RoboMan

Level 26
Content Creator
Verified
If you're here you may probably have been delighted already by the majestic features of ESET :) Maybe the signatures convinced you? Great static detection for sure. In this thread I will guide you a bit on how to configure your ESET product for maximum security without compromising performance.

  • Why ESET?
ESET's great with signatures, being one of the fastest to add them to their database. It also provides an amazing web filters and phishing protection. As for dynamic protection (real time execution of files) it can be either weak or really smart if configured correctly.
  • Where does this configuration point to?
Of course, security. It will prioritize the maximum lockdown to avoid infection (which may happen if you don't acquire safe habits!). Still, we will make sure it's as light as possible.
  • Is ESET a heavy product?
On the contrary, it's one of the lighter if not the lightest. Almost unnoticable system impact.
  • Should I use it paired with other software?
If necessary, but evaluate which product. For example, OSArmor or VoodooShield can pair up really great, but some extra anti-malware products with real time protection (like HMP.A) may interfere with its features.
  • Can I disable firewall to enable a 3rd party one?
Strongly recommended against. Do not disable any of the components that are not disabled in this configuration. A product works on its whole as a standalone solution, meaning firewall could be connected to real time protection in order to work fully.
  • How does the thing that motivate the world function?
Cannot tell yet. May have that answer on my next firmware upgrade: Roboman 3.51b (beta testing through www.robomanAI.com/betatesting).
---------------------------------
CONFIGURATION

The following configuration setup is intended for maximum protection and interactive user approval. This means, you will be consulted about almost everything, in order for you to have full knowledge and control over your system. If you want an install and forget setup, this is not your thread. And probably not your AV lol.

We will start from the premise you just installed ESET, let it update and restarted the machine. Through the installation process you may have found out you're asked if you want to enable two options:

2018-08-29 13_17_56-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png

Just click YES on both.

If a section is skipped here on the thread it means you should leave it default. Only change what it's specifically told here. Compare the pictures with your configuration and enable/disable.

1. Right click ESET---Advanced setup

2018-08-29 13_32_07-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png

2018-08-29 13_32_53-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png

Real-time system protection

2018-08-29 13_33_15-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_34_00-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_34_20-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png

Cloud based protection

2018-08-29 13_34_50-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png

Malware scans

1. Select "smart scan" and apply the following configuration

2018-08-29 13_36_18-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_36_31-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_36_39-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png
2018-08-29 13_37_18-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_37_43-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_38_13-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_38_31-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_38_42-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_38_56-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_39_17-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png

HIPS

2018-08-29 13_39_34-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_40_11-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png
Firewall
Recommendation: set on learning mode for a week so all Windows and used software connections are learned, then switch to interactive to be notified about every connections.


2018-08-29 13_40_34-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_41_06-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_41_22-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png

Network attack protection

2018-08-29 13_41_37-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png2018-08-29 13_41_54-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png
2018-08-29 13_43_03-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png
2018-08-29 13_43_24-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png
---------------------------------
WAIT, ROBO! I'm too lazy! Can't I just import your configuration file to my ESET product?
Well sir, yes you can. Download it from here:

UPLOAD.EE - Roboman_s_config_file.xml - Download
 
Last edited:

Nightwalker

Level 13
Content Creator
Verified
I'm wondering now if there's really a need to enable advance heuristic/dna signature on realtime > threatsense

The additional threatsense parameters should already have you covered, shouldn't it?
I was going to reply the same thing, Advanced Heuristics/DNA signatures should be used only for new and modified files (default settings), the performance hit isnt worthy in my opinion, but the rest is great.

thanks @RoboMan , it was a nice reading.
 

RoboMan

Level 26
Content Creator
Verified
I'm wondering now if there's really a need to enable advance heuristic/dna signature on realtime > threatsense

The additional threatsense parameters should already have you covered, shouldn't it?
Hi! On the ordinary scenario, default settings should have you covered, that's true. Nevertheless, and taking into account the "paranoid"/user dependant this configuration is, it's enabled to scan even the ESET whitelisted files. Why? Because as there are many ways to bypass the first check ESET does, like a digital signature or a logical bomb, I'd rather keep watching a file that has already been marked as safe in order to avoid any further complications. This implies a bit more of system resources and can be disabled according to your level of paranoia or security need :)
 

elquenunca

Level 2
good post very well explained, well by eset I love I think it is the best security suites despite many users of this forum that are kaspersky in my case kaspersky is in second place always behind eset despite the comparative av
 

RoboMan

Level 26
Content Creator
Verified
Thanks for your positive comments guys!
good post very well explained, well by eset I love I think it is the best security suites despite many users of this forum that are kaspersky in my case kaspersky is in second place always behind eset despite the comparative av
I endeed think ESET is an amazing piece of software! Unlike Kaspersky. it's not install and forget. If you install and forget you're probably using it wrong. Kaspersky's software can be tweaked a bit and then you're set and free to go, it will monitor your whole system and pretty much protect you anytime. But ESET is different and that's why I like it. It seems to be oriented to security enthusiasts or people who like to play with it or have total control over their system. It can act as a lockdown tool to default deny anything and tell you about it, so you can have full control over every thing that's going on. :)
 

Bill K

Level 3
As a longtime user of ESET IS I also found these recommended settings very helpful and enlightening! While the customization control which ESET provides benefits experienced users, its default settings with a few tweaks can easily make it operate primarily behind the scenes with minimal user intervention when desired. It's this level of flexibility which I find to be its strength by not limiting it to a specific target market while ignoring the needs of others. Their forum also provides timely support to any issues you may encounter, unlike many of its competitors. Thanks very much for sharing your configuration settings @RoboMan !
 

Al-Faqir

Level 8
Verified
@RoboMan Thank you again for this useful thread. Isn't it a good idea to share with us how threat detection is carried out by Eset? I mean why not describing how Eset handles unknown malware and how each component (configured with your settings) react. I know this might require a dedicated thread, but I see the need of such threads. Thank you in advance.
 
Last edited:

Dave Russo

Level 6
Verified
If you're here you may probably have been delighted already by the majestic features of ESET :) Maybe the signatures convinced you? Great static detection for sure. In this thread I will guide you a bit on how to configure your ESET product for maximum security without compromising performance.

  • Why ESET?
ESET's great with signatures, being one of the fastest to add them to their database. It also provides an amazing web filters and phishing protection. As for dynamic protection (real time execution of files) it can be either weak or really smart if configured correctly.
  • Where does this configuration point to?
Of course, security. It will prioritize the maximum lockdown to avoid infection (which may happen if you don't acquire safe habits!). Still, we will make sure it's as light as possible.
  • Is ESET a heavy product?
On the contrary, it's one of the lighter if not the lightest. Almost unnoticable system impact.
  • Should I use it paired with other software?
If necessary, but evaluate which product. For example, OSArmor or VoodooShield can pair up really great, but some extra anti-malware products with real time protection (like HMP.A) may interfere with its features.
  • Can I disable firewall to enable a 3rd party one?
Strongly recommended against. Do not disable any of the components that are not disabled in this configuration. A product works on its whole as a standalone solution, meaning firewall could be connected to real time protection in order to work fully.
  • How does the thing that motivate the world function?
Cannot tell yet. May have that answer on my next firmware upgrade: Roboman 3.51b (beta testing through www.robomanAI.com/betatesting).
---------------------------------
CONFIGURATION

The following configuration setup is intended for maximum protection and interactive user approval. This means, you will be consulted about almost everything, in order for you to have full knowledge and control over your system. If you want an install and forget setup, this is not your thread. And probably not your AV lol.

We will start from the premise you just installed ESET, let it update and restarted the machine. Through the installation process you may have found out you're asked if you want to enable two options:

View attachment 196836

Just click YES on both.

If a section is skipped here on the thread it means you should leave it default. Only change what it's specifically told here. Compare the pictures with your configuration and enable/disable.

1. Right click ESET---Advanced setup

View attachment 196837

Firewall
Recommendation: set on learning mode for a week so all Windows and used software connections are learned, then switch to interactive to be notified about every connections.


View attachment 196855View attachment 196856View attachment 196857

Network attack protection

View attachment 196858View attachment 196859
---------------------------------
WAIT, ROBO! I'm too lazy! Can't I just import your configuration file to my ESET product?
Well sir, yes you can. Download it from here:

UPLOAD.EE - Roboman_s_config_file.xml - Download
Thanks
 

Umar.18

Level 1
I think firewall in interactive mode will raise a lot of alerts even for well known programs such as Google Chrome browser. Any user with intermediate level of knowledge will not be able to understand the technical details of firewall alerts. I think that is only one down point of ESET's firewall. On the other hand it is the best and feather light solution for most people.
 

blackice

Level 1
I was going to reply the same thing, Advanced Heuristics/DNA signatures should be used only for new and modified files (default settings), the performance hit isnt worthy in my opinion, but the rest is great.

thanks @RoboMan , it was a nice reading.
I know this is an old message, but I was curious what the performance impact of real-time advance heuristics is? What is it doing in comparison to the normal heuristics that causes the impact? I’m new to ESET and their language on this is pretty vague on their website.