Jump to content

EES many time connect to 137.135.12.16


Recommended Posts

Hi.​

The firewall logs, I noticed that the ESS tried 100 times to connect to the server 137.135.12.16 within four hours. This does not update server. So what is it and what he wants to connect to it?

 

The second issue of concern to me. How big is the difference in the level of protection between the EES 6.4.2014 and ESS 9.0.381? I just did not like that the EES has Eset Service x86, and ESS x64. Although from a financial point of view to move to EES it was more profitable, but now I'm not so sure.

 

Link to post
Share on other sites
  • Administrators

See hxxp://support.eset.com/kb332/:

ESET Data Framework (Anti-Theft, ESET License Administrator, Parental control):

 edf-pcs.cloudapp.net     137.135.12.16
 edf-pcs2.cloudapp.net     137.117.215.70
 h1-edfspy02-v.eset.com     91.228.165.74
 h1-edfspy02-v.eset.com     91.228.167.40
 h1-arse01-v.eset.com     91.228.166.104
 h1-arse02-v.eset.com     91.228.166.71
 h3-arse01-v.eset.com     91.228.167.64
 h3-arse02-v.eset.com     91.228.167.81
 h5-arse01-v.eset.com     38.90.226.16
 h5-arse02-v.eset.com     38.90.226.17

Link to post
Share on other sites
  • Administrators
The second issue is of concern to me. How big is the difference in the level of protection between the EES 6.4.2014 and ESS 9.0.381?

 

The level of protection is same. The fact that ekrn.exe in EES v6 is 32-bit should not be of concern; in fact we as well as many other vendors have been using a 32-bit kernel service on x64 systems for years. This has changed just recently with the introduction of v9.

Link to post
Share on other sites
  • ESET Staff

We will be adding the 64-bit native scanning core to the Endpoint V7, however road-map for that one is not yet set properly. The only thing I can say is, that it would not be this year. But as Marek stated, the level of protection is the same, core protection features are the same. Of course, there are some differences from the feature perspective, and the business products are remotely manageable, which is not the case of the consumer editions.

Edited by MichalJ
Link to post
Share on other sites

Ok. Thank you for your responses. But it would be more precise. Function Anti-Theft and Parental Control is only at ESS. So it is only in the EES "ESET License Administrator". This function checks whether the user has a license? Therefore, there is a connection attempt to the server 137.135.12.16?

Link to post
Share on other sites
  • ESET Staff

I would suggest to capture network traffic on specific client to be sure - using for example Wireshark. In case it are connections to ELA, client's will be accessing domain ela.eset.com using SSL/TLS connection. Server's SSL/TLS certificate for this ESET service will be the same as on ELA portal (https://ela.eset.com/).

Link to post
Share on other sites
  • ESET Staff

Those requests are representing state, when product "asks" ESET cloud servers, about any configuration changes (in case of consumer products, it is related to antitheft, parental & my.eset.com integration), in case of business, it is related to the new licensing system (product is asking, if the license was not changed, or if the seat was not renamed in the license administrator). However, in general, it should trigger max 20 requests per 4 hours ideally, so it would be very good, if you send us the "seat ID" that you see in the "about" window of your ESET Endpoint Security, so we can find those specific requests and let you know, what have triggered them. You can send me the SeatID in the private message.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...