I don't want to throw my 2012 R2 installation in the bin, updates take forever on those.
How about someone tests that stuff before putting it into the download section. This is beginner programming comon get this working.

10 year old kids nowadays can create an installer that checks for already installed components, why in gods name can a big company not manage to do that?

Edited December 15, 2015 by finzlbrother

centrex · December 16, 2015

I just started using it for the 1st time. Symantec always worked for me. I'm so sorry I changed to this. I tried to do a refund from the reseller but they couldnt do it. I am stuck with this product and cant wait till I can go to something, anything else! Support is horrible, takes forever to get a live person, then chat takes forever. I'm so done and still have 11 more months to go.

+1. Had a few support tickets, none were resolved. Product is a POS and support is non-existent.

mackintire · January 13, 2016

ESET 6.3 might be released at the end of this month. My expectation is for most of the existing features to work properly and a policy import tool to be available.

Megachip · January 18, 2016

I just started using it for the 1st time. Symantec always worked for me. I'm so sorry I changed to this. I tried to do a refund from the reseller but they couldnt do it. I am stuck with this product and cant wait till I can go to something, anything else! Support is horrible, takes forever to get a live person, then chat takes forever. I'm so done and still have 11 more months to go.

+1. Had a few support tickets, none were resolved. Product is a POS and support is non-existent.

Try ERAS 5. It also has some bugs by design, but it works in almost any use case.

cristianlinca · February 3, 2016

Hello everyone,

We have also upgraded to ERA console 6 and we're very dissapointed. It took us hundreds of hours to manage to connect all the hosts on the console and still having lots of issues with it. One of them is that our network has lots of old PC's that have XP and some of them fail and we re-image them with newer OC so therefore we need to use the licenses that are not used on the old PC's. On the old console we simply removed them from the console and poof solved but in this new console I'm lost. I managed to enter on eset.ela.com but I can't remove the computers. I can only see them but there's no place to select them.

Can anyone PLEASE explain step by step how do we remove the license on ela.eset.com. Maybe someone from ESET to provide a KB or something.

Thank you,

Cristian

jimwillsher · February 3, 2016

It's easy. Make sure the license ID username you have registered is the same that you use to login to ELA. Otherwise you will only have read-only access. It's a bit confusing, as I had the same problem.

Once you login with the right account you can tick computers to deactivate them.

Marcos · February 3, 2016

Hello everyone,

We have also upgraded to ERA console 6 and we're very dissapointed. It took us hundreds of hours to manage to connect all the hosts on the console and still having lots of issues with it. One of them is that our network has lots of old PC's that have XP and some of them fail and we re-image them with newer OC so therefore we need to use the licenses that are not used on the old PC's. On the old console we simply removed them from the console and poof solved but in this new console I'm lost. I managed to enter on eset.ela.com but I can't remove the computers. I can only see them but there's no place to select them.

Can anyone PLEASE explain step by step how do we remove the license on ela.eset.com. Maybe someone from ESET to provide a KB or something.

hxxp://help.eset.com/ela/en-US/index.html?faq.htm

If didn't activate a license using a security admin account, you'll be able to deactivate it after logging in with a license key at ela.eset.com as the license owner.

philb · February 7, 2016

Why wouldn't you have ERA make calls to ela.eset.com so that licence allocation can be managed from inside ERA? Why have a separate interface?

bbahes · February 8, 2016

Why wouldn't you have ERA make calls to ela.eset.com so that licence allocation can be managed from inside ERA? Why have a separate interface?

I think they plan to offer, like most antivirus solution now do, cloud solution so that you can manage license from cloud. My guess this is testing phase...live on clients

MichalJ · February 11, 2016

In general, you can now do both use-cases from ERA.

You can "activate" the product, using product activation task.

You can "deactivate" the product, by choosing the computer in era, and clicking "computers => deactivate products".

twyrick · February 11, 2016

I'm not able to download the latest ERA as a virtual appliance?

Every time I go to the proper page and select the version for VMWare and click the download button, it just says to wait and the transfer never starts.

Pretty sure the file is missing or named incorrectly on the ESET server someplace.

MichalJ · February 11, 2016

I have tried on both pages:

hxxp://www.eset.com/us/support/download/business/remote-administrator-6/

hxxp://www.eset.com/int/download/business/detail/family/259/#offline,,,26,34,

And it works just fine. You may try the direct download link which is: hxxp://download.eset.com/download/ra/v6/Appliances/era_appliance.ova

kingoftheworld · February 11, 2016

I'm not able to download the latest ERA as a virtual appliance?

Every time I go to the proper page and select the version for VMWare and click the download button, it just says to wait and the transfer never starts.

Pretty sure the file is missing or named incorrectly on the ESET server someplace.

Are you using Internet Explorer? If so, I think there is an issue with the site. When I was getting assistance from an ESET support rep, he wasn't able to get a piece of software downloaded from the site since I only had IE on the server VM.

twyrick · February 11, 2016

Interesting..... I used FireFox and it wouldn't work for me -- but I'm downloading it just fine now, using that direct link provided.

(BTW: If you visit the link for the Remote Administrator deployment guide from v6.2, the embedded download link for the .ova file in it just produces an error 404, not found. Understandable since 6.3 is out now, but it might be helpful for folks running into the older document when Googling for it to redirect to the latest version instead?)

hxxp://help.eset.com/era_deploy_va/62/en-US/

BCVITAdmin · February 11, 2016

I can understand the frustration of many admins. I am happy with the 6.x AntiVirus Product but I was disappointed with the new ERA appliance. Lack of good or relevant documentation and the automatic (until 6.3) installation of the Apache Caching Server on the Appliance were my two biggest issues at first. As for the product automatically managing and upgrading my network, I was impressed overall with a few gotchas.

1) For machines that had low disk resources, it was a nightmare. Had to reimage after swapping out drives to large ones. Failed installs kept downloading the code to install again and again, filling up the drive. Weird it didn't simply overwrite. Something for ESET to fix in their code.

2) Had some machines that were in the middle of the January Windows updates and wasn't aware of it. The combined process made the install and updates take 4 hours on the machines that still needed to apply the windows updates after the reboot! ESET, you REALLY need to put some code in to check that the Windows Update status is not waiting on a reboot. I ended up reimaging one shared station because it never recovered... ever.

3) Apache Proxy install on the ESET RA Appliance references the settings for a user/password in the Windows Server install. For some that have zero experience with Linux, that is a definite show stopper. Take the moment to create the document ESET, instead of just referencing it. The Windows Apache install document also needs some clarity.

4) What is up with Updates?!? I have 100 machines that grinded out 10 TB on my ISP in one month alone. That's nuts! Thankfully my ISP waived it for that month even though we have a 1TB cap. Apache Proxy Server fixed that but now I have 10TB a month on my internal network between the caching server and my clients. This was NEVER an issue with 5.x and I will bet that is why ESET was having so many issues with their update servers. Fix the code gents and your over usage bill will go way down. Would also fix your overall issues with the update servers. We only had 100 machines generate 10 TB, I couldn't imagine 100,000 or more at the same time.

5) Only outstanding issues we are now seeing are disk utilization. We see a constant 40 IOPs on our appliance without the cache server installed and now a constant 60 IOPS when we installed the Proxy on the RA Appliance. This is with us extending out the update window to 4 hours, no automatic program upgrades, and a 30 min RA Agent checkin. That is simply bad code guys. There is nothing that should be doing that with only 100 clients. I could imagine a larger install at all. Imagine those companies that still have T1 links or worse.

To ESET: Simply put, 6.x ERA is making headway, but has a long way to go. I understand making sweeping changes to set your future solution up needs to happen and only so much can be caught in testing. Deadlines on your mind, code that won't work no matter what you do, and users vaguely giving you an idea of what is going on but just say "it's broke". I get it it. I was there many times myself. I gave you plenty of info above to help you make a better product and hope you use it. If I were the product director, I would focus on two things. Installing the Apache Proxy server is a must for everyone, so you must make it automatic and guide installers to use it with warnings that are honest. This should be done until you can fix your update issues. The second and more important thing is accurate and timely documentation. Documentation would go a long way to alleviating peoples concerns and allow them to feel as they are part of the process. An uninformed client is an unhappy client. A word of warning... those with less experience or are single man shops will start dropping the product line and that would be a tragedy, as up till now ESET was king to them. They are what sold ESET in the first place. I never heard of ESET through marketing, and much like how Google started, I heard about it through my tech friend. Forgetting where you came from and who made you as big as you are is a death kneel. My hope is you will head all our input, because we love ESET and want it to succeed...

dwomack · February 12, 2016

Thank you @BCVITAdmin for the exceptionally thoughtful and polite feedback. The way in which you stated what the specific issues were, how they manifest, resolution attempts you made, why they're important, and technical suggestions for improvement, gives us something useful that we can bring back to product managers.

I know our technical support guys are ready to help resolve your current issues if they can. They may ask for more technical information (such as logs) to help get a better picture of your environment and how best to resolve your issue, as well as giving our developers the technical info they need to pinpoint the problems so they can improve the products.

I also know our teams responsible for documentation have seen your post and are already working with their counterparts worldwide, to begin crafting and improving documentation within and about the products, features, etc.

Thanks again for your calm and thorough response. We always welcome any feedback but feedback like yours, that includes useful information that we can bring back to those who can make the changes actually happen, is applauded.

Personally, I absolutely applaud the first and last statements in your final section. ERA v6 was specifically created on (and continues to be improved by) customer feedback. It's come a long way from 6.0 to 6.3 but we're certainly not done. Also, I heard about ESET through family. A former colleague convinced me to apply. In my view, ESET has grown and continues to thrive thanks to word-of-mouth recommendations by happy customers that people trust and respect. We'd like to see that continue and we'll never forget from whence we came.

davidenco · February 29, 2016

I don't know how you can say v6 was created specifically based on customer feedback. I've been an ESET customer for several years, going back to the days of XMON v2, and I have never been asked for my feedback on the v5 interface or any suggestions on how to to improve the product. There is no excuse for this, since we have always renewed our Exchange and Endpoint licenses on an annual basis using the same details.

There was nothing wrong with the v5 UI. It worked didn't it? I have tried the v6 interface myself and it's a completely different product in my opinion, and likewise it should have been sold as a different product. Have you noticed what Microsoft do when they increment the version number? They keep the interface more or less the same, i.e. task bar, system tray, start button etc. I'm surprised by how unfinished v6 still feels; it's been out their for over a year already - what have you been doing to finish the product?

Personally I have no plans to move across to v6 unless ESET engage brain and bring back the traditional UI and the product we are all familiar with. If not, then as and when you stop supporting Endpoint v5 or ERA v5 (whichever comes first), I will be moving away from ESET. Hopefully it won't come to that but given the way you're heading with ERA v6, I'm not expecting you to do anything with this feedback.

Edited February 29, 2016 by davidenco

MichalJ · February 29, 2016

Dear davidenco,

Thank you for your feedback.

I would like to react to couple of your statements from your recent post, and clarify them / provide additional information, to give you greater picture.

ESET has hundreds of thousands customers worldwide, and of course, we have not been able to interview every one of them. Before proceeding with the development of UX for ERA 6, we have conducted customer research, focusing on "how are our customers using ERA". This was done with existing ERA 5 customers. Knowledge gained during this research helped us to modify some of the usage flows, to make them more intuitive. Issue is, that we have interviewed mostly customers, that were somehow not-happy with the old interface of ESET Remote Administrator, and have considered it as not being up-to-date, and being difficult to navigate / use.

I agree, that there were no major functional problems with V5. The product itself was a 10 year evolution of our very first ERA console, which means, that it has been fine-tuned, by years of customer experience. However, it reached its limits, from the perspective of performance, and potential for future evolution (support for new products, that ESET is working on or is planning to work on). Therefore a decision was made, to code a new generation of ESET Remote Administrator that would be the "foundation" for future expansion of ESET towards more demanding business & enterprise customers.

Before the release, this project was internally referenced as G2 (G = Generation). I Agree, that we have not emphasized enough communicating that it really is a new generation, as the increase of version number to 6 have indicated our existing customers, that it is another evolutionary release of what they have known for years.

What I am really curious about is your statement about V6 being unfinished product. What are the things, that are missing from your POW and are preventing you to switch? Many of people here were complaining about V6 not being able to do the things V5 was doing, without stating any specific examples. We are working hard to improve the user experience of V6 as we want to keep our existing customers. So we are really eager to hear, what we should do, to make you happy. You can send me a private message if you want, or post your findings publicly here. I will make sure, that it will reach the people in charge.

Concerning your last topic I want to be open with you. ESET is not planning to bring the old UI of ERA 5 (native Win32 application) back anytime soon as the V5 ERA is out of development (no future release is planned at the moment). All new Endpoint / Server products will be supported only with ESET Remote Administrator 6. However, we are planning to provide continuous patches & support for new Windows versions for ESET Endpoint Antivirus / Security 5 (at least during 2016).

During entire 2016 we are also focusing on analyzing the feedback from our existing customers about V6 issues, and are working hard to resolve them. Either by changing / improving / adding functionality to the on-premise ERA 6 (there are two releases planned for 2016, one currently scheduled for summer, one for winter) but also by working on a new Cloud-based console, that should be more tailored for our SMB customers (greatly simplified). As soon as the console reaches beta phase, we will offer you a chance, to test the product, and provided feedback.

Edited February 29, 2016 by MichalJ

Unigarant Verzekeringen · March 1, 2016

First of all: good to see replies by ESET staff in this thread. It tells me you are now indeed listening to customers' feedback.

We are now using version 6.3 of ERA and we are still having some issues. Some of them (reset cloned agents) we have already escalated through ESET Netherlands.

Since version 6.3 we have seen big improvements, specifically for tasks. However, I do hope that the agent/av itself receive some love as well: in all the years we have been using ESET we hever had any problems with installing clients. Untill version 6.2 of the clients and agents: msi installer failures over and over on all of our machines. It has been fixed in 6.3, but still...

I hope you can reply to our no-go and other issues:

1: No-go for deployment on all our vdi's: reset cloned agent.
We deploy a new machine for everyone that logs on to our enviroment. After the log off the machine is immediatly deleted. With the current setup we are not able to reset the agents of cloned machines during boot or when entering the domain. This means we have lots of machines using the same agent id. Resetting the agents every minute is not an option as you can imagine. This need to be fixed before we can deploy version 6 to our vdi enviroment. I know we might be a bit ahead of a lot of companies in this area, we are very willing to help ESET fix this issue (testing, thoughts, etc.). If you would like our help on this please let us know!

2: Annoying: no synced active directory groups.
We, as do many other companies, have setup AD groups for particular workstations/servers. Either for testing, rolling out software, etc. ERA6 does NOTHING with these groups. It only uses OU's. I mean: you are not going to put a machine in a different OU to roll out some software or test something. Dynamic groups mostly don't cover the needs, which means a lot of manual work or workarounds

3: Annoying: not working dynamic group templates.
This is probably also due to lack of documentation. It is not always clear what syntax to use in particular dynamic group triggers. Some examples might be nice. Also just document where it will check for particular info. For example: I want to create a trigger for a machine that has some software installed. Where does it look for the exact name of this software? WMI query? I have one job that should check for "ESET File Security" that simply does nothing whilst the EXACT SAME job that checks for "Remote Administrator Agent" works absolutely fine and shows all the machines. After having 3 colleague's look at it we concluded it is a bug and gave up...

All things considered we still like ESET (even with the bad definition update yesterday...) but it would have saved us at least 80 ours of work if we had just upgraded our v5 license and installed v5 on all of our servers. I am glad to see it is going in the right direction, but still a bit dissapointed about how it started off.

bbahes · March 1, 2016

Dear davidenco,

Thank you for your feedback.

I would like to react to couple of your statements from your recent post, and clarify them / provide additional information, to give you greater picture.

ESET has hundreds of thousands customers worldwide, and of course, we have not been able to interview every one of them. Before proceeding with the development of UX for ERA 6, we have conducted customer research, focusing on "how are our customers using ERA". This was done with existing ERA 5 customers. Knowledge gained during this research helped us to modify some of the usage flows, to make them more intuitive. Issue is, that we have interviewed mostly customers, that were somehow not-happy with the old interface of ESET Remote Administrator, and have considered it as not being up-to-date, and being difficult to navigate / use.

I agree, that there were no major functional problems with V5. The product itself was a 10 year evolution of our very first ERA console, which means, that it has been fine-tuned, by years of customer experience. However, it reached its limits, from the perspective of performance, and potential for future evolution (support for new products, that ESET is working on or is planning to work on). Therefore a decision was made, to code a new generation of ESET Remote Administrator that would be the "foundation" for future expansion of ESET towards more demanding business & enterprise customers.

Before the release, this project was internally referenced as G2 (G = Generation). I Agree, that we have not emphasized enough communicating that it really is a new generation, as the increase of version number to 6 have indicated our existing customers, that it is another evolutionary release of what they have known for years.

What I am really curious about is your statement about V6 being unfinished product. What are the things, that are missing from your POW and are preventing you to switch? Many of people here were complaining about V6 not being able to do the things V5 was doing, without stating any specific examples. We are working hard to improve the user experience of V6 as we want to keep our existing customers. So we are really eager to hear, what we should do, to make you happy. You can send me a private message if you want, or post your findings publicly here. I will make sure, that it will reach the people in charge.

Concerning your last topic I want to be open with you. ESET is not planning to bring the old UI of ERA 5 (native Win32 application) back anytime soon as the V5 ERA is out of development (no future release is planned at the moment). All new Endpoint / Server products will be supported only with ESET Remote Administrator 6. However, we are planning to provide continuous patches & support for new Windows versions for ESET Endpoint Antivirus / Security 5 (at least during 2016).

During entire 2016 we are also focusing on analyzing the feedback from our existing customers about V6 issues, and are working hard to resolve them. Either by changing / improving / adding functionality to the on-premise ERA 6 (there are two releases planned for 2016, one currently scheduled for summer, one for winter) but also by working on a new Cloud-based console, that should be more tailored for our SMB customers (greatly simplified). As soon as the console reaches beta phase, we will offer you a chance, to test the product, and provided feedback.

First I have to thank you for listening and reading our posts here regarding v6.

Second, my two companies that have together 100 clients have extended licenses for one more year since we are very happy with v5 product we are monitoring v6 development and have postponed decision for antivirus switch on to next year.

The main reason we don't need product like v6 is usability on administration side. For example, yesterday you had problem with your antivirus definition database. With the blazing speed I was able to see that version is 13102 on my ERA v5 server and that clients most probably have this version since they don't have any other way to download definition update other than mirror. This is very important to us, because with your v6 solution you force us to use third party product that only routes clients to your servers and I have no easy way to see which version is current. I say no easy way because you force us to use HTML interface to customize this interface in very strange way. In v5 I only had to click Tools - Server Options... - Updates and BANG! all information is in single location.

Having console information with all clients listed in first plan and with single click of mouse to open Threat log and see what is threat on clients (that self updates, no HTML refresh!) is something your team should have foreseen even for "next gen" product.

Having control of update on single point like mirror is mayor thing for us. You helped with mirror tool for v6 but this is not as easy as v5 was.

With selecting all my clients and with few clicks (in responsive console interface) I was able to push new database to clients in few seconds. I was very confident in my actions knowing that all my clients will get database from ERA server and all almost at same time. With v6 you force everything with so many clicks and page refresh. This is in moment of panic like yesterday frustrating. And I wonder did I click that HTML button did it send HTTP POST to ERA...

What about situations where I am unable to connect to ERA web interface? Don't you think there should be some alternative?

Do you really think sys admins love administration tools in HTML? We do, but when we monitor things that are not critical, like I do with Unifi wifi controller. But when things get complicated we need robust tools like console management.

If there is no plan to change this, and as you say there is none I expect that you at least return mirror feature within interface. Do you think that would be possible?

Thanks again for reading!

Regards.

Edited March 1, 2016 by bbahes

Unigarant Verzekeringen · March 1, 2016

Dear davidenco,

Thank you for your feedback.

I would like to react to couple of your statements from your recent post, and clarify them / provide additional information, to give you greater picture.

ESET has hundreds of thousands customers worldwide, and of course, we have not been able to interview every one of them. Before proceeding with the development of UX for ERA 6, we have conducted customer research, focusing on "how are our customers using ERA". This was done with existing ERA 5 customers. Knowledge gained during this research helped us to modify some of the usage flows, to make them more intuitive. Issue is, that we have interviewed mostly customers, that were somehow not-happy with the old interface of ESET Remote Administrator, and have considered it as not being up-to-date, and being difficult to navigate / use.

I agree, that there were no major functional problems with V5. The product itself was a 10 year evolution of our very first ERA console, which means, that it has been fine-tuned, by years of customer experience. However, it reached its limits, from the perspective of performance, and potential for future evolution (support for new products, that ESET is working on or is planning to work on). Therefore a decision was made, to code a new generation of ESET Remote Administrator that would be the "foundation" for future expansion of ESET towards more demanding business & enterprise customers.

Before the release, this project was internally referenced as G2 (G = Generation). I Agree, that we have not emphasized enough communicating that it really is a new generation, as the increase of version number to 6 have indicated our existing customers, that it is another evolutionary release of what they have known for years.

What I am really curious about is your statement about V6 being unfinished product. What are the things, that are missing from your POW and are preventing you to switch? Many of people here were complaining about V6 not being able to do the things V5 was doing, without stating any specific examples. We are working hard to improve the user experience of V6 as we want to keep our existing customers. So we are really eager to hear, what we should do, to make you happy. You can send me a private message if you want, or post your findings publicly here. I will make sure, that it will reach the people in charge.

Concerning your last topic I want to be open with you. ESET is not planning to bring the old UI of ERA 5 (native Win32 application) back anytime soon as the V5 ERA is out of development (no future release is planned at the moment). All new Endpoint / Server products will be supported only with ESET Remote Administrator 6. However, we are planning to provide continuous patches & support for new Windows versions for ESET Endpoint Antivirus / Security 5 (at least during 2016).

During entire 2016 we are also focusing on analyzing the feedback from our existing customers about V6 issues, and are working hard to resolve them. Either by changing / improving / adding functionality to the on-premise ERA 6 (there are two releases planned for 2016, one currently scheduled for summer, one for winter) but also by working on a new Cloud-based console, that should be more tailored for our SMB customers (greatly simplified). As soon as the console reaches beta phase, we will offer you a chance, to test the product, and provided feedback.

First I have to thank you for listening and reading our posts here regarding v6.

Second, my two companies that have together 100 clients have extended licenses for one more year since we are very happy with v5 product we are monitoring v6 development and have postponed decision for antivirus switch on to next year.

The main reason we don't need product like v6 is usability on administration side. For example, yesterday you had problem with your antivirus definition database. With the blazing speed I was able to see that version is 13102 on my ERA v5 server and that clients most probably have this version since they don't have any other way to download definition update other than mirror. This is very important to us, because with your v6 solution you force us to use third party product that only routes clients to your servers and I have no easy way to see which version is current. I say no easy way because you force us to use HTML interface to customize this interface in very strange way. In v5 I only had to click Tools - Server Options... - Updates and BANG! all information is in single location.

Having console information with all clients listed in first plan and with single click of mouse to open Threat log and see what is threat on clients (that self updates, no HTML refresh!) is something your team should have foreseen even for "next gen" product.

Having control of update on single point like mirror is mayor thing for us. You helped with mirror tool for v6 but this is not as easy as v5 was.

With selecting all my clients and with few clicks (in responsive console interface) I was able to push new database to clients in few seconds. I was very confident in my actions knowing that all my clients will get database from ERA server and all almost at same time. With v6 you force everything with so many clicks and page refresh. This is in moment of panic like yesterday frustrating. And I wonder did I click that HTML button did it send HTTP POST to ERA...

What about situations where I am unable to connect to ERA web interface? Don't you think there should be some alternative?

Do you really think sys admins love administration tools in HTML? We do, but when we monitor things that are not critical, like I do with Unifi wifi controller. But when things get complicated we need robust tools like console management.

If there is no plan to change this, and as you say there is none I expect that you at least return mirror feature within interface. Do you think that would be possible?

Thanks again for reading!

Regards.

bbahes

We are an insurance company and thus have to comply with a lot of policies. Which means none of our machines have direct internet access.

It took some effort, but everything accept for the agent deployment, is done "offline" in our company.

We have all of our 150+ servers and 400+ workstations available in one view. Rolling back the definitions yesterday took te exact same amount of time on ERA6 and ERA5: less than 2 minutes for all clients to revert (we use both, migrating now). Just saying: it is possible not to route it through ESET and have the same amount of control you have in v5. We use an update proxy (mirror) and the shared local cache. There is only one machine in our network that is allowed to get updates directly from the internet. That beïng said: it takes much more effort to setup initialy than v5 which just works. (The agent we still download from the internet, simply did not get an offline install to work...).

If you need help setting up a local mirror you may send me a pm, should not be a problem.

The webinterface is better in 6.3, and I can understand why they chose a webinterface. Resellers of ESET are able to manage multiple installations. However: they certainly did not think this through. They should have known a lot of clients want the same kind of install as with 5: single mirror for all the clients. I think they are listening though

bbahes · March 1, 2016

Dear davidenco,

Thank you for your feedback.

I would like to react to couple of your statements from your recent post, and clarify them / provide additional information, to give you greater picture.

ESET has hundreds of thousands customers worldwide, and of course, we have not been able to interview every one of them. Before proceeding with the development of UX for ERA 6, we have conducted customer research, focusing on "how are our customers using ERA". This was done with existing ERA 5 customers. Knowledge gained during this research helped us to modify some of the usage flows, to make them more intuitive. Issue is, that we have interviewed mostly customers, that were somehow not-happy with the old interface of ESET Remote Administrator, and have considered it as not being up-to-date, and being difficult to navigate / use.

I agree, that there were no major functional problems with V5. The product itself was a 10 year evolution of our very first ERA console, which means, that it has been fine-tuned, by years of customer experience. However, it reached its limits, from the perspective of performance, and potential for future evolution (support for new products, that ESET is working on or is planning to work on). Therefore a decision was made, to code a new generation of ESET Remote Administrator that would be the "foundation" for future expansion of ESET towards more demanding business & enterprise customers.

Before the release, this project was internally referenced as G2 (G = Generation). I Agree, that we have not emphasized enough communicating that it really is a new generation, as the increase of version number to 6 have indicated our existing customers, that it is another evolutionary release of what they have known for years.

What I am really curious about is your statement about V6 being unfinished product. What are the things, that are missing from your POW and are preventing you to switch? Many of people here were complaining about V6 not being able to do the things V5 was doing, without stating any specific examples. We are working hard to improve the user experience of V6 as we want to keep our existing customers. So we are really eager to hear, what we should do, to make you happy. You can send me a private message if you want, or post your findings publicly here. I will make sure, that it will reach the people in charge.

Concerning your last topic I want to be open with you. ESET is not planning to bring the old UI of ERA 5 (native Win32 application) back anytime soon as the V5 ERA is out of development (no future release is planned at the moment). All new Endpoint / Server products will be supported only with ESET Remote Administrator 6. However, we are planning to provide continuous patches & support for new Windows versions for ESET Endpoint Antivirus / Security 5 (at least during 2016).

During entire 2016 we are also focusing on analyzing the feedback from our existing customers about V6 issues, and are working hard to resolve them. Either by changing / improving / adding functionality to the on-premise ERA 6 (there are two releases planned for 2016, one currently scheduled for summer, one for winter) but also by working on a new Cloud-based console, that should be more tailored for our SMB customers (greatly simplified). As soon as the console reaches beta phase, we will offer you a chance, to test the product, and provided feedback.

First I have to thank you for listening and reading our posts here regarding v6.

Second, my two companies that have together 100 clients have extended licenses for one more year since we are very happy with v5 product we are monitoring v6 development and have postponed decision for antivirus switch on to next year.

The main reason we don't need product like v6 is usability on administration side. For example, yesterday you had problem with your antivirus definition database. With the blazing speed I was able to see that version is 13102 on my ERA v5 server and that clients most probably have this version since they don't have any other way to download definition update other than mirror. This is very important to us, because with your v6 solution you force us to use third party product that only routes clients to your servers and I have no easy way to see which version is current. I say no easy way because you force us to use HTML interface to customize this interface in very strange way. In v5 I only had to click Tools - Server Options... - Updates and BANG! all information is in single location.

Having console information with all clients listed in first plan and with single click of mouse to open Threat log and see what is threat on clients (that self updates, no HTML refresh!) is something your team should have foreseen even for "next gen" product.

Having control of update on single point like mirror is mayor thing for us. You helped with mirror tool for v6 but this is not as easy as v5 was.

With selecting all my clients and with few clicks (in responsive console interface) I was able to push new database to clients in few seconds. I was very confident in my actions knowing that all my clients will get database from ERA server and all almost at same time. With v6 you force everything with so many clicks and page refresh. This is in moment of panic like yesterday frustrating. And I wonder did I click that HTML button did it send HTTP POST to ERA...

What about situations where I am unable to connect to ERA web interface? Don't you think there should be some alternative?

Do you really think sys admins love administration tools in HTML? We do, but when we monitor things that are not critical, like I do with Unifi wifi controller. But when things get complicated we need robust tools like console management.

If there is no plan to change this, and as you say there is none I expect that you at least return mirror feature within interface. Do you think that would be possible?

Thanks again for reading!

Regards.

bbahes
We are an insurance company and thus have to comply with a lot of policies. Which means none of our machines have direct internet access.

It took some effort, but everything accept for the agent deployment, is done "offline" in our company.

We have all of our 150+ servers and 400+ workstations available in one view. Rolling back the definitions yesterday took te exact same amount of time on ERA6 and ERA5: less than 2 minutes for all clients to revert (we use both, migrating now). Just saying: it is possible not to route it through ESET and have the same amount of control you have in v5. We use an update proxy (mirror) and the shared local cache. There is only one machine in our network that is allowed to get updates directly from the internet. That beïng said: it takes much more effort to setup initialy than v5 which just works. (The agent we still download from the internet, simply did not get an offline install to work...).

If you need help setting up a local mirror you may send me a pm, should not be a problem.

The webinterface is better in 6.3, and I can understand why they chose a webinterface. Resellers of ESET are able to manage multiple installations. However: they certainly did not think this through. They should have known a lot of clients want the same kind of install as with 5: single mirror for all the clients. I think they are listening though

I was able to setup everything you say in my test lab, because we also have many workstations in network that don't have any internet access, however it took so much more effort than in v5 as you said. For our full switch this has to be simplified and documented. I agree 6.3 is better, and we hope next two releases will bring even more reason to switch to v6, that is why we extended our license for one year more.

j-gray · March 2, 2016

We recently moved to ESET 6 from another competing AV, so I can't compare it to previous versions of ESET. One of the reasons we chose ESET was because of the feature and gui parity between OS X and Windows clients and the ability to manage both from the same interface. This is important in a mixed environment.

I prefer an MMC to a web gui for management, as it's always more flexible and more functional. However, because I work primarily on a Mac, I appreciate the fact that the RA is browser-based.

That said, I have two complaints that are major issues for us, which will likely cause us to not renew our 1500 licenses.

There needs to be a better option for detecting unprotected clients and auto-installing at least the agent. Group Policy is not a deployment option for OS X. And RDS is not a viable option for environments with multiple sites and multiple subnets per site. Further, there is no RDS application for OS X devices, leaving no options for OS X-only subnets. And finally, WinPcap (the basis for Windows RDS), hasn't been updated or patched for 3 years -meaning potential security issues and compatibility issues with Windows 10. The RA server should be able to perform this, as well as an OS fingerprint without an agent so workstations can be placed into proper groups prior to agent install.
There needs to be a better method for deploying and/or managing the agent via imaging. Any time a technician deploys an image, they have to send me the name/ip of the system so I can run the 'Reset Cloned Agent' task. If they're imaging multiple systems at a time, which is common, they need to track all those workstations and send me lists. There should be a simple command-line and terminal option within the agent so the SID can be stripped prior to imaging. The SID can then be generated when the new workstation comes online and there is no need for configuring multiple clone tasks.

We like the product for the most part, however, it falls short in a mixed Enterprise environment.

MichalJ · March 2, 2016

@Unigarant
Thank you for your valid feedback. Concerning the points, you have mentioned:

AD: Cloning of virtual machines / support for base image - we have an improvement request in place. Based on the feedback we are gathering from our partners (and also here on the forum) this topic is getting higher in the list of the issues to be solved. As of now, I can´t tell you a specific version that we are going to solve this in, however it´s tracked, and we are working on finding a solution for this problem.

AD: Security groups. I will try to get a statement from the developers about possible solution. Dynamic groups are different concept when compared to parametric groups in the old ERA, and are not replacing those. This request will be partially addressed in the summer release, where you will be able to export an agent installer, that would point towards a specific static group upon installation. Sync of AD Security Groups was required by some customers before, but is as of now not placed "high enough" in the priority list to allow me to say, that it would be fixed with certainty during 2016.

AD: Not-working dynamic group. I have asked our QA guys, to verify. In the very last version of ERA, and with the last build of EFSW it works as supposed (screenshots attached)

@j-gray

Thank you as well for your valid feedback. I understand the problems you are describing. Per my comments above, the support for imaging of machines using a default image and executing "reset cloned agent" task automatically to generate new agent UUID we are already tracking improvements for, and comments like yours puts this issue higher in the priority list. I believe we should be able to have a solution for you prior to the expiration of your license.

Concerning the other issue, I will try to discuss this with developers. However, if I may ask, how this was solved with the previous solution you were using. We are trying to extend and improve our portfolio, to provide the same functional parity for both Windows and OS X users, so addressing OS X only environments is a valid requirement.

@bbahes

We are currently in discussions, about what to do with our V5 users, and giving them more streamlined user experience upon migration. As this is still being analyzed, I can´t make you any promise, that we will return the mirror back as it was before, but we will certainly work hard, to improve the user experience, and improve the migration from V5 to V6 concerning this point. We are also really hard working on improving the entire V6 documentation, improved documentation content will be released during 2016, either for existing and new features.

Edited March 2, 2016 by MichalJ

j-gray · March 2, 2016

Concerning the other issue, I will try to discuss this with developers. However, if I may ask, how this was solved with the previous solution you were using. We are trying to extend and improve our portfolio, to provide the same functional parity for both Windows and OS X users, so addressing OS X only environments is a valid requirement.

Thanks for your reply and consideration.

Solutions I've used in the past all offer scanning by IP range and/or subnet, as well as Windows network polling (NetBIOS) from the central console. Systems are then flagged as offline, online, or online with agent installed. From these results, online systems without an agent installed can be easily seen and selected for agent install. For Windows systems without agent installed, NetBIOS can identify the OS. I'm not sure what was used for OS X fingerprint -perhaps simply ICMP response info or other.

Here are some details on Kaspersky, which I've used in the past: hxxp://support.kaspersky.com/learning/courses/kl_102.98/chapter1.4/section1

Symantec had its own network audit tool that worked very well across multiple subnets: https://support.symantec.com/en_US/article.TECH100454.html

Hope that helps. This is a much needed feature for us, as presently we have no good way to tell what systems are running with no AV.

Sign In

Not happy with ERA 6

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Recently Browsing 0 members

Quick search

FAQ

Topics