Endpoint security vendor ESET has designed the latest version of the ESET Remote Administrator to bring federated security management to enterprise endpoints for networks of any size.
Remote Administrator v6 can be deployed on multiple platforms, including legacy 32-bit Windows servers, the latest 64-bit Windows servers and self-contained virtual appliances that can run on-site, remotely or even in the cloud.
Of course, ERA v6 is only half the endpoint security equation. The product is used to manage endpoints running ESET’s complete anti-malware and security suite, which is the component that provides broad security coverage.
ESET offers complete antivirus, anti-malware, anti-spam, anti-spyware and other endpoint security in a unified suite that is meant to protect both enterprise endpoints, mobile devices and most anything that connects to the network.
And therein lies the biggest challenge for network administrations—figuring out how to manage dozens, hundreds or thousands of endpoints using ESET’s endpoint security products. That is exactly where ERA v6 enters the picture.
A Closer Look at ERA v6
ERA v6 is designed to support multiple installation scenarios, leverage browser-based consoles and offer unified endpoint security management. The product tightly integrates with endpoint security via the ERA agent, a small piece of software that runs on the endpoint, enabling it to be fully managed and protected by ERA v6.
The redesigned product is engineered to wear multiple hats so that a network security administrator doesn’t have to. It does this by combining everything from client software deployment (agent and antivirus), endpoint updates, policy enforcement and security control management into a single-pane-of-glass management console, which also acts as a fully instrumented dashboard.
Other enhancements to the product include:
ERA Web Console: The ESET Remote Administrator Console is now Web/browser-based, allowing administrators to manage the network from virtually anywhere. The Web console is the primary interface used to administer clients; it can be used to execute any of the product’s functions.
The browser-based console uses Ajax technology to offer a robust application experience. Most chores are guided and wizard-driven, while integrated query and reporting tools allow administrators to customize views, reports and other administrator-centric intelligence to further ease the security management burden.
ESET License Administrator: The ESET License Administrator portal allows administrators to manage credentials for their software, convert older username and password credentials into license keys for use with ERA 6, and grant license management privileges to co-workers or partners.
ERA Agent: The ERA Agent facilitates all communication from the server to the endpoints and stores information about policies locally to allow for the fastest response to emerging threats. All communication between the server and the endpoint is encrypted using Secure Sockets Layer (SSL) certificate security.
Rogue Detection Sensor: The RD Sensor works hand-in-hand with the ERA Server to detect any unprotected client computers connected to the network. That eases adding new systems to the protection policy and also identifies potential threats from systems on the network that haven’t been properly protected.
ESET Virtual Appliance Remotely Manages Network Endpoint Security
ERA Proxy Server: The Proxy Server can be deployed on larger networks to help distribute the load from client computers to the ERA Server.
ERA HTTP Proxy: The HTTP Proxy serves as a central location where computers on the network can locate updates or other assets, such as installer files for ESET products.
Installation and Configuration ERA v6
ESET understands how to best serve the growing demand for enterprise-level virtual appliances as evidenced by the ease of installation associated with the company-provided OVA (Open Virtualization Appliance) file, which can be imported directly into a virtual server environment, such as VMware (vSphere, Player, Workstation), Oracle Virtual Box, ESX1 or Microsoft Hyper-V.
The OVA file contains a fully functional CentOS 6.5 operating system, along with all the ERA v6 software, allowing administrators to quickly create a virtual server instance of ERA v6.
There are several advantages to that type of deployment, including eliminating the need for a dedicated server, the ability to use a desktop OS to host the hypervisor, allowing administrators to deploy ERA v6 on a non-server OS and eliminating the need for an enterprise level ESXi implementation.
However, for those not wanting to venture down the virtual appliance route, ESET also offers a wizard-based installation for Windows and Mac OS X, which proves to be even simpler than the OVA-based installation, as long as elements, such as .NET, SQL server and Java are pre-installed on the target management server system.
Once installed, the ERA v6 management console can be launched using a browser and the IP address provided during the installation process. The console offers users guided configuration steps, as well as wizard-driven capabilities to further ease initial setup.
Wizards, interactive help and guided processes are offered throughout the product and are available for most any process, ranging from initial configuration to maintenance and to perform wholesale changes to the enterprise environment.
ERA v6 Agent
As stated earlier, ERA v6 requires that the ERA agent be installed on endpoints to enable manageable security. In the past, installing agent software to an endpoint required several manual steps, and sometimes interaction with the end user, with the worst-case scenario requiring a technician to physically install the agent on the endpoint.
One of the first ways that ESET attempts to eliminate these manual agent installation steps is by offering a feature called “Server Assisted Agent Installation.” That feature uses a local MSI package to execute the installation of the agent and can be scripted to install the agent in a hands-off fashion.
Administrators can also use another feature called the ERA Agent Live Installer, which pushes out a preconfigured Live Installer package from the ERA server in the form of a batch file, which can be run as part of a login script, or by using other similar automation technologies.
ESET Virtual Appliance Remotely Manages Network Endpoint Security
They could even use a link in an email sent out to the end user. Finally, administrators also have the option of conducting what is referred to as a “remote installation,” which can be a major time-saver on enterprise networks.
The remote installation is executed via the ERA management console’s Server Task menu as a function of the agent deployment wizard—which is then used to identify target systems. The administrator will need to provide the suitable credentials for the target endpoints. However, that should not be difficult on a managed network, especially a Windows network using Active Directory.
Speaking of Active Directory, it is important to note that ERA v6 offers full integration with AD, allowing the product to query critical information, such as users, computers that are members of the domain and so on. That AD integration further simplifies deployment as well as management of security settings on various PCs throughout the enterprise.
ERA v6: Critical Features
ERA v6 offers several critical features that help secure enterprise networks. First and foremost is the product’s ability to administer ESET Endpoint V6 security components. Simply put, ERA v6 offers full control of the settings, policies, updates and deployment of security on the endpoint, while also providing the tools to monitor and report on those endpoints.
ERA v6 brings to the table several other features that are quickly becoming a must-have for security administrators today. Of particular note is the rogue system detection capability, which looks for and reports on unprotected systems connecting to the network. That’s critical on today’s networks, where spyware and malware can infect complete networks when a new device connects to the network.
Advanced reporting features are also readily apparent in the product. Administrators can use the integrated report writer to build custom reports if the hundreds provided do not meet their specific needs.
Reports can include graphical elements, such as charts and diagrams, which bring a visual perspective to those that may not quickly understand plain-vanilla text and numbers. Numerous filters and sort options are also part of the reporting engine.
Arguably, one of the most important features is the ability to create custom policies. Administrators can use the product’s wizard-based tools to create and enforce policies that include everything from security settings, to software deployment, to executing scripted tasks—really anything one can imagine. Furthermore, policies can be applied to specific machines, groups, domains or ERA v6 can execute policies based on Boolean logic.
While full automation is nice to have in a network security product, nothing beats staying informed. Here, ERA v6 offers a notification system that uses a wizard to define what events should be reported to administrators and how those notifications are delivered. For example, notifications can be sent via email, Short Message Service (SMS) or other methods, such as a security incident event management system.