I imagine this thread may grow as others chime in. . .what I want to do here is to start a list of enhancements that IMO are necessary to take ESET into the corporate enterprise market. I say this as an administrator of 135 licenses of ESS in my current position, and another 30 at a second company I consult. I'm sure there are bigger users out there, but these are items that IMO have got to be remedied for use in a centrally-managed environment. Support, support, support! When an enterprise who spends thousands on software has an issue with a virus, or with the software not responding, or whatever, they are not going to tolerate logging a case on a website and waiting several hours--or even overnight--to get a response. Even if a support contract, incident pack, or some such has to be sold for extra money, there has got to be the possibility of pick-up-the-phone-now, get-support-now technical service. Until then, it may be satisfactory for individual users and small businesses, but it will not be enterprise-class. Roadwarrior update support. When a laptop user is inside the LAN, it should get virus signature and/or program updates off the LAN's mirror server. When it's out of the LAN in the field, it should get updates from ESET directly. If that user moves from one subnet to another, each with its own local mirror server, it should get updates from the closest mirror. Right now, this is [GLOW="sort of"][/GLOW] possible using a weird hack described on page 74 of the ERA User guide, section 10.4 "Combined update for notebooks," but this is a ridiculous hack that only sort of works (if you don't turn off the regular automatic update task, you still get "server not found" errors too). Update selection should be possible by simply creating a list of authorized update servers, and detecting which is valid based upon current LAN settings. LAN Subnet whitelisting. The enterprise network is going to have lots of traffic internally that needs to be unfiltered, without exposing the protected PCs to whatever garbage is on the internet. While the enterprise better have its own external firewall and NAT in place, there is still plenty of good reason for personal firewall software to add another layer of security. For ESS to provide that security, however, it has to be possible by policy, in one simple place, to whitelist an entire subnet (or more than one, or specific IP addresses/ranges) so that absolutely no filtering of any kind gets applied to them. The fact that this is not the case has forced me to turn off the firewall component entirely for a whole subgroup of my users (see this thread). This is unacceptable in the enterprise. Rule/policy/settings management. It's nice that I can choose to apply a setting once to one or more computers, or choose to create a company-wide policy, or a group policy, or to an installation package. It's not nice that if at different times, different settings are applied via these dissimilar routes, there's no centralized place to update/reset that setting so all iterations are in agreement. There should be. Policy/Settings Discovery. Related to the above, if you need to find where a specific setting is coming from, good luck. Is it local, is it in your policies, is it in your installation package, or did you just apply it to one or more computers? There's no way to know but to search. Less redundant settings. There are at least four different places where you could set (or set incorrectly) your update username and password--in the program's own update settings, in the installation package's update settings, in the policy editor, in the bogus laptop settings described above. Get them wrong in any one place (or get a changed password due to license changes) and good luck finding where you need to change it. Something as key as the update password should be changeable once--at the ERA server--and replicate across all managed systems and settings. OK, that's the beginnings of my list. What else can you think of? I want to be able to tell my geek colleagues that ESET products are the best option they could want for their large enterprises. Now I can say a whole lot of good things about security, performance, granular management, etc... and all these things are true and good. But I still have to warn them with these caveats, that it's really not YET an enterprise-class product.