background image

27

agent_enabled = yes

listen_addr = 

address

listen_port = 

port

username = 

name

password = 

pass

(enter all four values as your own ones) and direct your browser to ’https://address:port’ (note 

the 

https

) and login with ’name/pass’. There are basic usage instructions on the help page. For 

more technical details about 

esets_wwwi

 see the esets_wwwi(1) manual page.

6.6 Remote Administration

ESETS supports ESET Remote Administration for management in large computer networks. 

For more information, please read the Remote Administration Manual.

ESETS  Remote  Administration  Client  is  part  of  main  ESETS  daemon.  For  basic    set    up,  

specify  the  address  of  your ERA Server in ‘racl_server_addr‘ parameter (and ‘racl_password‘ if 

appropriate) in the  global section of ESETS configuration file. All RA Client variables are listed in 

the esets_daemon(8) manual page.

Unix ESETS RA Client has this functionality:

• logins  to  ERA  Server  and  provides System Information, Configuration, Protection Status and 

Features

• configuration can be viewed and changed using ESET Configuration Editor and applied with a 

Configuration Task

• performs On-Demand Scan and Update Now Tasks as requested, with the Scan Logs sent back 

to ERA Server

• sends notable scans performed by ESETS daemon to the Threat Log

• sends all non-debug messages to the Event Log 

It doesn‘t support:

• Firewall Log

• remote installation

chapter 6

 

 

  Important ESET Gateway Security mechanisms

Summary of Contents for GATEWAY SECURITY

Page 1: ...ESET Gateway Security Installation Manual and User s documentation we protect digital worlds ...

Page 2: ... World WideWeb Interface 26 6 6 Remote Administration 27 7 ESET Security system update 29 7 1 ESETS update utility 30 7 2 ESETS update process description 30 8 Let us know 31 A ESETS setup process description 33 A 1 Setting ESETS for scanning of HTTP communication transparent mode 34 A 2 Setting ESETS for scanning of FTP communication transparent mode 34 Appendix A PHP License 37 ESET Gateway Secu...

Page 3: ...Chapter 1 Introduction ...

Page 4: ...ests are sent to All executive daemons except esets_dac run under non privileged user account to enhance security The system supports selective configuration specific for user or client server identification Six logging levels can be configured to get information about system activity and infiltrations Configuration administration and license management can be provided using intuitive and user fri...

Page 5: ...Chapter 2 Terminology and abbreviations ...

Page 6: ...t the RSR package is installed as an add on application i e the primary installation directory is opt eset esets ESETS daemon Main ESETS system control and scanning daemon esets_daemon ESETS base directory ThedirectorywhereESETSloadablemodulescontainingforinstancevirussignaturesdatabase are stored Further in this documentation we use abbreviation BASEDIR for the directory The directory location is...

Page 7: ...ocation is as follows Linux usr sbin Linux RSR opt eset esets sbin FreeBSD usr local sbin NetBSD usr pkg sbin Solaris opt esets sbin ESETS object files directory The directory where the relevant ESET File Security object files and libraries are stored Further in this documentation we use abbreviation LIBDIR for the directory The directory location is as follows Linux usr lib esets Linux RSR opt es...

Page 8: ......

Page 9: ...Chapter 3 Installation ...

Page 10: ...firmed the Acceptance Agreement the installation package is placed into the current working directory and relevant information regarding the package s installation un installation or update is printed into terminal Once the package is installed and the main ESETS service is running in Linux OS you can check its operation by using command ps C esets_daemon In case of BSD OS you can use a command ps...

Page 11: ...Chapter 4 Product s Roadmap ...

Page 12: ...tility modules are particular fraction of the system They are developed to provide simple and effective management of the system They are responsible for relevant system tasks e g license management quarantine management system setup and update Please note a special chapter in this document devoted to the topic CONFIGURATION Proper configuration is the most important condition for the system opera...

Page 13: ... with this knowledge please refer to esets cfg 5 esets_daemon 8 manual page and also to manual pages related to relevant agents ETCDIR certs This directory is used to store the certificates used byESETSWWW Interface for authentication see esets_wwwi 8 for details ETCDIR license This directory is used to store the product s license key s you have acquired from your vendor Note that the ESETS daemon...

Page 14: ......

Page 15: ...Chapter 5 Integration with Internet Gateway services ...

Page 16: ...ations For this purpose a generic ESETS HTTP resp FTP filter esets_ http resp esets_ftp has been developed In order to configure ESET Gateway Security for scanning of HTTP resp FTP messages routed through the network gateway server enter the command esets_setup Follow instructions provided by the script Once Available installations un installations offer appears choose HTTP resp FTP option that wi...

Page 17: ...a Firefox The manual HTTP FTP proxy configuration of esets_http with the Mozilla Firefox is described in general by the left side of the figure 4 2 Note that this configuration allows to install ESET Gateway Security anywhere within the local network including gateway server and also user agent s computer In this example we configure esets_http to listen to port 8080 of the computer with local net...

Page 18: ... when requested again In this example we configure esets_http to listen to port 8080 of the gateway server with local network IP address 192 168 1 10 by specifying the following parameters within http section of ESETS configuration file agent_enabled yes listen_addr 192 168 1 10 listen_port 8080 Note that the parameter listen_addr can be specified either as the host name visible from the local net...

Page 19: ...point out that the deferred scan technique described above presents potential risk for the computer whose user agent requested the infected large file for the first time The risk resists in that even data transfer of an infected object has been deferred some parts of already transferred data can contain executable danger code That is why the ESET developed modification of the deferred scan techniq...

Page 20: ...id installed is 4 2 or higher enter the following commands ln s LIBDIR ssfi esets_ssfi so opt safesquid modules esets_ssfi so ln s LIBDIR ssfi esets_ssfi xml opt safesquid modules esets_ssfi xml If version of Safesquid installed is lower than 4 2 enter the following commands ln s LIBDIR ssfi esets_ssfi so opt safesquid modules esets_ssfi gcc295 so ln s LIBDIR ssfi esets_ssfi xml opt safesquid modu...

Page 21: ...i templates ssfi_not_scanned html opt safesquid ssfi_not_scanned html You have also to add the new templates definitions in the SafeSquid configuration by pressing Add in the Templates section In the list that appears the following parameters have to be defined for infected ESETS blocking page Comment ESET Gateway Security infected template Name esets_infected File ssfi_infected html Mime type tex...

Page 22: ......

Page 23: ...Chapter 6 Important ESET Gateway Security mechanisms ...

Page 24: ...ted otherwise the object is blocked NOTE Please note that some of the modules has been written to integrate ESETS into the environment which does not allow to modify scanned objects and thus this functionality is disabled in the module Particularly this means that configuration option av_clean_mode is ignored by the module To get detailed information on this topic refer to appropriate modules manu...

Page 25: ...ader name of the special section contains identification of the HTTP client for which we have created individual setting The section body then contains individual parameters specified for this identification Thus with this special configuration an HTTP traffic of all local network clients will be processed i e scanned for infiltrations with exception of the client determined by IP address 192 168 ...

Page 26: ...L INFORMATION ABOUTYOU AND ORTHE USER OFTHE COMPUTER AND SAMPLES OF NEWLY DETECTEDVIRUSES OR OTHERTHREATS AND SENDTHEMTO OURVIRUS LAB THIS FEATURE ISTURNED OFF BY DEFAULT WEWILL ONLY USETHIS INFORMATION AND DATATO STUDYTHETHREAT ANDWILLTAKE REASONABLE STEPSTO PRESERVETHE CONFIDENTIALITY OF SUCH INFORMATION In order to turn on Samples Submission System the samples submission system cache has to be ...

Page 27: ...t up specify the address of your ERA Server in racl_server_addr parameter and racl_password if appropriate in the global section of ESETS configuration file All RA Client variables are listed in the esets_daemon 8 manual page Unix ESETS RA Client has this functionality logins to ERA Server and provides System Information Configuration Protection Status and Features configuration can be viewed and ...

Page 28: ......

Page 29: ...Chapter 7 ESET Security system update ...

Page 30: ...re downloaded from the origin ESET server If configuration option av_mirror_enabled is enabled in section global of ESETS configuration file the mirror of these modules is created in directory BASEDIR mirror Note that the mirror directory path can be redefined using configuration option av_mirror_ dir in section update of ESETS configuration file The newly created mirror thus serves as fully funct...

Page 31: ...Chapter 8 Let us know ...

Page 32: ...g a documentation is a process that is never finished There will always be some parts that can be explained better or are not even explained at all Therefore in case of bugs or inconsistencies found within this documentation please report a problem to our support center http www eset com support We are looking forward to help you solve any problem concerning the product ...

Page 33: ...Appendix A ESETS setup process description ...

Page 34: ... A PREROUTING p tcp i if0 dport 80 j REDIRECT to ports 8080 On FreeBSD the rule is as follows ipfw add fwd 192 168 1 10 8080 tcp from any to any 80 via if0 in On NetBSD and Solaris echo rdr if0 0 0 0 0 0 port 80 192 168 1 10 port 8080 tcp ipnat f A 2 Setting ESETS for scanning of FTP communication transparent mode The FTP communication scanning is performed using esets_ftp daemon In the ftp sectio...

Page 35: ...p tcp i if0 dport 21 j REDIRECT to ports 2121 On FreeBSD the rule is as follows ipfw add fwd 192 168 1 10 2121 tcp from any to any 21 via if0 in On NetBSD and Solaris echo rdr if0 0 0 0 0 0 port 21 192 168 1 10 port 2121 tcp ipnat f ...

Page 36: ......

Page 37: ...Appendix A PHP License ...

Page 38: ...will be given a distinguishing version number Once covered code has been published under a particular version of the license you may always continue to use it under the terms of that version You may also choose to use such covered code under the terms of any subsequent version of the license published by the PHP Group No one other than the PHP Group has the right to modify the terms applicable to ...

Reviews: