we protect digital worlds NOD32 for Windows Administrator NOD32 Remote Administrator User’s guide
content chapter 1. Basic network features of NOD32 for Windows.................5 chapter 2. Centralized management – NOD32 Remote Administrator........................................13 chapter 3. Remote installation........................................................25 chapter 4. Tasks, typical examples..................................................31 Copyright © Eset, spol. s r. o. All rights reserved.
INTRODUCTION The NOD32 Antivirus system offers a wide range of tools, which make running and managing both smaller and larger company networks easier. Even the multi-license NOD32 for Windows offers the basic network services. Especially a feature called Mirror, which serves to decrease traffic across your Internet LAN connection.
Chapter 1: 1 Basic network features of NOD32 for Windows Basic network features of NOD32 for Windows
Internet Mirror server Workstation Workstation Workstation Workstation Figure 1 Principle of a Mirror: The company server downloads updates from the Internet, and workstations update from this local server. The Mirror thus decreases traffic across your Internet connection, because the workstations download update files from the local server, and not from the Internet.
Model installation of Mirror as an HTTP server 1. In the NOD32 Control Center choose Mirror and on the right, click on the Setup button. 2. Check Create update and also Enable access to files to perform program component upgrade. In the upper part, choose those versions of NOD32, for which updates will be downloaded from the Internet. All versions that will be running on the workstations should be checked.
checked. Into the Update mirror folder enter a path to the directory, where updates will be downloaded – i.e. a path to the shared network folder – Mirror – and enter username and password of user with a right to read, write and browse. When entering a path, please use the UNC path. Let’s assume that the shared folder is named NOD32NET and is located on the MAIN server. Then enter the path in this form: \\MAIN\NOD32NET. WARNING! Please, pay attention when entering “username” and “password”.
We recommend creating a new special account for this purpose (e. g. noduser) and using it for downloading updates (company\noduser etc.) NOD32 Program component upgrades Besides the virus signatures database update, a license also includes program updates – program component upgrades, which require a restart of the operating system and bring a lot of new features and improvements to NOD32 (it is an upgrade to a completely new version, e. g. from 2.0 to 2.5).
Such control can be provided for example with this batch file (.BAT): @echo off IF EXIST “c:\program files\eset\nod32.exe” GOTO end echo Installing NOD32... \\server\nod32\setup.exe /SILENTMODE /REBOOT /cfg=\\ server\cfg\konfig01.xml GOTO end2 :end echo NOD32 already installed... GOTO end3 :end2 echo Completed...
• • • • • • Protection Modules > AMON > Setup > Security tab > Enable automatic startup of AMON. AMON / Settings / Enabled AMON – the resident shield will watch over the manipulation of files (YES), or will be running only in the background and will not watch over the manipulation (NO).
Chapter 2: 2 Centralized management – NOD32 Remote Administrator Centralized management – NOD32 Remote Administrator
Remote Administrator NOD32 Remote Administrator serves to manage the NOD32 antivirus system in large computer networks. Thanks to NOD32 Remote Administrator, you can get a global overview of the NOD32 antivirus system activity on network workstations together with information about any eventual infiltration.
You can control the service manually using these commands: NOD32RA.EXE –INSTALLSERVICE NOD32RA.EXE –REMOVESERVICE During installation, the program will ask for the location of the license key, i.e. of the file called nod32. lic, which contains information about its owner, its expiry date as well as about the number of users, for which the RAS was purchased.
Figure 3. The main screen of the NOD32 Remote Administrator Console. The communication between the console and RAS takes place on TCP port 2223. As soon as the communication is established, the title Connected [name_of_the_server] appears in the title. 1. In this section you can find more detailed information about the RA server to which the console is connected and also information about RA servers related to it (in case of replication).
by using the right button of the mouse and by choosing the feature Reset “New“ Flag. The icon will change to this: The attribute Comment is selectable in all of the tabs. It serves for inserting the administrator’s comments (for example alternative name of client workstation). The attribute Primary Server denotes the name of the RAS, to which the remote client is connected via NOD32 Control Center.
Event Log Tasks Event log contains information about an event other than the virus. The report can be filtered to display only information you need – for example with the tick boxes in Type of Event Log. To get more detailed information about an event, click left mouse button on the event. The Tasks tab contains information about tasks planned in the past (more details in the chapter on Tasks). Attributes: Alert Id – log identification number. Client Name – name of client workstation.
interface of the resulting report (NOD32 Scheme is more graphically-demanding). In the Filter section you can choose what clients (Target Clients), or viruses (Viruses) will be included in the report. Other details can be set by clicking on the Additional Settings tab. It applies mostly to data in the heading and in the types of the diagrams used. At the same time, you can filter the client computers according to states of chosen attributes, and you can also choose the format of the output file (HTML, CSV).
Combined Top Clients / Top Viruses – combination of the above mentioned types. Combined Top Viruses / Alerts Progress – combination of the above mentioned types. Combined Top Viruses / Alerts Comparative Progress – combination of the above mentioned types. Clients Report, Alerts Report, Events Report, Scans Report, Tasks Report – typical reports that can be viewed in the Clients, Alert Log, Event Log, Scan Log or Tasks tab.
log tabs. Events older that X months will be deleted. Delete alert logs older than X months Delete event logs older than X months Delete scan logs older than X months Clean up every X minutes – settings above will be applied every X minutes. When deleting events (by administrator or functions described above) no physical cleaning directly from the database file is done.
The console can be configured in the menu Tools / Console Options… Relative – console will display relative time (e.g.: 2 weeks ago). Regional – console will display time according to regional settings (taken from the Windows settings). Recalculate UTC time to your local time (use local time) – Check this checkbox to recalculate to your local time. Otherwise, GMT – UTC time will be displayed.
Filter Filter is used to display only records that are important for the administrator to know. Filter can be enabled by the option View / Show/Hide Filter Panel in the console menu. To activate filter, check the Use Filter checkbox and click the Apply Changes button to start the filtering.
Data can be exported to different file extensions. We recommend exporting to an HTML, or to a CSV file (the file can be edited, for example, in MS Excel after that), where individual attributes are separated by commas (comma delimited) or by semicolons (semicolon delimited). Print Similarly, data from the tabs Clients, Alert Log, Event Log, Scan Log, Tasks can be printed. First of all, configure page setup in the menu File / Page Setup.
chapter 3: 3 Remote installation Remote installation
Introduction The product NOD32 Remote Administrator enables remote installations of NOD32 for Windows to workstations in a network. Remote installation can be divided into two parts: • Creation of installation packages and their configuration • Export to remote workstations. In the NOD32 Remote Administrator console, navigate to the “Remote Install” tab. This tab deals with remote install.
Remote Installation Process Export to remote workstations How to create and configure installation packages PUSH install method First of all, create installation packages – files with *.nip extension, or installers for specific workstations (according to their operating system) with a preset configuration. To do it, click on the Packages (the Manage Packages section) button in the Remote Install tab.
which a line providing installation (or uninstallation) of NOD32 on remote workstations will be inserted. Click on the EDIT button to edit the file in the user-friendly internal editor. Click on the SAVE button to confirm the changes made. HINT: Alternatively, you can choose your own way, outside the console. Copy the file nod32installer.exe from the RA server from corresponding package and install it in your own way. It is located in the directory: C:\Program Files\Eset\RA\Server\packages\{package_name}.
installed on workstations. If yes, it will not attempt to install it again. • Run the installation of NOD32 for Windows under an administrator account. All data is sent from the RA console, or the file nod32installer.exe receives them from the RA server. • Uninstall NOD32 for Windows from workstations. Each new package created in the RA console has its own nod32installer.exe. Internal information in this file is related to the package and RA server. Address of RA in the files nod32installer.
445, 135 - 139), or the relevant station is not visible on the level of network places. Could not install NOD32 Installer onto target computer (SC error code 6, GLE error code 67) - It is not possible to get to a workstation through share ADMIN$ (or it is a workstation with Windows XP Home, which does not support such system sharing) Could not retrieve required information from target computer (RES error code 13, GLE error code 997) - Probably „Remote registry“ service is not enabled at the station.
chapter 4.
Introduction NOD32 Remote Administrator enables the administrator to create tasks and apply them to remote client workstations with NOD32 for Windows. Using the RA console you can create three types of tasks: • “Configuration” – to make changes in configuration of remote client workstations. • “On-Demand Scan” – to run an antivirus scan on remote client workstations. • “Update Now” – to immediately update remote client workstation.
from Clients Panel to add currently displayed clients to the list from the “Clients” tab of the console. Check the Selected option to move only those clients which were picked up in the “Clients” tab. In the final step, you can name the task, or add its description. This data serves only to help the administrator and for easier orientation.
from the “Tasks” tab of the RA console after it has been completed (Delete tasks automatically by cleanup if successfully completed).
chapter 5.
Large networks In large networks, you can install more RA servers for easier manipulation.The servers would create an imaginary structure. The burden connected with communication with client workstations and RAS can be distributed. This way you can also define sub-administrators who will control only a group of client workstations. All transfers between servers are encrypted. A company department network is an example of a sub-network.
Networks consisting of superior / inferior RAS servers allows the administrator to only control those client workstations that can be momentarily accessed by RAS (using RA console) and eventually can control clients connected to inferior RA server(s). So if the administrator connects using RA console for example to RAS3, he/she will be able to control client workstations connected to RAS3, RAS4, RAS5, and RAS6. If the administrator connects to RAS5, he/she will be able to control RAS5 and RAS6.
chapter 6.
This is a summary of the most important information: • You can install either NOD32 for Windows – standard edition, or NOD32 for Windows – professional edition on the workstations. • NOD32 for Windows – professional edition contains the Mirror feature. • Mirror provides an update download from the Internet and distributes it to other workstations in the network. • Mirror has two variations: as a shared folder, or as an HTTP server. • Mirror, as an HTTP server, is simpler when it comes to its configuration.
