Newsletter, Security

During the first 2 weeks of March, we will be migrating to a new ESET server and ERA server version. The new server will bring added security functionality and EDR/XDR functionality will be available simply by upgrading the endpoint licenses. Note that we continue to support Wazuh and the new XDR features will not replace it. They will be an additional security layer and will integrate with Wazuh SIEM (if you are currently using Wazuh).

The features and license you currently use will remain the same however these new features will become available upon request:

  • Behavior analysis reports: Identify users with risky and repetitive behaviors.
  • Files with never before seen signatures are submitted to sandbox for analysis prior to allowing execution.
  • Support for Linux platforms.
  • Desktop multi-factor authentication for added security.
  • Vulnerability and patch management.
  • Reference detections to the MITRE ATT&CK™ framework.
  • Exporting of detections to Wazuh and other SIEM platforms.

Our migration is expected to take 1-2 days per client and will consist of the following steps. Note: users will be migrated using a canary rollout method and the process should be transparent and non-obstructive to 99.9% of users.  A commencement notification will be sent to each user’s desktop prior to the migration.

  1. Each group’s Internet and device policies will be exported to the new server platform.
  2. Existing SSL connection certificates will be migrated to the new server platform.
  3. The groups will receive new telemetry with the new server’s connection details.
  4. Once the endpoints connect to the new server, they will have Azure code signing installed if necessary.
  5. The existing ESET protect AV will be upgraded from version 10 or 11 to version 12.
  6. The computer will be moved to the user’s group policy on the new server platform.

Please note some important considerations:

  • During step 5 (AV upgrade from V10 or V11 to V12) the ESET icon tray status may display a red exclamation point and alert you that the protection module is not working. This is only temporary and should go away in between 5-15 minutes, depending on the computer and Internet speed of the device being upgraded.
  • After the upgrade is complete, you will be notified and asked to restart your computer. It’s not necessary to restart right away but please restart before you leave at the end of the work day.

Leave a comment

Your email address will not be published. Required fields are marked *

More Posts

    error: Sorry, copy/paste is disabled
    Skip to content