Installation manual
27
8. ESET Security system update
8.1 ESETS update utility
To maintain the effectiveness of ESET Gateway Security, the virus signature database must be kept up to date. The esets_update
utility has been developed specifically for this purpose. See the esets_update(8) man page for details. To launch an update, the
configuration options ‘av_update_username’ and ‘av_update_password’ must be defined in the [global] section of the ESETS
configuration file. In the event that your server accesses the Internet via HTTP proxy, the additional configuration options
‘proxy_addr’, ‘proxy_port’ must be defined. If access to the HTTP proxy requires a username and password, the ‘proxy_username’
and ‘proxy_password’ options must also be defined in this section. To initiate an update, enter the following command:
@SBINDIR@/esets_update
To provide the highest possible security for the end user, the ESET team continuously collects virus definitions from all over the
world - new patterns are added to the virus signature database in very short intervals. For this reason, we recommend that
updates be initiated on a regular basis. To be able to specify the frequency of updates, you need to configure the ‘@update’ task
in the ‘scheduler_tasks’ option in the [global] section of the ESETS configuration file. You can also use the Scheduler to set the
update frequency. The ESETS daemon must be up and running in order to successfully update the virus signature database.
8.2 ESETS update process description
The update process consists of two stages: First, the precompiled update modules are downloaded from the ESET server. If
‘av_mirror_enabled’ is set to yes in the [global] section of the ESETS configuration file, copies (or mirrors) of these update
modules are created in the following directory:
@BASEDIR@/mirror
‘av_mirror_pcu’ allows you to download Program Component Update (PCU) modules for Windows-based ESET security products.
These modules can be mirrored from the ESET server.
Note: To enable the mirror and download PCUs for ESET NOD32 Antivirus, ESET Smart Security, ESET Endpoint Antivirus or ESET
Endpoint Security, you have to:
set your Username and Password for update purposes (as described in the topic above),
import a license for your specific ESET product.
The second stage of the update process is the compilation of modules loadable by the ESET Gateway Security scanner from those
stored in the local mirror. Typically, the following ESETS loading modules are created: loader module (em000.dat), scanner
module (em001.dat), virus signature database module (em002.dat), archives support module (em003.dat), advanced heuristics
module (em004.dat), etc. The modules are created in the following directory:
@BASEDIR@
This is the directory where the ESETS daemon loads modules from and thus can be redefined using the ‘base_dir’ option in the
[global] section of the ESETS configuration file.
8.3 ESETS mirror http daemon
The http mirror daemon in ESET Gateway Security allows you to create copies of update files which can be used to update other
workstations located in the network. Creation of the "mirror" – a copy of the update files in the LAN environment is convenient,
since the update files need not be downloaded from the vendor update server repeatedly and by each workstation. They are
downloaded centrally to the local mirror server and then distributed to all workstations, therefore avoiding the potential risk of
network traffic overload. This is also a typical feature of ESET Remote Administrator.
The http mirror daemon needs to be properly configured to start and enable the mirror. In the example below esets_mird is
configured to listen on port 2221 of a computer with the local network IP address 192.168.1.10. The following parameters in the
[mird] section of the ESETS configuration file need to be specified:
agent_enabled = yes
listen_addr = "192.168.1.10"
listen_port = 2221
Options ‘listen_port’ and ‘listen_addr’ define the port (default 2221) and address (default: all local tcp addresses) where the http
server listens. If you set the value of the ‘auth_mode’ switch from 'none' to 'basic', the mirror will require authentication. The
options ‘username’ and ‘password’ allow the administrator to define the login and password required to access the Mirror.