[Recommend for enhancement] Update module

Hi There,

Our company is just deploying ESET for first time use, and I felt that the Update profile component was very misleading in EAV3, and still have to be tested in EAV4.

Chances are that this recommendation wont make it into the final release, but it would be nice if would be considered for future versions.

When I look at the Setup -> Update section, I see profile name, server name and an Edit button. Pressing the edit button allows me to add more servers to the update list for that profile, but this section seems to be misleading to me.

As of current, only the server in the selected dropdown menu will be the server the clients takes updates from, and ignores the rest even if the update fails. I would like this process to be updated so that you can set a default server, fallback server(s), and finally failover server to ESET.

so, example of my server list would be:

http://updateserver1.network.com:2221 - Default
http://updateserver2.network.com:2221 - Fallback
http://satilliteoffice.network.com:2221 - Fallback
Update from ESET - Failover (enabled) <-- enabled so that IT administrators can also disable this in their profile)

So EAV would cycle through the list, starting from top down, to find an update until its sucessful. Does this make sense to anyone, or should I explain further?

 

You can edit an update task and specify the secondary update profile which will be used if update from the primary server fails.

 

Which is fine, and I do have that setup to failover to ESET, but I still prefer that the client fallback to other ERA servers I have setup before wasting our precious bandwidth we have in our satellite offices before going out to the web and doing a 2mb download. The way our network is setup in our offices is not so favourable to cross communications (satellite <-> satellite communication does not work.)

Plus I feel guilty that internally we have our clients auto-update every 15 minutes, which is fine internally, but probably would hurt ESET badly when the client cannot contact one of the six ERA servers we have, which will happen frequently due to the network config.

 

Also Marcos, I just wanted to point out, that my recommended method will have the "Update virus signature database" button on the client be functional in all scenarios, which is more beneficial, than its current state.

Currently, in my setup with NOD3 BE, the Update virus signature database will only work if its able to contact the ERA. If it cannot update the update the ERA, the update is considered a failure, and does not attempt to use the ESET mirrors. Since our NOD3 BE configuration is password protected, end users will not have access to change the database profile to use ESET either. This means these computers will have to rely on scheduled updates to get its update.

With my recommended method, the client would start with the Default server to try the update. If that update fails, it would (sequentially or randomly, I'll leave that with you guys to decide) try one of the fallback servers in the list, and keep trying other fallback mirrors in a chance the next mirror still not reachable. If there is no success on reaching any of the ERA servers (such as a laptop not signed into the VPN at the time) the client would then failover to use ESET mirrors (which would be administratively be able to enable/disable.)

With this change to the update module, you can see how this can provide a superior chance of protection. Not only that, but this is a win/win scenario for Corporations and ESET. Corporations wins because its internet resources would not be wasted in a chance that a mirror (of many) went down (maintenance, reboots, unknowns, etc...) and ESET wins as this would lessen the burden on ESET mirrors as clients would fallback to a working mirror when the client could not establish a connection with a working mirror.