Jump to content
timbo83251

Eset v6 Integration - Caveats and Lessons Learned

Recommended Posts

We're in the process of migrating our Eset version 5 endpoints to version 6, which Labtech does officially support and sell now (despite what current documentation states). Just wanted to share what I've seen so far, what's different about the integration, and see if anyone else has experiences or tips to make it better. Let me be clear that the Eset v6 products (File Security and Endpoint Antivirus) are pretty great; its the integration that's a little wonky. BTW--the plugin is developed by Eset directly now.

 

1) Plugin Centric. The ESET v2 plugin basically controls everything. Deployment, policies... I consider it a single point of failure. Ideally, it's great that we can now easily create per-client policies that are tied to LT groups, but it's not refined.

 

2) There are two software components now -- the "Remote Agent" and the actual AV Scanner Software. The remote agent is what talks back to the new ERA6 server to get policies. The AV Scanner gets its info from the agent.

 

3) Deployment from said plugin kinda sucks. First, assuming you have helpdesk techs that you want to have the ability to install simple AV like we do, this plugin does not make it easy. A L1 tech can easily screw up the deployment as they have to manually specify which LT groups to target deployment on (dangerous), which AV product to install (they can select products you are not licensed for), another step to actually select the license which you can also mess up, and then wait and pray. There's not a lot of control here, and no permissions other than full plugin access or none.

 

Also, the OS filters are garbage; instead of just "Windows Server, Windows Workstation, Linux..., they specify the architecture AND edition (ent/pro/std) of each one. So time consuming.

 

4) There are no scripts, at least not officially supported by Labtech or Eset. I love the Eset v5 scripts because they give me control to make the deployment foolproof by checking for existing AV, only installing the server version on servers, endpoints on workstation, etc. I have no idea what the plugin is doing if I deploy EEA to a group containing servers. Also, I can no longer have any automation around deploying AV on a scheduled basis. I currently have an internal monitor that basically says "If client is under MSP contract, and should have Eset (based on various criteria), then deploy eset via script. Now that's gone.

 

5) Migration is a pain if you have an existing v5 server and endpoints. You will not be able to manage a v6 endpoint if the computer was already linked to the v5 ERA server in the plugin, and it won't get its policies. Long story short, my suggestion is to wipe the plugin SQL tables regarding endpoints and endpoint weights, manually delete the old ERA server from the plugin, and ONLY manage v6 endpoints in the plugin going forward.

 

6) Bugs. The plugin has a few bugs (have to run CC as admin, .net exceptions...), especially regarding deployment, but new version soon pending QA.

 

So, because of all that, I've decided to ditch the plugin for deployment purposes and took a crack at a script. It seems to be working ok, although occasionally it won't activate the license. I've attached it for review and some suggestions. Stinks that LT won't officially support scripts on this version because they are way more reliable than the plugin as of now.

 

Hopefully it will get better over time. Definitely get assistance from the pros if you plan on going through migration / implementation.

 

thanks!

 

-Tim

Eset Installation - Workstations and Servers (MG).7z

Edited by Guest

Share this post


Link to post
Share on other sites

Thanks for the review, I was looking to see if someone had a "condensed version" of the migration process when I found your post and decided that for the time being we're staying on v5. Hopefully it gets better with time and updates.

Share this post


Link to post
Share on other sites

When you create a deployment 'task' using the V2 plug-in against a LT group, you can specify to auto-install ESET to any new agents found in that group. Then have your L1 tech drag an agent to add to the group, and ESET gets automatically installed. We have a ESET Workstation Install group and a ESET Server Install group

 

Sent from my SM-G935V using Tapatalk

Share this post


Link to post
Share on other sites
wanted to see if eset v6 with LT is still a pain, or is it better now?

 

The plugin update that fixes deployment bugs, which I was initially told was "imminent", is now more like a few months out. I would still wait--plus, I was recently told by ESET support that v6 in itself doesn't introduce any real core improvements over the scanner -- if you look, the actual modules are exactly the same in both aside from HIPS.

Share this post


Link to post
Share on other sites

Were you able to use the plugin to migrate ESET v4.5 File Server installs to v6? I've used the plugin to migrate workstations and that seems to work fine but i'm not sure how we should go about the server migrations. I did have help with the console but unfortunately after we completed the walk through I was assigned to a few things and the migration was put on hold.

Share this post


Link to post
Share on other sites
Were you able to use the plugin to migrate ESET v4.5 File Server installs to v6? I've used the plugin to migrate workstations and that seems to work fine but i'm not sure how we should go about the server migrations. I did have help with the console but unfortunately after we completed the walk through I was assigned to a few things and the migration was put on hold.

 

I have had very little luck with deploying File Security for Servers either. I think it worked 1 time out of dozens via plugin. Even Eset support says basically, you're better off doing an uninstall of 4.5 completely before doing install of 6. In fact, here is the steps that work the best, but obviously very time consuming for an MSP of > 350 servers...

 

1) Change existing server policy to turn off "Self Protection". **This is what usually causes the uninstall to hang, leaving the server in a bad place**

2) Reboot is required for above change to take effect

3) Uninstall 4.5

4) Reboot again

5) Install 6.x

 

Whether I used plugin or my script for install, it was similar effect. I like script because I can schedule everything out and not have to watch it. In short, in place upgrade on Endpoint product is fine without reboot, but not servers.

 

Another general tip I forgot to mention -- setup dynamic groups on your new ERA server for "Non-activated product" (1 for each) with a recurring scheduled task to "Activate Product" (with corresponding license). This way, it's all automated if the plugin or script doesn't activate upon install.

 

Also, good idea to manually apply your Default Eset Policy in Labtech Plugin (least restrictive, typically attached to "All agents" group) to the Everyone group in ERA. That way, it's a catch all.

 

Hope that helps.

 

-Tim

Share this post


Link to post
Share on other sites

Any update on the ESET v6 Plugin?

We are looking at upgrading to v6; it does have 1 thing better than v5 and that is the Malware scanning engine improvements.

 

Jeremy

Share this post


Link to post
Share on other sites

The plugin is good now -- some of the bugs we were having were due to large quantity of agents and they fixed that stuff. I still strongly encourage planning this properly and getting help, the new products work much differently. I'm going on 6 months and still not done upgrading all my agents.

Share this post


Link to post
Share on other sites
Hi Timbo,

 

Do you mind posting your install script? At this point would recommend for or against doing the upgrade?

 

Here

 

Thank you for the file.

 

I've downloaded it from this post and also from the original post but file is corrupted.

 

Could you please reupload it?

 

Thank you

Share this post


Link to post
Share on other sites

I'm not using the ESET Plugin for deployment. I've created ESET v6 install scripts for Windows / Mac OS. The script only installs the deployment agent and then ERA has dynamic groups configured and automatically sends the install endpoint task to new computers.

Share this post


Link to post
Share on other sites

How did you get the ERA agent to install on MAC, my script didn't work last time I tested. I've attached a screenshot of what I have, do you mind sharing what you've done differently?

esetmac.png.4a731c5284b268199c1467acfd681a4a.png

Share this post


Link to post
Share on other sites

Please check this script.

Remember that SSH should be enabled on the computer (the scripts enables it)

 

 

 

Please let me know if you need anything else.

MacScript.png.cfa1084434acc28856af17695c87d6d7.png

  • Thanks 1

Share this post


Link to post
Share on other sites

I'm going through this installation right now, tried to import the script using Expand XML, no idea where it ended up in my tree despite running a search for it.

 

Also where or how do I specify my license, server, era location, etc. in it.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...