manualshive.com logo in svg

ESET REMOTE ADMINISTRATOR 4, Installation Manual

ESET Remote Administrator 4 is a robust security management tool for businesses. Ensure smooth installation with the comprehensive Installation Manual available for free download at manualshive.com. Easily navigate through the user-friendly manual to optimize security settings and streamline remote administration processes.

Share
Download
background image

67

database than that on the server and that has not been disconnected for more than one week.

Primary clients waiting for restart

 – If there is a client waiting for restart that has not been disconnected for more

than one week.

Primary clients with a non-cleaned infiltration in computer scan

 – If there is a client on which a computer scan

could not clean at least one infiltration and that client has not been disconnected for more than one week; the rule
runs ASAP.

Completed task

 – If there was a task completed on a client; the rule runs ASAP.

New primary clients

 – If a new client has connected to the server; the rule runs ASAP.

New replicated clients

 – If there is a new replicated client in the list of clients; the rule runs after one hour.

Possible virus outbreak

 - If the frequency of Threat log entries on a client has exceeded 1000 critical warnings in one

hour on at least 10% of all clients.

Possible network attack

 – If the frequency of ESET Personal firewall log entries on a client has exceeded 1000 critical

warnings in one hour on at least 10% of all clients.

Server updated

 – If the server has been updated

Server not updated

 – If the server has not been updated for more than five days; the rule runs ASAP.

Error in server text log

 – If the server log contains an error entry.

License expiration

 – If the current license will expire within 20 days and after expiration, the maximum number of

client slots will be lower than the current number of clients; the rule runs ASAP.

License limit

 – If the number of free client slots decreases under 10% of all client slots available.

If not stated otherwise, all rules are run and repeated after 24 hours and are applied to the primary server and primary
clients.

5.4.1.1   Notifications via SNMP Trap

SNMP (Simple Network Management protocol) is a simple and wide spread management protocol suitable for
monitoring and identifying network problems. One of the operations of this protocol is TRAP, which sends specific
data. In ERA, we use TRAP to send notification messages.

In order for the TRAP tool to run effectively, the SNMP protocol must be correctly installed and configured on the same
computer as ERAS (

Start

 > 

Control Panel

 > 

Add or Remove programs

 > 

Add/Remove Windows Components

). The

SNMP service should be configured as described in this article: 

http://support.microsoft.com/kb/315154

. In ERAS, you

need to activate an SNMP notification rule.. In ERAS, you need to activate an SNMP notification rule.

Notifications can be viewed in the SNMP manager, which must be connected to an SNMP server where the
configuration file 

eset_ras.mib

 is imported. The file is a standard component of an ERA install, and is usually located in

the folder 

C:\Program Files\ESET\ESET Remote Administrator\Server\snmp\.

5.4.2   Rule creation

The following steps demonstrate how to create a rule that will send email notification to the administrator if there is
a problem with the Protection Status of any client workstations. The notification will also be saved to a file named 

log.

txt

.

1) Set the 

Trigger type

 drop-down menu to 

Client State

.

2) Leave the options 

Priority, Activation after:

 and 

Repeat after every:

 at the predefined values. The rule will

automatically be assigned priority 3 and will be activated after 24 hours.

3) In the 

Description

 field, type 

protection status notification for HQ clients

4) Click 

Edit…

 in the 

Client filter

 section and only activate the 

ERA Groups IN

 section rule condition. In the lower part

of this window click the link 

specify

 and type 

HQ

 in the new window. Click 

Add

 and then click 

OK

 (twice) to confirm.

This designates that the rule is only applied to clients from the HQ group.

5) Further specify parameters for the rule in 

Parameters > Edit…

 Deselect all options except for 

Protection Status Any

Warnings

.

6) Proceed to the 

Action

 section and click the 

Edit…

 button. In the 

Action

 window, activate 

Email

, specify recipients (

To…

) and 

Subject

 for the email. Then select the 

Log to file

 check box and enter the name and path of the log file to

be created. As an option, you can select the 

Verbosity

 of the log file. Click 

OK

 to save the action.

7) Finally, use the 

Message

 text area to specify the verbiage that will be sent in the body of the email when the rule is

activated. Example: 

“The client %CLIENT_LIST% reports protection status problem”

.

Summary of Contents for REMOTE ADMINISTRATOR 4

Page 1: ...ESET Remote Administrator 4 Installation Manual and User Guide...

Page 2: ...ay be reproduced stored in a retrieval systemor transmitted in any formor by any means electronic mechanical photocopying recording scanning or otherwise without permission in writingfromthe author ES...

Page 3: ...Colors tab 3 5 3 29 Paths tab 3 5 4 29 Date Time tab 3 5 5 30 Other settings tab 3 5 6 30 Display modes 3 6 31 ESET Configuration Editor 3 7 31 Configuration layering 3 7 1 32 Key configuration entrie...

Page 4: ...10 1 1 85 What is the meaningof the GLEerror code 10 1 2 85 Frequently encountered error codes 10 2 85 Error messages displayed when usingESET Remote Administrator to remotely install ESET Smart Secu...

Page 5: ...osoft Exchange Server support for Linux Mac desktop security solution ESET NOD32 Antivirus 4 support for ESET Mobile Security New features Remote Installation new design Group Management new design St...

Page 6: ...tion MAC address added extended remote installation support of msi and custom packages security enhancements encryption possibility for all new server clients performance improvements compression in c...

Page 7: ...tasks remote installation requests etc are created through the ERA Console ERAC ERAS is a meeting point between ERAC and client computers a place where all information is processed maintained or modi...

Page 8: ...ervicing hundreds of clients However there is a 2GB size limit for the database Consequently you will need to activate cleanups on the server and define an interval under Tools Server Options Server M...

Page 9: ...ransferred will be approximately 50 smaller in size i e about 120 kilobytes per connection The data includes direct client connections omitting replicated connections Replication occurs much less ofte...

Page 10: ...remote install TCP 2846 ERAS listening ERAS replication TCP 139 target port from the point of view of ERAS Copying of the agent einstaller exe from ERAS to a client using the share admin UDP 137 targ...

Page 11: ...dition ESET Smart Security Business Edition Suppose all clients are Microsoft Windows 2000 XP Vista 7 workstations and notebooks networked within a domain The server named GHOST is online 24 7 and can...

Page 12: ...select the correct database to which ERAS information will be stored For more information see the chapter titled Database types supported by ERA Server Important Recent versions of Microsoft Windows...

Page 13: ...you must disable the cluster node before uninstalling 2 2 3 2 Installation of ERA Console Install the ESET Remote Administrator Console to the administrator s PC notebook At the end of the Advanced in...

Page 14: ...ired to activate CASE INSENSIVITY CI To activate For MS SQL and MySQL a COLLATE must be set up with the CI activated For ORACLE a NLS_SORT must be set up with the CI activated For MS Access no action...

Page 15: ...ing the connection string 2 Directly using a complete connection string All required parameters must be specified driver server and name of database This is an example of a complete connection string...

Page 16: ...ompatible with the current version To cancel installation of ERAS and analyze the database manually click Cancel 2 3 Scenario Installation in an Enterprise environment 2 3 1 Environment overview netwo...

Page 17: ...e master server which is the IP address of the server GHOST 2 3 2 3 Branch office Installation of HTTP Mirror server The Mirror server installation configuration in the previous scenario can also be u...

Page 18: ...the administrator will only need to connect to a central ERAS the communication marked by the letter A in the figure below There is no need to use VPN to access individual departments the communicatio...

Page 19: ...y and then click the Change button to the right of Password for Console When entering a password you can check the Remember password option Please consider the possible security risks associated with...

Page 20: ...be processed you can limit them by using the Items to show drop down menu and the browse page by page buttons Select the View mode to display attributes according to your need for further details see...

Page 21: ...ow you to efficiently sort and filter information about the connected clients 3 3 1 Filter Filter allows the administrator to display only information related to specific servers or client workstation...

Page 22: ...ion allows you to right click on any attribute and automatically select highlight all other workstations or servers with the same attribute The string is automatically replaced by the value of the cur...

Page 23: ...Flags Reset New Flag The client s icon will change to the one shown in the figure below and the value in the New User column will switch to No NOTE The Comment attribute is optional in all three tabs...

Page 24: ...Primary Server Name of ERAS with which a client is communicating Domain Domain group name to which a client belongs these are not groups created in ERAS IP IP address Product Name Name of ESET securit...

Page 25: ...RAS including time that the system information was submitted SysInspector Clients with versions containing the ESET SysInspector tool can submit logs from this complementary application Custom Info Cu...

Page 26: ...ain how xml files can be used to create a configuration template for new modified xml configuration files For more information see chapter Tasks Protection Status This is a general status statement re...

Page 27: ...ibute Description Client Name Name of client reporting the event Computer Name Workstation server name hostname MAC Address MAC address network adapter Primary Server Name of ERAS with which a client...

Page 28: ...dress network adapter Primary Server Name of the ERA Server a client is communicating with Date Received Time at which the event was logged by ERAS Date Occurred Time at which the event took place on...

Page 29: ...on from ERAC to ERAS For more detail see chapter Connecting to ERAS 3 5 2 Columns Show Hide tab This tab allows you to specify which attributes columns are displayed in individual tabs Changes will be...

Page 30: ...recommend that you select the Show on taskbar when minimized option and leave the Console minimized when inactive If a problem occurs the icon in the notification area will turn red which is a signal...

Page 31: ...configuration in a tree like structure The template is stored in the cfgedit exe file That is why we recommend that ERAS and ERAC be updated regularly Warning The Configuration Editor allows you to m...

Page 32: ...r of the ThreatSense Net Early Warning System which allows submission of suspicious files for analysis to ESET s labs When deploying ESET solutions to a large network the Submit suspicious files and E...

Page 33: ...cessary to modify the predefined profile My profile and change the Update server Username and Password settings If Update server is set to Choose Automatically all updates will be downloaded from ESET...

Page 34: ...msi installation file means the digital signature of this file will no longer be valid In addition the steps from version 3 x apply to version 4 x as well Version 3 x Download the installation file e...

Page 35: ...om package This is particularly useful if you want to run various scripts and executables on the remote machine including uninstall tools for third party security products or standalone cleaning tools...

Page 36: ...MFC libraries for the Microsoft Windows 9x operating system that are required for ERA to function correctly This parameter can always be used even if the MFC libraries are available Under Create Sele...

Page 37: ...to explore the network Console The Console view provides standard NetBios search from the computer on which ERAC is installed It shows all available domains and workgroups which can be un checked in...

Page 38: ...nt with administrator rights You can still add clients to the list in this step by using the Add Clients Special feature 3 Select the desired install package to deliver to target workstations 4 Set th...

Page 39: ...mmand line parameters are also applied 9 Immediately after the installation is complete the agent sends a message back to ERAS Some ESET security products require a reboot and will prompt you if neces...

Page 40: ...requires intervention on the part of the user who must launch the einstaller exe agent from the email attachment If launched repeatedly einstaller exe will not trigger another installation of ESET cli...

Page 41: ...ses 3 Enter a Subject in the corresponding field 4 Type a message into the Body 5 Check the Send compressed as zip file option if you wish to send the agent as a zipped package 6 Click Send to send th...

Page 42: ...r username password domain from ERAS For more information see the end of this chapter The einstaller exe file can be obtained as follows From the Computers tab in the Remote Install tab right click an...

Page 43: ...Logon on the ERAS is not transferred and the agent attempts to install the package under the current user On the operating systems Microsoft Windows 9x Me the administrative share cannot be used there...

Page 44: ...will be denied The agent records the following error to the installer log located in TEMP einstaller log Eset Installer was told to quit by the server X 2224 To prevent repeated installations from bei...

Page 45: ...th installation_package msi and click Open Do not use the Browse option to locate the installation package because it will be displayed as a local network path rather than a UNC network path 8 In the...

Page 46: ...have to perform the task specific actions described in each of the chapters see links above Stage III Select Clients 4 You can modify your client selections in the Select Clients window which will app...

Page 47: ...rvers or Groups Click Next to proceed to the next step 9 The last dialog window Task Report shows a preview of the configuration task Enter a name or description for the task optional The Apply task a...

Page 48: ...workstation 2 Click View Edit to adjust the script 3 Click Next to proceed to the Select Clients and Task Report dialog windows which are described in detail in the Tasks chapter 4 After the task fin...

Page 49: ...Clients pane and select New Task Show Notification from the context menu 2 Type the notification Title and message Body in the appropriate fields and select the notification Verbosity 3 Click Next to...

Page 50: ...ESET Smart Security ESET NOD32 version 3 and later 5 2 Group Manager Group Manager is a powerful tool for managing your clients separating them into different groups and applying different settings ta...

Page 51: ...Add Special button for more options Select the Add clients loaded in the Clients pane option to add all clients displayed in the client section or select the Only selected option To add clients that a...

Page 52: ...s to be synchronized will be added to the existing AD groups AD groups import or if the existing AD groups will be completely replaced by those to be synchronized AD groups synchronize The Synchronize...

Page 53: ...ed on the server you are currently connected to via ERAC To create a policy on a lower server you need to connect directly to that server Each policy has two basic attributes Override any child policy...

Page 54: ...r to clients connected to the server It can also serve as a parent policy for another policy from the same server Icons with blue targets Policy was also created on the server however the option Overr...

Page 55: ...es or policy rules 5 3 7 Assigning policies to clients There are two main rules for assigning policies to clients 1 Local primary clients can be assigned any local policy or any policy replicated from...

Page 56: ...belongs to the group defined by the IP range HAS NOT Defined Policy specify if client does or does not adopt the policy Product Name NOT IN if product name is Product Version IS NOT if product versio...

Page 57: ...policies As a replacement you can use any policy from the given server or the N A flag New default policy for primary clients If the deleted policy serves as a virtual policy see section Global Polic...

Page 58: ...ocal administrators Each administrator decides which policies are to be assigned to which clients within their servers The main administrator does not intervene in the configurations made by the local...

Page 59: ...wever Server A has the Default Policy for Lower Servers enabled and policies on the lower servers inherit the configuration of the Default Parent Policy from the master server In this scenario the loc...

Page 60: ...d serve as parent policies on the lower servers For Policy 1 see the figure below the attribute Override any child policy is activated The local administrator still has a large degree of autonomy but...

Page 61: ...ning policies based on policy rules This method is complementary and should be used in combination with previously described scenarios rather than as a standalone scenario If each server is managed by...

Page 62: ...o the condition 5 In the next step define the policy that will be applied to clients matching the rule condition s and press OK to save the rule NOTE Steps 3 5 can be replaced by using the Policy Rule...

Page 63: ...ion In each rule you can specify the criteria known as a Trigger which activates the rule The following triggers are available Client State Rule will be run if there is a problem on some of the client...

Page 64: ...Previous Virus signature database is one version older than the current one Older or N A Virus signature database is more than one version older than the current one Older than 5 versions or N A Virus...

Page 65: ...number of clients in the license fall below the number or actual clients in the server database to send a notification if expiration will cause the number of clients in the license to fall below the n...

Page 66: ...t ASAP the task should run within 10 minutes If a specific time period is selected from this menu the action will automatically be performed after the time period has elapsed provided that the rule co...

Page 67: ...o run effectively the SNMP protocol must be correctly installed and configured on the same computer as ERAS Start Control Panel Add or Remove programs Add Remove Windows Components The SNMP service sh...

Page 68: ...SysInspector log from that client To do this right click the client in the Clients pane and select Request data Request SysInspector Information Logs can only be obtained from generation 4 x products...

Page 69: ...ing deleting restoring quarantined files and excluding them from further scanning simpler tasks It is accessible via the Quarantine window in the main console panel or client properties The main quara...

Page 70: ...ht clicking selected clients the selected clients are then automatically added to the selected items in the first step NOTE To perform this action successfully all the selected clients must have the l...

Page 71: ...s Combined Top Threats Threats Progress Combination of the above mentioned types Combined Top Threats Threats Comparative Progress Combination of the above mentioned types Clients of Groups Shows clie...

Page 72: ...ated on the following Wednesday after Saturday In the Interval tab select Completed and 1 Weeks Remove Add also the current period In the Scheduler tab set Frequency to Weekly and select Wednesday The...

Page 73: ...rantine group verify that the Sticky option is disabled The computer will be assigned dynamically and removed once the conditions are no longer met Create the Quarantine Computers report To create a r...

Page 74: ...tion Enables access to ERAS for clients of lower ERA Servers which do not have a valid password for replication specified Enable unauthenticated access for ESET Remote Installer Agent Enables access t...

Page 75: ...rror server to always be connected to the internet Warning A Mirror server which performed a program component upgrade PCU and has not been rebooted may cause an outage In this scenario the server wou...

Page 76: ...ble for Everyone and the current user can access them too Also please use UNC paths to define the network path to the local server Using the DISK format is not recommended If you decide to use the sha...

Page 77: ...te Administrator and can be changed to an absolute path according to your needs To enable update via http select the Provide update files via internal HTTP server option HTTP server will be available...

Page 78: ...nternal HTTP server option 5 Enter the full directory path to the folder Folder to store mirrored files where update files are to be stored 6 The Username and Password serve as authentication data for...

Page 79: ...ERA Server Setup Mirror for NOD32 version 2 To minimize the volume of downloaded data only select language versions that are present on your network 8 4 Replication Replication is used in large networ...

Page 80: ...ded on demand by clicking the Request button NOTE Some logs are automatically replicated while detailed logs and client configuration logs are only replicated on demand This is because some logs conta...

Page 81: ...to confirm 4 Verify that the license key information is correct and select Upload to Server 5 Click OK to confirm The Upload to Server button is only active if you have selected a license key using t...

Page 82: ...ion of clients Disable this option if there are multiple entries for one PC We also recommend disabling this option if a client is identified as the same client after the MAC address has been changed...

Page 83: ...Server service 9 2 2 Start ERA Server This task starts the ESET Remote Administrator Server service 9 2 3 Database Transfer This task allows you to convert the database format The tool can convert bet...

Page 84: ...import a file from a different database type as selected in the previous step Allow import from a different type of database as well as to stop ESET Remote Administrator Server during database restor...

Page 85: ...he following chapters outline the most frequently encountered error codes when performing push installs as well as errors that can be found in the ERAS log 10 2 1 Error messages displayed when using E...

Page 86: ...ely Webwasher proxy 0x2104 UPD_RETVAL_SERVER_ERROR Update module error indicating an HTTP error code higher than 500 If the ESET HTTP server is being used error 500 indicates a problem with memory all...

Page 87: ...d by default runs every 60 minutes Usually there is no reason to modify its parameters The only exception is for notebooks since their owners often connect to the Internet outside of the local network...

Page 88: ...ch Friday etc or it can be triggered by an event after a successful update the first time the computer starts each day etc The last step of the task On demand computer scans shows the special settings...

Page 89: ...Selected items column on the right Click Next and then click Finish 11 3 Export and other features of client XML configuration From ERAC select any clients in the Clients tab Right click and select C...

Page 90: ...ew update task or modify an existing update task through the Scheduler Tools Scheduler from the main program window of ESET Smart Security or ESET NOD32 Antivirus The configuration can be made directl...

Page 91: ...tom install package must be in the msi format The remote installation of custom packages can be performed using a process very similar to the one described in chapter Remote installation The main diff...

Page 92: ...website If you already have one of the ESET security products installed you can run ESET SysInspector directly from the Start Menu Programs ESET Please wait while the application inspects your system...

Page 93: ...entries in your system By adjusting the slider you can filter items by their Risk Level If the slider is set to the utmost left Risk Level 1 then all items are displayed By moving the slider to the r...

Page 94: ...h file path beginning with Those symbols provide pre launch optimization for those processes they are safe for the system and as such are correct Network connections The Description Window contains a...

Page 95: ...between the compared logs Items marked by a can only be found in the active log and were not present in the opened comparative log Items marked by a on the other hand were present only in the opened l...

Page 96: ...After the export you can mark unwanted objects for deletion Then you can run the modified log to delete marked objects Service Script is suited for advanced users with previous experience in diagnosi...

Page 97: ...Windows system32 module32 exe CF8A In this example a process module32 exe was selected marked by a character the process will end upon execution of the script 02 Loaded modules This section lists cur...

Page 98: ...ion Run Google Update C Users antoniak AppData Local Google Update GoogleUpdate exe c Category Internet Explorer 7 items HKLM Software Microsoft Internet Explorer Main Default_Page_URL http thatcrack...

Page 99: ...n you open a script the program will prompt you with the following message Are you sure you want to run the service script Scriptname After you confirm your selection another warning may appear inform...

Page 100: ...e equal level or higher Ctrl 0 filtering mode equal level only View Ctrl 5 view by vendor all vendors Ctrl 6 view by vendor only Microsoft Ctrl 7 view by vendor all other vendors Ctrl 3 displays full...

Page 101: ...ning it as a Standard User or a Restricted User will result in it collecting less information about your operating environment Does ESET SysInspector create a log file ESET SysInspector can create a l...

Page 102: ...gy The Anti Stealth technology provide effective rootkits detection If the system is attacked by malicious code that behaves as a rootkit the user is exposed to the risk of damaging losing or stealing...

Page 103: ...4 Windows Server 2003 Service Pack 2 Windows XP Service Pack 2 with KB926044 Windows XP Service Pack 3 13 2 How to create rescue CD If the minimum requirements for the creation of ESET SysRescue CD ar...

Page 104: ...r We recommend using automatic introduction only if ESET SysRescue is used on a computer that has the same network adapter as the computer on which the ESET SysRescue CD was created When the ESET SysR...

Page 105: ...leaned not even in Safe mode Explorer exe as one of the essential Windows processes is launched in Safe mode as well ESS EAV cannot perform any action on the file and it consequently remains infected...

Reviews:

No comments

Related manuals for REMOTE ADMINISTRATOR 4

Waves Linear-Phase MultiBand Software Audio Processor User Manual preview
Linear-Phase MultiBand Software Audio Processor
Brand: Waves Pages: 27
Adobe 65014293 - Photoshop CS4 - Mac Manual preview
65014293 - Photoshop CS4 - Mac
Brand: Adobe Pages: 87
FieldServer FS-8704-01 Driver Manual preview
FS-8704-01
Brand: FieldServer Pages: 12
Promise Technology FastTrak SX Series Version 4.4 User Manual preview
FastTrak SX Series Version 4.4
Brand: Promise Technology Pages: 102
GRASS VALLEY NetConfig Instruction Manual preview
NetConfig
Brand: GRASS VALLEY Pages: 44
CAKEWALK PRO AUDIO User Manual preview
PRO AUDIO
Brand: CAKEWALK Pages: 604
MACROMEDIA FLEX-FLEX ACTIONSCRIPT LANGUAGE Reference preview
FLEX-FLEX ACTIONSCRIPT LANGUAGE
Brand: MACROMEDIA Pages: 830
Zeta PC3K User Manual preview
PC3K
Brand: Zeta Pages: 46
Guzik WITE32 Release Notes preview
WITE32
Brand: Guzik Pages: 29
HP dc5750 - Microtower PC User Manual preview
dc5750 - Microtower PC
Brand: HP Pages: 79
HP dx6120 - Microtower PC Quickspecs preview
dx6120 - Microtower PC
Brand: HP Pages: 52
HP Designjet T1300 User Manual preview
Designjet T1300
Brand: HP Pages: 49
HP DC7600 - HP Disassembly Instructions Manual preview
DC7600 - HP
Brand: HP Pages: 10
HP Device Access Manager for HP ProtectTools User Manual preview
Device Access Manager for HP ProtectTools
Brand: HP Pages: 103
HP dc7700 - Convertible Minitower PC Brochure preview
dc7700 - Convertible Minitower PC
Brand: HP Pages: 2
HP dx7200 - Microtower PC Quick Setup Manual preview
dx7200 - Microtower PC
Brand: HP Pages: 2
HP DC7600 - HP Quickspecs preview
DC7600 - HP
Brand: HP Pages: 61
HP digital sending software v 3.0 workflow Support Manual preview
digital sending software v 3.0 workflow
Brand: HP Pages: 102

Brands by name

Popular brands

Load more brands