hari.senen 3 Posted December 10, 2015 Share Posted December 10, 2015 (edited) I'm Using ERA 6.2 in centos 7 and try to use apache or squid 3 for distribute cache. the problem is when use apache proxy our user didn't download the update from apache cache. i tested the user with internet connection and user without internet connection. user without internet connection won't update from cache i use the configuration from here hxxp://help.eset.com/era_install/62/en-US/index.html?http_proxy_installation_linux.htm secondly i test it with squid 3 since apache didn't give enough information about miss or hit in their log i use the configuration from here hxxp://help.eset.com/era_install/62/en-US/index.html?squid.htm and when i test it again the result is still same. ended with TCP_MISS from all our user instead of TCP_HIT. it would be useless to distribute the update if apache proxy and squid 3 can't cache the update for user or is there any configuration i must add for our client to succesfully update from proxy (apache proxy and squid 3) Edited December 10, 2015 by hari.senen Link to comment Share on other sites More sharing options...
bbahes 29 Posted December 10, 2015 Share Posted December 10, 2015 Are your client's that don't have internet access blocked in some way? I'm only guessing that apache or squid for caching content would require client to have allready established connection to address you are accessing but actual content would be downloaded from cache... You could try your luck with: hxxp://help.eset.com/era_install/62/en-US/index.html?mirror_tool_linux.htm Link to comment Share on other sites More sharing options...
hari.senen 3 Posted December 10, 2015 Author Share Posted December 10, 2015 (edited) Are your client's that don't have internet access blocked in some way? I'm only guessing that apache or squid for caching content would require client to have allready established connection to address you are accessing but actual content would be downloaded from cache... You could try your luck with: hxxp://help.eset.com/era_install/62/en-US/index.html?mirror_tool_linux.htm if i'm not wrong the reason why ERA 6 use apache or squid for distribute update is for replacing the mirror function in ERA 5. Apache HTTP Proxy is a service that can be used in combination with ESET Remote Administrator 6 and later to distribute updates to client computers and installation packages to the ERA Agent. HTTP Proxy performs a similar role to the mirror server feature popular in ESET Remote Administrator 5 and earlier. Using HTTP Proxy offers the following benefits: o Downloads new virus signature database updates and product component updates and then distributes them to clients on your network. o Can cache ESET product installation packages. o Minimized internet traffic on your network. hxxp://help.eset.com/era_install/62/en-US/http_proxy_installation_windows.htm hxxp://support.eset.com/kb3637/?locale=en_US i run test for a few client only update through my proxy not directly to the internet. how am i supposed to minimized internet traffic on my network if my squid log said TCP_MISS when our user update the internet with proxy enable ? it's the same thing with direct update through the internet. the point in cache is the user update through cache proxy first, the proxy server (squid) compare with the origin server (ESET) and if the update is the same state as before the user will update through the cache (hit state) if the origin server newer than cache then the user will update directly and proxy save the download cache (miss state). if hit, it means save more bandwith because not using the bandwith connection. i didn't see hit or miss status in apache log (only get) but in squid log i only see miss log instead off hit log when update same database in different user. i don't wanna use mirror tools because : The mirror tool downloads virus database definitions only it's use one of my license. if i purchase 10 seat ESET, i need to purchase 11 because i must create 1 offline license for mirror tools to served our 10 client Edited December 10, 2015 by hari.senen Link to comment Share on other sites More sharing options...
bbahes 29 Posted December 11, 2015 Share Posted December 11, 2015 Are your client's that don't have internet access blocked in some way? I'm only guessing that apache or squid for caching content would require client to have allready established connection to address you are accessing but actual content would be downloaded from cache... You could try your luck with: hxxp://help.eset.com/era_install/62/en-US/index.html?mirror_tool_linux.htm if i'm not wrong the reason why ERA 6 use apache or squid for distribute update is for replacing the mirror function in ERA 5. Apache HTTP Proxy is a service that can be used in combination with ESET Remote Administrator 6 and later to distribute updates to client computers and installation packages to the ERA Agent. HTTP Proxy performs a similar role to the mirror server feature popular in ESET Remote Administrator 5 and earlier. Using HTTP Proxy offers the following benefits: o Downloads new virus signature database updates and product component updates and then distributes them to clients on your network. o Can cache ESET product installation packages. o Minimized internet traffic on your network. hxxp://help.eset.com/era_install/62/en-US/http_proxy_installation_windows.htm hxxp://support.eset.com/kb3637/?locale=en_US i run test for a few client only update through my proxy not directly to the internet. how am i supposed to minimized internet traffic on my network if my squid log said TCP_MISS when our user update the internet with proxy enable ? it's the same thing with direct update through the internet. the point in cache is the user update through cache proxy first, the proxy server (squid) compare with the origin server (ESET) and if the update is the same state as before the user will update through the cache (hit state) if the origin server newer than cache then the user will update directly and proxy save the download cache (miss state). if hit, it means save more bandwith because not using the bandwith connection. i didn't see hit or miss status in apache log (only get) but in squid log i only see miss log instead off hit log when update same database in different user. i don't wanna use mirror tools because : The mirror tool downloads virus database definitions only it's use one of my license. if i purchase 10 seat ESET, i need to purchase 11 because i must create 1 offline license for mirror tools to served our 10 client An answer to your first statement, it's not complete replacement, as you can see in red text. It's just proxy+cache server. It does not leave you much to control. Have you tried testing clients that have internet access and see log? Offline mirror tool is result of pressure from customers, that need to update clients that have no internet access. As constant request I have posted here on forum that update process (definitions + product) has to be controlled on server with proper UI and settings. They have promised to implement product update in Offline mirror tool in future. Link to comment Share on other sites More sharing options...
hari.senen 3 Posted December 11, 2015 Author Share Posted December 11, 2015 Are your client's that don't have internet access blocked in some way? I'm only guessing that apache or squid for caching content would require client to have allready established connection to address you are accessing but actual content would be downloaded from cache... You could try your luck with: hxxp://help.eset.com/era_install/62/en-US/index.html?mirror_tool_linux.htm if i'm not wrong the reason why ERA 6 use apache or squid for distribute update is for replacing the mirror function in ERA 5. Apache HTTP Proxy is a service that can be used in combination with ESET Remote Administrator 6 and later to distribute updates to client computers and installation packages to the ERA Agent. HTTP Proxy performs a similar role to the mirror server feature popular in ESET Remote Administrator 5 and earlier. Using HTTP Proxy offers the following benefits: o Downloads new virus signature database updates and product component updates and then distributes them to clients on your network. o Can cache ESET product installation packages. o Minimized internet traffic on your network. hxxp://help.eset.com/era_install/62/en-US/http_proxy_installation_windows.htm hxxp://support.eset.com/kb3637/?locale=en_US i run test for a few client only update through my proxy not directly to the internet. how am i supposed to minimized internet traffic on my network if my squid log said TCP_MISS when our user update the internet with proxy enable ? it's the same thing with direct update through the internet. the point in cache is the user update through cache proxy first, the proxy server (squid) compare with the origin server (ESET) and if the update is the same state as before the user will update through the cache (hit state) if the origin server newer than cache then the user will update directly and proxy save the download cache (miss state). if hit, it means save more bandwith because not using the bandwith connection. i didn't see hit or miss status in apache log (only get) but in squid log i only see miss log instead off hit log when update same database in different user. i don't wanna use mirror tools because : The mirror tool downloads virus database definitions only it's use one of my license. if i purchase 10 seat ESET, i need to purchase 11 because i must create 1 offline license for mirror tools to served our 10 client An answer to your first statement, it's not complete replacement, as you can see in red text. It's just proxy+cache server. It does not leave you much to control. Have you tried testing clients that have internet access and see log? Offline mirror tool is result of pressure from customers, that need to update clients that have no internet access. As constant request I have posted here on forum that update process (definitions + product) has to be controlled on server with proper UI and settings. They have promised to implement product update in Offline mirror tool in future. i test with 5 user. 2 user update through internet with proxy. 3 user without internet connection and update through proxy (with username password) and 3 user tested browsing site with this proxy and fine. but stil TCP_MISS in cache when update with squid proxy. As constant request I have posted here on forum that update process (definitions + product) has to be controlled on server with proper UI and settings. They have promised to implement product update in Offline mirror tool in future. ok i get the point but i wanna use to save bandwith with cache as in my country bandwith is still issue, and mirror tools is not that simple as mirror ERA 5 in end user view Link to comment Share on other sites More sharing options...
kaylor 0 Posted April 26, 2016 Share Posted April 26, 2016 I'm Using ERA 6.2 in centos 7 and try to use apache or squid 3 for distribute cache. the problem is when use apache proxy our user didn't download the update from apache cache. i tested the user with internet connection and user without internet connection. user without internet connection won't update from cache i use the configuration from here hxxp://help.eset.com/era_install/62/en-US/index.html?http_proxy_installation_linux.htm secondly i test it with squid 3 since apache didn't give enough information about miss or hit in their log i use the configuration from here hxxp://help.eset.com/era_install/62/en-US/index.html?squid.htm and when i test it again the result is still same. ended with TCP_MISS from all our user instead of TCP_HIT. it would be useless to distribute the update if apache proxy and squid 3 can't cache the update for user or is there any configuration i must add for our client to succesfully update from proxy (apache proxy and squid 3) You can try change this configure in squiq.conf "cache_dir ufs /var/spool/squid3 5000 16 256" to "cache_dir aufs /var/spool/squid3 5000 16 256" Link to comment Share on other sites More sharing options...
Recommended Posts