Installation manual
23
7. ESET Security system update
7.1 ESETS update utility
To maintain the effectiveness of ESET Mail Security, the virus signature database must be kept up to date. The esets_update
utility has been developed for this purpose. See the
esets_u p da te(8 )
man page for details. To launch an update, the configuration
options
‘a v_up d a te_u sern a me’
and
‘a v_up d a te_p a ssword ’
must be defined in the
[g loba l]
section of the ESETS configuration file.
In the event that your server accesses the Internet via HTTP proxy, the additional configuration options
‘p ro x y_a ddr’
,
‘p ro x y_po rt’
must be defined. If access to the HTTP proxy requires a username and password, the
‘p ro x y_userna me’
and
‘p ro x y_pa sswo rd’
options must also be defined in this section. To initiate an update, enter the following command:
@SBINDIR@/esets_update
NOTE: If you have a fully functional ESET File/Gateway Security for Linux, BSD and Solaris installation and you wish to expand
it by adding ESET Mail Security, you will need to set your new username and password for ESET Mail Security either in the ESETS
configuration file, or in the Web interface. This will prevent possible issues with updates in ESETS.
To provide the highest possible security for the end user, the ESET team continuously collects virus definitions from all over
the world - new patterns are added to the virus signature database in very short intervals. For this reason, we recommend that
updates be initiated on a regular basis. To specify the update frequency, the
‘a v_up d a te_p erio d’
option must be defined in the
[g loba l]
section of the ESETS configuration file. The ESETS daemon must be up and running in order to successfully update the
virus signature database.
7.2 ESETS update process description
The update process consists of two stages: First, the precompiled update modules are downloaded from the ESET server. If the
option
‘a v_mirror_en a bled’
is set to ‘yes’ in the
[g loba l]
section of the ESETS configuration file, copies (or mirror) of these update
modules are created in the following directory:
@BASEDIR@/mirror
If desired, the Mirror directory path can be redefined using the
‘a v_mirror_dir’
option in the
[g loba l]
section of the ESETS
configuration file. The newly created Mirror can then serve as a fully functional update server and can be used to create lower
(child) Mirror servers. See section 7.3 for details.
The option
‘a v_mirror_pcu’
allows you to download Program Component Update (PCU) modules for Windows-based ESET
security products. These modules can be mirrored from the ESET server.
NOTE: Once you set your username, password and license for ESET Mail Security to download PCU's for ESET NOD32
Antivirus / ESET Smart Security, please contact our Technical Support and request a change, that will enable your ESET Mail
Security to download PCU's for our Windows-based products.
The second stage of the update process is the compilation of modules loadable by the ESET Mail Security scanner from those
stored in the local mirror. Typically, the following ESETS loading modules are created: loader module (em000.dat), scanner
module (em001.dat), virus signature database module (em002.dat), archives support module (em003.dat), advanced heuristics
module (em004.dat), etc. The modules are created in the following directory:
@BASEDIR@
This is the directory where the ESETS daemon loads modules from and thus can be redefined using the
‘b a se_dir’
option in the
[g loba l]
section of the ESETS configuration file.
7.3 ESETS mirror http daemon
ESETS mirror http daemon is installed automatically with ESET Mail Security. The http mirror daemon starts if the option
‘a v_mirror_httpd_ena bled ’
in the
[g loba l]
section of the ESETS configuration file is set to
‘yes’
and the Mirror is enabled.
Options
‘a v_mirror_httpd_p ort’
and
‘a v_mirror_httpd_a dd r’
define the port (default 2221) and address (default: all local tcp
addresses) where the http server listens.
The option
‘a v_mirror_httpd_a uth_m o de’
allows access authentication (default: none) to be changed to basic. The options
‘a v_mirror_httpd_u sern a me’
and
‘a v_mirror_httpd_p a ssword ’
allow an administrator to define the login and password used to
access the Mirror.