What is ESET?
ESET PROTECT is a cloud-first XDR cybersecurity platform that brings together the power of AI and human expertise to make protection easy and effective. ESET combines next-gen prevention, detection, and proactive threat-hunting capabilities with a broad variety of security services, including managed detection and response. With ESET’s AI-native, prevention-first approach, stay one step ahead of known and emerging cyber threats and experience best-in-class protection.
List of supported ESET products
The SuperOps + ESET integrations works for ESET products under the ESET EMA 2 license. The list of supported ESET products are:
ESET PROTECT Entry
ESET PROTECT Advanced
ESET PROTECT Complete
ESET PROTECT Enterprise
ESET PROTECT Elite
ESET Secure Authentication On-Prem
ESET Endpoint Encryption Pro
ESET Endpoint Encryption Server
ESET Security for Microsoft SharePoint Server (Per User)
Note: The ESET +SuperOps integration is supported for Windows workstations only.
Configuring the ESET Integration
1. Go to Settings > Marketplace and scroll down to ESET. Click on Integrate.
2. Login to your existing ESET account by entering your email ID, password and region. Please login with a user account that has API write access.
Mapping clients between SuperOps and ESET
Once your ESET account is successfully connected, you will need to map your clients in SuperOps to their respective companies in ESET. Here’s how:
1. If there are no companies in ESET yet, create a new company using the client name that already exists in SuperOps. To do this, simply click on the Create box to the left of the client, and your client from SuperOps will be added as a new company in ESET.
2. If the company already exists in ESET, select it from the drop-down menu under the Companies in ESET column against the client you want to map it to in SuperOps.
3. If you don’t want to map a SuperOps client to an ESET company, click the Ignore box to the right of that particular client.
4. Once you have completed matching your clients, click on Import to begin your importing process. This will also import your ESET Installers. If you have created any new installers, it will come into SuperOps only after you click on Import.
5. We will actively show the progress of this import process in the form of a status report. From the status report, you can see the number of clients created, imported, ignored, and errors.
Creating an ESET Installer
1. Log in to ESET PROTECT CLOUD.
2. From Installers on the sidebar, click CREATE INSTALLER.
3. Click Customize installer. The Create Installer wizard appears.
4. Enter the Basic details as follows:
Under Components, enable Security Product.
Click Select under Parent group to apply the installer to a specific group. Select the group and click OK.
Once done, click CONTINUE.
5. Next, enter the Product setup details like so:
Under Security product, select the product of your choice.
Accept the End User License Agreement.
Click Customize more settings to expand the settings.
Under Configuration, click Create. Hit Finish once done.
6. Click FINISH. The Create installer wizard appears.
7. Review the product setup. Then click FINISH. The Distribution tab appears.
8. Copy the installer link. This is the link you need to paste into SuperOps while mapping installers to your clients.
9. Click FINISH. The installer appears on the Installers page.
Mapping your ESET Installers
1. Once you have created your ESET Installer(s), map the right ESET Installer to each client. Copy and paste the installer URL into SuperOps against the respective client.
2. After you've successfully mapped and imported all your clients, enable ESET at the policy level to deploy the ESET antivirus agent for your assets. You can set this by going to Settings > Asset management > Policy management > Asset class > Antivirus. You can override Installer mapping for a client at the policy level if needed.
Enable ERMM Policy in ESET (Optional)
🚨 IMPORTANT NOTE:
To view the number of threats detected by ESET or to run actions like Smart Scan and Update on your assets, you need to set up an ERMM Policy in ESET. This policy allows SuperOps to pull additional information from ESET.
Temporary Solution from ESET: Currently, only a workaround exists, which requires you to provide your system’s PowerShell path. Please be aware that this may pose a security risk, as it can grant third-party applications access to the ESET agent. ESET is actively working on a secure solution, but in the meantime, please proceed with caution if you choose to use this workaround.
1. Login to ESET PROTECT CLOUD and create a Policy to enable ERMM for ERMMA.
2. Go to Policies > Settings > Tools > and enable ESET RMM.
3. Set Working Mode: Safe Operations Only, Authorization Method: Application Path
4. Set the application path to your system's Powershell path. (The default path looks like this: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe)
See ESET in action
Go to Modules > Assets and click on any asset from the list. Here you can see the status of the antivirus in the Antivirus card.
An ERMM Policy is required to do the following:
To see how many threats were detected by ESET, click More info on the Antivirus card. The Actions drop-down button will let you perform the following actions on the ESET agent:
Smart Scan: Enter the file path that you want to scan.
Update
These actions are also available in the Actions drop-down in the top right corner of the Asset summary page.