Mirror Authentication - Basic vs NTLM

Hi all,

I am trying to set a password for my roaming clients to get updates from our internal HTTP server. I created a NOD32 user profile to read the mirror folder. This set of password works well with basic and NTLM authentication.
What is the difference between the two since they function the same in this case?

Help will be greatly appreciated!

 

Any kind souls around could explain to me?

 

Hello nubdonut,

If you have machines outside of your network, they should download updates from the ESET servers instead of your server. This will allow them to download them possibly faster and more reliable, since we have redundancy in place for update servers. Opening your update server to the internet is also against the terms of the license.

 

I believe Basic passes the username/password in plaintext, NTLM will authenticate against a local Windows (user will work) account and pass a hash.

 

You do realize that this can put your userbase in really bad situations, right? On several occasions your update servers have been overloaded and unavailable, and clients trying to download them silently failed thinking an update wasn't available, even though it was. Combine this with remote access solutions that use client health monitoring and your outage renders our staff unable to telecommute, which is completely unacceptable.

 

There are two problems with letting roaming users download directly from ESET:
1) the company username/password must be pushed onto the client whenever it's changed (renewed), which can be a pain for the administrators if they don't have a deployment/management scheme in effect
2) the company's username/password are made available to the users, who can thereupon transfer them to a 3rd party via a registry export

Allowing external authenticated users, or users connected via VPN, access to the company mirror should be acceptable.