ESET Endpoint Security for Windows
If you need Help!
- About the installation of ESET, you can report an incident / submit a request.
- About infection on your device, you can report an incident / submit a request.
- You can also reach the Service Desk by phone at 77777 or by e-mail at service-desk@cern.ch.
- Visit the CERN Computer Security website.
Note
- ESET is available for all Windows BYOD devices from the CERN AppStore but is not yet generally available for all centrally managed Windows devices, you will receive further information at a later date.
What is ESET Endpoint Security ?
ESET Endpoint Security represents a new approach to truly integrated computer security. The most recent version of the ThreatSense® scanning engine, combined with a custom Firewall and Antispam module, utilizes speed and precision to keep your computer safe. The result is an intelligent system that is constantly on alert for attacks and malicious software endangering your computer.
ESET Endpoint Security is a complete security solution to combine maximum protection and a minimal system footprint. The advanced technologies, based on artificial intelligence, are capable of proactively eliminating infiltration by viruses, spyware, trojan horses, worms, adware, rootkits, and other Internet-borne attacks without hindering system performance or disrupting your computer.
It is provided for CERN users to protect their personal and professional devices, improving the security of your devices and hence CERN in general.
ESET Endpoint Security prevents malicious software from infecting your device by using:
- Realtime protection: By default ESET is configured to monitor your PC all the time and will alert you when a virus, trojan, spyware or other malicous software attempts to install or run on your computer.
- Automatic scan: A full system scan is scheduled to run automatically on install, startup and during virus definition updates.
- Manual scan: You can also manually use ESET to scan your entire PC or specific drives, files or folders for potential threats that might put your device at risk.
- Firewall: Connections to your device are audited and automatically allowed or denied based on their reputation. You can customise these rules to ensure maximum security without disturbing access to websites that are important to you.
- Windows Update Monitoring: Alerts you if your computer is missing key updates that address security concerns.
The original ESET documentation can be found here.
How to install ESET Endpoint Security ?
ESET Endpoint Security is available from the CERN App Store for your personal/self-managed Windows devices and in CMF for centrally managed Windows devices (see note at the top of the page regarding availability).
Warning
- To avoid performance impact, we recommend users manually uninstall any other anti-virus programs they may have before installing ESET Endpoint Security.
How to open ESET Endpoint Security?
Click the ESET icon in the notifications tray (at the bottom right) of your Windows screen.
The user interface of ESET offers the following features (see below).
| Features | Functionnality |
|---|---|
| Protection status | Provides information about the protection status of ESET |
| Computer scan | This option allows you to configure and launch of Smart scan, Custom scan, or Removable media scan. |
| Update | Displays information about the detection engine and allows to check for updates manually. |
| Setup | Select this option to adjust your Computer security settings. |
| Tools | Provides access to Log files, Protection statistics, Watch activity, Running processes, Scheduler, Quarantine. |
| Help | Provides access to help files, ESET KB. |
More details can be found here.
How to perform a manual scan ?
ESET uses Real-Time (RT) protection to intercept viruses and other malicious files on your computer without actively scanning the entire system disk. RT protection scans files when they are created, opened or executed and deletes them if they are malicious.
You can manually run a scan of specific files or your entire computer on demand. This is only necessary when you suspect your computer has been compromised/infected or requested by the CERN Computer Security Team.
ESET offers 4 scan options
- File scan Scan individual files for threats.
- Scan your computer - Scans all local disks and cleans threats.
- Custom scan - Select the scan targets, cleaning level and other parameters.
- Removable media scan Scanning of USB, DVD, CD and other removable media.
File scan There are 3 ways to initiate a file scan:
-
Directly via Windows Context Menu a. Right click the file and select Scan with ESET Endpoint Security
-
Drag and drop a file into the ESET Endpoint Security GUI a. Open the GUI and navigate to Computer Scan b. Drag the file into the area that appears labelled: "Drag and drop files here to scan them"
-
Select the file via the ESET Endpoint Security GUI a. Open the ESET Endpoint Security GUI using the procedure written above b. Select Computer Scan from the left sidebar. c. Navigate to the file/folder you want to scan or specify the full path
More details can be found here.
How to keep ESET Endpoint Security client & virus definitions up to date?
Updating ESET Endpoint Security can be performed either manually or automatically. To trigger the update, click Update in the main program window and then click Check for updates.
The default installation settings create an automatic update task which is performed on an hourly basis. Here you can also change the update frequency. Alternatively, navigate to Tools > Scheduler.
More information can be found here and here.
How to schedule common tasks ?
The Scheduler manages and launches scheduled tasks with predefined configuration and properties.
The Scheduler can be accessed from the ESET Endpoint Security main program window by clicking Tools > Scheduler. The Scheduler contains a list of all scheduled tasks and configuration properties such as the predefined date, time, and scanning profile used.
The Scheduler serves to schedule the following tasks: detection engine update, scanning task, system startup file check and log maintenance. You can add or delete tasks directly from the main Scheduler window (click Add task or Delete at the bottom). Right click anywhere in the Scheduler window to perform the following actions: display detailed information, perform the task immediately, add a new task, and delete an existing task. Use the check boxes at the beginning of each entry to activate/deactivate the tasks.
By default, the following scheduled tasks are displayed in Scheduler:
-
Log maintenance
-
Regular automatic update
-
Automatic update after dial-up connection
-
Automatic update after user logon
-
Automatic startup file check (after user logon)
-
Automatic startup file check (after successful module update)
To edit the configuration of an existing scheduled task (both default and user-defined), right-click the task and click Edit... or select the task you wish to modify and click the Edit button.
More details can be found here.
Firewall
The Firewall controls all network traffic to and from the system. This is accomplished by allowing or denying individual network connections based on specified filtering rules. It provides protection against attacks from remote computers and can block potentially threatening services.
How to allow communication for a certain application through the firewall ?
The firewall is by default in automatic mode, thereby deciding itself which connections should be blocked and allowed. This works in most cases without user intervention but sometimes it is necessary to add an exception if, for instance, a user-installed program cannot access the internet. If you find that you are having problems, you can check in the client whether ESET Endpoint Security is blocking the connection and decide whether to create an exception for it in the future. Make sure that you trust the IP address/application/port before doing so.
More general details can be found on the firewall here, and how to allow a connection here.
How to interpret the Protection status icon ?
The Protection status screen informs you about the security and current protection level of your computer:
- The green Maximum protection status indicates that maximum protection is ensured (see picture below).
- A red exclamation point notification icon is displayed if a module needs attention.
- The red exclamation point (!) icon indicates that maximum protection of your computer is not ensured. You may encounter this type of notification in the following scenarios:
- Real-time file system protection is paused – Real-time protection was disabled by the user. Your computer is not protected against threats. Click the link Enable Real-time file protection to re-enable this functionality (see picture above).
- Antivirus and antispyware protection is paused – Click Start all antivirus and antispyware protection modules to re-enable antivirus and antispyware protection in Protection status pane or Enable Antivirus and antispyware protection in Setup pane.
- Antivirus protection is non-functional – Virus scanner initialization failed. Most ESET Endpoint Antivirus modules will not function properly.
- Detection engine is out of date – This error will appear after several unsuccessful attempts to update the detection engine. We recommend that you check the update settings. The most common reason for this error is an incorrect configured connection settings.
- Product is not activated or License expired – This is indicated by a red protection status icon. The program is not able to update after your license expires.
More details can be found here.
Upgrading to Windows 10
If you are running a Windows version older than Windows 10, it is highly recommended that you upgrade to the latest version of your ESET product, then download the latest module updates, before upgrading to Windows 10. This will ensure maximum protection and preserve your program settings and license information during the upgrade to Windows 10.
More details can be found here.
License Validity
For CERN devices that are centrally managed via CMF the licensing will be handled automatically. For your personal/self-managed devices the license must be renewed annually. This is accomplished by installing a separate item from the CERN AppStore that will renew the license for you. You will receive communications when action is required from you to prevent the license from expiring and thus losing protection.
What are common symptoms of an infection ?
Not all computer performance problems are caused by malicious software.
The presence of malware on your computer may not always be immediately obvious, so it is important to run regular scans. However, some of the more common symptoms are listed below:
- New toolbars, links or favourites that you did not intentionally add to your web browser.
- You type the address for a specific site, such as a search engine, but you are taken to a different website without notice.
- Your Home Page or Search Program changes unexpectedly.
- Your files are automatically deleted from your computer.
- Your computer is turned on Botnet by attackers and it is used to attack other computers.
- Unattended pop-up ads are displayed without your consent, even if you are not on the Internet.
- Onscreen Warnings about system infection from a source other than your antivirus software.
- Your PC suddenly starts running more slowly than usual.
- The ESET Endpoint Security icon disappears from the menu bar (at the bottom right) or cannot be started.