Skip to main content

Recommended settings for ESET File Security installed on a terminal server (4.x) - Kennisbank / Server Solutions / ESET File Security / EFS for Windows Server - ESET Tech Center

Recommended settings for ESET File Security installed on a terminal server (4.x)

Authors list

https://support.eset.com/kb2791

Issue

  • Citrix and other terminal servers should be configured using these parameters when running ESET products

Recommended product for install on terminal server

What is the difference between ESET File Security for Microsoft Windows Server (EFSW) and ESET File Security for Microsoft Windows Server Core (EFSC)?

EFSC is a performance-optimized version of (EFSW). Unlike EFSW, EFSC does not include the following: Document protection module, Email client protection module, mail integration plug-ins, ESET Rescue CD Creator, ESET SysInspector and graphical user interface (GUI).

Because EFSC does not include a GUI, ESET eShell is required to run all commands. See ESET File Security for Microsoft Server Core (p.7)

 

Solution

Complete the procedures below in sequence to achieve the best performance on a server with ESET File Security for Microsoft Windows Server (EFSW) installed. For licensing questions in North America, contact ESET Sales at +1 (619) 876-5400.

I. Prevent the graphical user interface (GUI) from starting

The steps in this section will disable the GUI from launching automatically at start up. However you can still access the GUI at any time from the Start menu. If you are not comfortable making changes in the registry, you can alsouse the method for endpoint workstations.

  1. Press the Windows key + to open a run dialog.
     
  2. Type Regedit.exe into the Run field and press ENTER.
     
  3. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
     
  4. Right-click the value egui and select Modify.

Figure 1-1
Click the image to view larger in new window

  1. Delete the string in the Value data field. 

To revert this setting

If you want to revert this setting and enable automatic start up of the ESET File Security GUI, navigate to the egui registry value, repeat steps 1 to 4, and add the string "C:\Program Files\ESET\ESET File Security\egui.exe" /hide /waitservice

Admins: The setting below will stop the GUI from loading (launching, starting, etc.) for standard users and will allow it to load on any login from an Admin account.

Add the /terminal switch to the end of the existing string. The following is an example of the Value data of egui:

"C:\Program Files\ESET\ESET File Security\egui.exe" /hide /waitservice /terminal

II. Enable Protocol Filtering

  1. Open ESET File Security by clicking Start → All Programs → ESET → ESET File Security → ESET File Security.
     
  2. Press F5 to open Setup.
     
  3. Expand Computer protection → Antivirus and antispyware → Protocol filtering.
     
  4. Select the check boxes next to Enable application protocol content filtering and Start application protocol protection automatically.

Figure 2-1 
Click the image to view larger in new window

  1. Click OK to save your changes.

III. Enable passive Web access protection

  1. Open ESET File Security by clicking Start → All Programs → ESET → ESET File Security → ESET File Security.
     
  2. Press F5 to open Setup.
     
  3. Expand Computer protection  Antivirus and antispyware  Web access protection.
     
  4. Make sure that the check box next to Enable web access antivirus and antispyware protection is selected. If you are using Windows Server 2008 or newer, skip to part V. If you are using Windows Server 2003, continue as normal.

Figure 3-1
Click the image to view larger in new window

  1. Expand Computer Protection  Antivirus and antispyware → Web access protection → HTTP, HTTPS → Web browsers.
     
  2. Click Add.
     
  3. Navigate to the .exe files for any web browsers that you want to run Web access protection on and click Open(we recommend that you enable this feature for all web browsers).

Figure 3-2
Click the image to view larger in new window

  1. When you have finished adding browsers, click OK.

IV. Enable active Web access protection–WINDOWS SERVER 2003 ONLY

  1. Open ESET File Security by clicking Start → All Programs → ESET → ESET File Security → ESET File Security.
     
  2. Press F5 to open Setup.
     
  3. Expand Computer protection  Antivirus and antispyware → Web access protection → HTTP, HTTPS → Web browsers → Active mode.
     
  4. Select the corresponding check boxes for each of the web browsers listed to enable active Web Access protection. If a browser is not included in the list, repeat the steps from section III above to add it.

Figure 4-1
Click the image to view larger in new window

V. Adjust the number of Scanning Engines

If there are no other restrictions on system resources, we recommend that you increase the number of ThreatSense scanning engines to improve performance.

  1. Open ESET File Security by clicking Start → All Programs → ESET → ESET File Security → ESET File Security.
     
  2. Press F5 to open Setup.
     
  3. Expand Computer protection  Antivirus and antispyware → Performance.
     
  4. Set the Number of ThreatSense scan engines field to equal twice the number of physical CPUs that your server has plus one. For example, a server with four physical CPUs would have nine scan engines running. You will be notified by ESET that you must restart your computer before these changes will take effect. Click OK once you are finished to close Setup.

    About this calculation

    This calculation should be made based on the number of CPUs available on the operating system where the ESET product is installed. The value specified here determines the number of scanners available for ESET protection modules, such as On-access, On-demand, etc.

Figure 5-1

Reactie toevoegen

Please log in or register to submit a comment.

Need a password reminder?