Replication in large networks

Replication is used in large networks where multiple ERA Servers are installed (e.g., a company with several branches). For more information, see chapter Installation .

The options in the Replication tab (Tools > Server Options...) are divided into two sections: Replication “to“ settings

Replication “from“ settings

The Replication ”to“ settings section is used to configure lower ERA Servers. The Enable “to” replication option must be enabled and the IP address or name of the master ERAS (Upper server) entered. Data from the lower server is then replicated to the master server. The Replication ”from“ settings allow master (upper) ERA Servers to accept data from lower ERA Servers, or to transfer them to their master servers. The Enable “from“ replication must be enabled and names of lower servers should be defined (delimited by a comma).

90

90

they have both upper and lower servers).

All of the previously mentioned scenarios are visible in the figure below. The beige computers represent individual ERA Servers. Each ERAS is represented by its name (which should be the same as %Computer Name% to avoid confusion) and the corresponding settings in the replication dialog window.

Other options that influence the replication behavior of servers include:

Replicate threat log, Replicate firewall log, Replicate event log, Replicate scan log, Replicate mobile log, Replicate quarantine log

If these options are selected, all information displayed on the Clients, Threat Log, Firewall Log, Event Log, Scan Log, Mobile Log, Quarantine Log and Tasks tab is replicated in individual columns and lines. Information not stored directly in the database, but in individual files (i.e., .txt or.xml format), may not be replicated. Enable these options to also replicate entries in those files.

Automatically replicate threat log details, Automatically replicate scan log details, Automatically replicate client details, Automatically replicate mobile log details, Automatically replicate quarantine files

These options enable automatic replication of the complementary information stored in individual files. They can also be downloaded on demand by clicking the Request button).

NOTE: Some logs are automatically replicated, while detailed logs and client configuration logs are only replicated on demand. This is because some logs contain large amounts of data that may not be relevant. For example, a scan log with the Log all files option enabled will consume a significant amount of disk space. Such information is usually not necessary and can be requested manually. Child servers do not automatically submit information about deleted clients. Therefore upper severs may continue to store information about deleted clients from lower servers. If you want to delete a client from the Client tab on upper servers, select the Enable deletion of replicated clients option on the underlying server located in Server Options > Advanced > Edit Advanced Settings > Setup > Replication.

To set the log maintenance level in ERAS, click Tools > Server Options > Advanced > Edit Advanced Settings… > Setup > Server Maintenance.

If you want to only replicate clients with a status change, select the Tools > Server Options > Replication > Mark all clients for replication by “Replicate Up Now” option.

6.6 Updates

The Updates window, located in the Server Options module, serves to define update parameters for the ESET Remote Administrator Server. The window is divided into two sections: the upper one lists server updates options; the one below is dedicated to update mirror parameters. Since version 2.0, the ESET Remote Administrator Server includes the Mirror server feature which creates a local update server for client workstations.

Descriptions of all elements and features are included below:

Update server – This is ESET’s update server. It is recommended that you use the predefined value (Autoselect) Update interval – Specifies the maximum interval between two consequent checks for the availability of new update files

Update user name – Username of the user used by ESET Remote Administrator to authenticate to update server(s) Update password – password belonging to the given username

Regular Virus Signature Database and program component updates are key elements in ensuring timely detection of threats. However, network administrators managing large networks may occasionally experience update-related issues such as false alarms or module-related issues. There are three options for connecting to an update server:

Regular update – The virus signature database is updated from regular update servers by the time they are released. Pre-release update – If the this option is enabled, beta-modules will be downloaded during the update. This is not recommended in a production environment, only for testing purposes.

Delayed update – Enable this option to receive updates with a delay of 12 hours, i.e., updates tested in a production environment and considered to be stable.

To launch an update task to download all of the most recent components for ESET Remote Administrator, click Update now. Updates may contain important components or functionalities; therefore it is vital to make sure that updates work properly and automatically. If you experience problems updating, select Clear Update Cache to clear the temporary update files folder. The Mirror Downloaded PCU option becomes active when a PCU (PCU - Program Component Upgrade) upgrade is downloaded and needs to be confirmed manually. Click this button to see all available PCU Updates and the EULA. To set up PCU mirroring go to Advanced > Edit Advanced Settings and configure settings in ESET Remote Administrator > ERA Server > Setup > Mirror (or Mirror for NOD32 version 2).

Configuration of a mirror in the ESET Remote Administrator Server is the same as it is in ESET NOD32 Antivirus Business Edition and ESET Smart Security Business Edition. Descriptions of important mirror elements are included below:

Create update mirror – Activates the mirror feature. If this option is disabled, no update copies are created. Create mirror for the selected program components – Allows user to specify language variants and types of program components that will be created in the mirror.

Populate mirror with selected program component updates only on demand – If enabled, PCUs are not automatically mirrored. If you want to enable PCU mirroring, select the Mirror downloaded PCU option in Tools > Server Options > Updates

Mirror folder – Local or network directory dedicated to store update files.

Enable update distribution via HTTP – Enables you to access updates using an internal HTTP server.

HTTP server port – Defines the port on which the ESET Remote Administrator Server will provide update services. HTTP server authentication – Defines the method of authentication used for accessing update files. The following options are available: NONE, Basic, NTLM. Select Basic to use the base64 encoding with basic authentication. The option NTLM provides encoding using a safe encoding method. For authentication, users created on the workstation sharing update files are used.

Create update mirror for NOD32 version 2 products – Creates an update mirror for older ESET products (version 2).

Click Default in the section below to restore predefined values for all features in this window.

NOTE: If the HTTP server method is in use, we recommended a maximum of 400 clients updating from one mirror. In large networks with more clients, we recommend balancing mirror updates among more ERA (or ESS/EAV) mirror servers. If the mirror needs to be centralized on a single server, we recommend using another type of HTTP server, such as Apache. ERA also supports additional authentication methods (e.g., on Apache Web Server the .htaccess method is used).

The administrator must insert the product license key for a purchased product and enter the username and password to enable the Mirror feature in the ERAS. If the administrator uses a license key, username and password for ESET NOD32 Antivirus Business Edition, then later upgrades to ESET Smart Security Business Edition, the original license key, username and password must be replaced as well.

NOTE: ESET NOD32 Antivirus clients can also be updated using a ESET Smart Security license, but not vice versa.