ESET PROTECT Advanced Product Experience Report

Archentrope

Level 1
Thread author
Oct 10, 2020
20
Hi,

I recently purchased ESET PROTECT Advanced for my home computer management needs, which includes cloud management, endpoint protection, file server security, full disk encryption and cloud sandbox features.

components.png

It is worth mentioning that the ESET Remote Workforce Offer is recently available for $248.40 (5 seats/year). After purchase, follow the email instructions to sign up for a Business Account, account binding, and activate ESET PROTECT Cloud (cloud management), which can be activated with an optional data storage location in Europe or the US to ensure compliance requirements. Then log in to the admin side, which has an beautiful design.

ESET also provides a way to set up a local management console (usually requiring a Workstation or Server), but compared to cloud management, this approach requires additional hardware acquisition, maintenance costs, and time costs for setup, debugging, and operation maintenance.

login page.png

Then you need to customize the installation package, as well as the installation and deployment to the family members to be managed, here skipped the specific process, after all, we are no stranger to EES.

The home page is the various management bins (dashboards), and here is the status overview.

status overview.png

Here is the security overview, where you can see the "achievements" of components such as anti-virus, HIPS and network protection.

security overview.png

Here are the layers of protection for ESET security titles.

layers.png

Here is the detection overview, where you can see that Augur technology currently accounts for about 35% of detections on various family members' computers (including one used for testing malware samples).

top detections.png

Here is the policy management, I have selected several pre-made policies based on the best practices provided by ESET, and uploaded the custom policies provided by ESET for Filecoder (ransomware), which are HIPS and firewall rules, saving the time to configure the rules by myself, which is very convenient.

ESET's policy management is fragmented and component-based, which makes it a much better experience than Kaspersky Security Center.

policies.png

Here I customized a setting to set Proactive protection to: block execution until analysis results are received.
If a file is seen for the first time (suspicious), it will be uploaded to the ESET Dynamic Threat Defense (EDTD) cloud sandbox for analysis, which typically takes 3-5 minutes.

This setting is required with an EDTD license, see below for more details on EDTD.

For more details about the cloud sandbox, please see the following: [KB6682] Sandbox

proactive.png

The files will be disabled until the analysis results are available (similar to Microsoft Defender's "block on first sight").

proactive1.png

Suspicious files are transferred to EDTD for analysis, either automatically or through manual submission by the user, and behavioral analysis reports are available for licenses above 100 seats (which I do not have).

Here you can see that most files are automatically submitted to EDTD and a few files are automatically submitted to LiveGrid. note that EDTD is different from LiveGrid and the differences are detailed below.

submitted files.png

Here is the specific report after the file analysis. 1-74 is Clean, 75-89 is Suspicious, 90-99 is Highly Suspicious, and 100 is Malware. The file in the picture was identified as malware.

file details.png

Here is the report. ESET has a lot of pre-set report templates, which are very beautiful.

reports.png

Here is the detection report.

detections.png

Overall experience.

ESET PROTECT Advanced is much better than Kaspersky Security Center + KES (company use, about 200 seats) in terms of overall experience (only the deployment, management, use, etc., not the overall protection). Kaspersky's protection is excellent, but the Kaspersky Security Center experience is rather mediocre, and some of the features are even difficult to use. I have spent a lot of effort in deploying, debugging, using and maintaining it, and have encountered many bugs and made many phone calls and emails with technical engineers (very professional). Up to now, I have not stepped on any potholes or encountered any bugs in the process of using ESET PROTECT Advanced.

If you want to know more about the above, please let me know in the reply post and I will add more content or technical details.

Thanks.
 

Alex92

Level 1
Jan 19, 2021
18
Hi, from ESET Protect Cloud is possible to update third-part software? I try but only msi packages is working...
 

Archentrope

Level 1
Thread author
Oct 10, 2020
20
Hi, from ESET Protect Cloud is possible to update third-part software? I try but only msi packages is working...
Yes, only *.msi file is supported. And the Software Install task always performs silent installation of the msi packages. You cannot specify msiexec parameters. You can specify only parameters used by the installation package itself. To learn more, you can check here: Software Install | ESET PROTECT Cloud | ESET Online Help
 
  • Like
Reactions: Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top