ESET releases a slew of updates enhancing the preventive defences of businesses
In early 2021, ESET released ESET PROTECT, a new generation of our remote management tool enabling IT admins to securely deploy and manage ESET security products. Now, in 2022, ESET’s line of business products is undergoing a wide-ranging refresh that will touch nearly all business customers.
The overarching goal behind the upgrades is to sharpen customers’ tools to prevent cybercriminals from playing havoc with their networks. Although it is not possible to prevent all attacks on a network, by reducing the attack surface along with preventive measures such as speedy patching, careful system configuration, fastidious monitoring, and periodic health checks, it is possible either to entirely remove the ability for some types of attacks to be attempted or to quickly detect the red flags that an attack has started so as to shut it down.
Among the host of changes, four are key in assisting IT admins to better manage the security risks in their environments: auto-updates, the ESET PROTECT dashboard for ESET LiveGuard Advanced, and management of Brute-Force Attack Protection, and web control for Android devices.
1. Auto-updates for patch management
A new auto-update mechanism to keep ESET Endpoint Security and ESET Endpoint Antivirus for Windows always up-to-date is now in place. Starting from version 9, auto-update is enabled by default with the possibility for IT admins to turn off this feature entirely or only up to a specific version via the ESET PROTECT console.
The introduction of the auto-update mechanism aims to lighten the burden on IT admins’ shoulders of keeping security software up-to-date in a timely manner, especially when new protective features become available and bugs need to be fixed.
2. An inside view into ESET LiveGuard Advanced
ESET PROTECT now offers a dashboard for ESET LiveGuard Advanced (formerly called ESET Dynamic Threat Defense). ESET LiveGuard Advanced is a cloud-based technology that analyses suspicious files submitted by endpoints for new or previously unseen threats, especially new versions of ransomware. By running the submitted samples in the cloud, it is possible to use heavyweight machine learning models and robust detection algorithms that can rapidly analyse and score the samples as malicious, suspicious, or clean.
The ESET LiveGuard Advanced dashboard gives customers a broad view into the detections seen by the technology globally and more detailed statistics for their own networks:
Figure 1. ESET PROTECT dashboard for ESET LiveGuard Advanced
3. Brute-force attack protection for remote workers
To keep pace with the new Brute-Force Attack Protection in ESET endpoint security products for Windows, IT admins can now manage this module from the ESET PROTECT console. Introduced to better defend businesses in the remote work era, this detection layer blocks external IP addresses that exhibit the characteristics of an oncoming brute-force attack on remote desktop protocol (RDP) logins.
With the ubiquitous availability of RDP on Windows machines and the need to work remotely becoming an overnight need in 2020, many businesses turned on RDP to give employees access to company resources from home. In the hope of breaching organisations worldwide that may have failed to secure their use of RDP sufficiently, cybercriminals have been scanning the internet and attempting billions of brute-force attacks as seen in ESET telemetry alone.
4. Protecting Windows on Arm
With the expected growth of ARM64 hardware reaching employees’ hands, ESET Endpoint Security and ESET Endpoint Antivirus now offer ARM64 builds from version 9. Traditionally, ARM-powered processors dominated the mobile device market due to unique hardware characteristics that made them amenable to hand-sized form factors, fanless designs, and long battery life. Taking these ideas to laptop and 2-in-1 platforms has opened a whole new world of useful devices that extend the familiar experience we know so well from mobile devices along with the need to secure them.
Protecting more than just Windows
For Android users, a new web control feature that allows IT admins to regulate employees’ access to websites from their mobile devices is now available via ESET PROTECT Cloud. Using built-in categories and custom rules, admins can blacklist, whitelist, or warn about URLs that lead to sites with harmful content or that can negatively impact employee productivity.
For Mac users, ESET has released ESET Endpoint Antivirus version 7, which is a new generation of the product built with a microservices architecture that replaces the previous monolithic one. As a result, the product has better performance because it uses services only as needed and has an improved multithreaded design for faster scanning on multiprocessors; is more stable because failed components can automatically restart instead of causing the entire application to crash; has better security isolation because components can run with non-privileged user rights, and is compatible with Apple M1 devices via Rosetta 2.
Currently, version 7 of this product can be managed via ESET PROTECT. The graphical user interface on the endpoint will become available for full management of the product in a future release.
Future plans
While ESET remains committed to protection for macOS devices, work remains to be accomplished in reengineering native builds for Apple M1 devices and in creating the additional protective modules that will integrate into the new microservices architecture to make up the full feature set of ESET Endpoint Security for macOS.