ESET Endpoint Antivirus and MS System Center Configuration Manager

We use Microsoft's System Center Configuration Manager 2007 (SCCM) to deploy our software packages to our workstations along with updates for things like Reader, Acrobat, Flash, Java, Silverlight, etc. We are in the process of testing Endpoint Antivirus (v5.0.2122.1) and have found that the Web Access Protection module is interfering with the HTTP SCCM communication between the client and the SCCM server. SCCM uses HTTP for many of its communications and deploying packages that will be installed on the client. In testing we have found that if the Web Access Protection is enabled, SCCM is able to discover and install the client on the workstation but all software deployment is blocked with HTTP errors in the SCCM logs. Disabling the Web Access Protection in Endpoint Antivirus solves the problem and the packages are deployed with no errors.

We have 150 computers right now on SCCM with version 4.2.76 and we have never had any issues deploying packages due to ESET.

Please let me know if you need any other logs or any other information to hopefully solve this problem as we cannot deploy v5 until this is resolved.

 

We're seeing the same problem and turning scanning off for port 80, seems to fix the problem.

Is there any update for this?

 

Check and see which version of the Internet Protection Module the Endpoint Security is using from the About menu. I was just testing this a few minutes ago and with Internet Protection Module 1042 I was able to do a push install from SCCM to a workstation with Endpoint Security and the Web Access Protection module enabled. I'll have to do some further testing to make sure everything is functioning, but I've gotten further now than I was before.

I found out through another thread that the ERAS 5 is broken in serving module updates to Endpoint Security (if you are using ERAS as a mirror for updates). I pointed my test client directly to ESET Servers for updates and it downloaded Internet Protection Module 1042.

 

The Internet protection module 1042 contains a general workaround for any badly written application not adhering to RFC standards to avoid http protocol communication issues.