Jump to content

ERAS 6 Crashed.

Sarvesh Singh

By Sarvesh Singh
in ESET Endpoint Products

 Share

Recommended Posts

Sarvesh Singh

Sarvesh Singh 1

Posted
Posted

Hi,

 

I have installed ERAS 6.2 around two months back and agents & client AV installed on approx 500 users,

 

Yesterday due to some issue my Server got crashed and I am unable to recover the system, hence I have installed new ERA server on different system.

 

As per my knowledge, to make the communication between Agent and new ERAS I have to follow one of the below steps,

 

1) I have to re-add the certificate and change the IP by repairing ERA Agent in each and every system manually

2) I can perform remote deployment of agent from ERA WebConsole,
3) Installation through live installer batch file 

 

As per the point 1, manual installation is not possible to do in all 500 workstations.

In scenario 2, many of workstations are not connected to the internet for remote deployment,

Point #3 again asking to run agent live installer in every workstation manually, which requires manpower to install in 500 clients and it is also a time consuming task.

 

So kindly let me know if any other way available to make communication between agent and new ERAS other than above method.

 

 

Link to comment
Share on other sites
  • ESET Staff
MartinK

MartinK 378

Posted
  • ESET Staff
Posted (edited)

Hi,

 

I have installed ERAS 6.2 around two months back and agents & client AV installed on approx 500 users,

 

Yesterday due to some issue my Server got crashed and I am unable to recover the system, hence I have installed new ERA server on different system.

 

As per my knowledge, to make the communication between Agent and new ERAS I have to follow one of the below steps,

 

1) I have to re-add the certificate and change the IP by repairing ERA Agent in each and every system manually

2) I can perform remote deployment of agent from ERA WebConsole,

3) Installation through live installer batch file 

 

As per the point 1, manual installation is not possible to do in all 500 workstations.

In scenario 2, many of workstations are not connected to the internet for remote deployment,

Point #3 again asking to run agent live installer in every workstation manually, which requires manpower to install in 500 clients and it is also a time consuming task.

 

So kindly let me know if any other way available to make communication between agent and new ERAS other than above method.

Hello,

 

preferred solution in this case if configuring new SERVER installation to use certificates from old installation, but that requires you to have backup of them (or at least backup of database from previous installation).

Edited by MartinK
Link to comment
Share on other sites
Sarvesh Singh

Sarvesh Singh 1

Posted
  • Author
Posted

 

Hi,

 

I have installed ERAS 6.2 around two months back and agents & client AV installed on approx 500 users,

 

Yesterday due to some issue my Server got crashed and I am unable to recover the system, hence I have installed new ERA server on different system.

 

As per my knowledge, to make the communication between Agent and new ERAS I have to follow one of the below steps,

 

1) I have to re-add the certificate and change the IP by repairing ERA Agent in each and every system manually

2) I can perform remote deployment of agent from ERA WebConsole,

3) Installation through live installer batch file 

 

As per the point 1, manual installation is not possible to do in all 500 workstations.

In scenario 2, many of workstations are not connected to the internet for remote deployment,

Point #3 again asking to run agent live installer in every workstation manually, which requires manpower to install in 500 clients and it is also a time consuming task.

 

So kindly let me know if any other way available to make communication between agent and new ERAS other than above method.

Hello,

 

preferred solution in this case if configuring new SERVER installation to use certificates from old installation, but that requires you to have backup of them (or at least backup of database from previous installation).

 

 

But we don't have server backup as system got crashed and its data is not accessible.

 

Is there any option to resolve the above issue?

Link to comment
Share on other sites
  • ESET Staff
MartinK

MartinK 378

Posted
  • ESET Staff
Posted

 

 

Hi,

 

I have installed ERAS 6.2 around two months back and agents & client AV installed on approx 500 users,

 

Yesterday due to some issue my Server got crashed and I am unable to recover the system, hence I have installed new ERA server on different system.

 

As per my knowledge, to make the communication between Agent and new ERAS I have to follow one of the below steps,

 

1) I have to re-add the certificate and change the IP by repairing ERA Agent in each and every system manually

2) I can perform remote deployment of agent from ERA WebConsole,

3) Installation through live installer batch file 

 

As per the point 1, manual installation is not possible to do in all 500 workstations.

In scenario 2, many of workstations are not connected to the internet for remote deployment,

Point #3 again asking to run agent live installer in every workstation manually, which requires manpower to install in 500 clients and it is also a time consuming task.

 

So kindly let me know if any other way available to make communication between agent and new ERAS other than above method.

Hello,

 

preferred solution in this case if configuring new SERVER installation to use certificates from old installation, but that requires you to have backup of them (or at least backup of database from previous installation).

 

 

But we don't have server backup as system got crashed and its data is not accessible.

 

Is there any option to resolve the above issue?

 

 

Unfortunately there is no easy way. Technically there are two problems in communication that has to be solved:

  1. SERVER is rejecting client connections because it is missing CA certificate that was used to sign AGENTs peer certificates (old CA certificate)
  2. AGENTs are rejecting connection to SERVER because they are missing CA certificate that was used to sign SERVERs certificate (new CA certificate)

Point 1 can be solved by importing old CA certificate(s) into new SERVER installation using Webconsole <- but you will have to recover old CA certificate (public part). I guess it is the same certificate you used to install AGENTs with and it is also embedded in live installer scripts.

 

Point 2 is much more problematic. You have to either repair AGENT installations so that new CA is available for them, or distribute this certificate through their operating systems (i.e. using domain configuration) = adding this certificate into "Local system" certificate store as trusted root certificate.

Link to comment
Share on other sites
Sarvesh Singh

Sarvesh Singh 1

Posted
  • Author
Posted
Yes, lesson learned.

 

The solution is not practical considering the scenario for corporate environment which is going to lead risk in the network due to not updating VSDB which can cause damage to the network. 

 

By any chance can we create or import the old CA certificate from the client workstation, which can be intern imported on the new server which will minimize the human efforts.

 

As customer is comparing with version 5 which have a tool to take backup and restore easily, where in version 6 client have to take the backup with the help of SQL management studio, which will require good knowledge about database management which is again practically not possible since ERAS6 installed right from 5 user to n number of users. People can't afford to have database manager for this particular task.

 

So I expect simple and practically viable solution. especially in case of disaster. Also we expect scheduler to take backup on regular basis on user specific location to avoid such a disaster.

 

For the reference where ERA 5 is providing easy process for database backup & restoration: hxxp://support.eset.com/kb2718
Link to comment
Share on other sites
  • 2 weeks later...
  • ESET Insiders
rekun

rekun 43

Posted
  • ESET Insiders
Posted

First off, if you have 500 clients connected to your era, then you should have made a backup of that server. Simple as that.

 

I dont think you can restore the certificate from the clients, as these do not hold the root certificate, which is what you need. Distributing the root certificate to the clients would be a security risk.

 

Taking a backup with SQL Management Studio is just as easy as taking af backup from the old era5. In addition to that, you can use the skills you have learned when you not to backup/restore other sql databases.

 

However the real solution is to use some kind of real backup solutions, and all backup solutions today support backup and restore of SQL servers.

 

You do not require a database manager to backup/restore databases, all it administrators should be able to do that.

 

I acutally like the change to SQL, as that brings the backup/restore process inline with other line of business applications.

 

On the other hand, I do think that working with ERA6 is more complex than with ERA5, but on the other hand you get much more features when you learn the new way to work with ERA.

 

Having 500 cliens, you should definitely appreciate this.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...