Issue
- Your third-party firewall is interfering with the performance of your ESET products
- You use a third-party firewall, or your computer is on a network behind a firewall
- Home and small office users
- You did not receive an email about registration or change of an ESET online service
Solution
Home and small office users
- If your router or hardware firewall causes ESET activation issues, contact your internet service provider to add the necessary Hostname, IP address and Port number to your router or firewall.
- If your router or hardware firewall causes ESET update errors (for example, "Modules update failed" or "Error downloading Update Modules"), you can use the Troubleshooting wizard to unblock applications or add exceptions. If this does not resolve the issue, undo the changes and contact your internet service provider.
- If you are a home or small office product user that is part of a school or business, contact your network administrator to add the necessary updates.
- You can provide this article to your internet service provider, network administrator or firewall provider, which includes Hostname, IP address and Port information that should be added to the firewall or router.
Your ESET product communicates with resources on the internet over standard HTTP protocol on Port 80, or over HTTPS on Port 443.
To resolve your issue, the following hosts in each ESET component must be made accessible:
- Download detection engine and module updates
- Download pico updates
- Download product installers, updates
- Expiration date
- Support requests
- ESET Secure Authentication Provisioning Server
- ESET LiveGrid®
- Advanced Machine Learning
- Anonymous statistics
- Web Control/Parental Control
- Password Manager
- Antispam
- GUI
- Mobile Security
- ESET Data Framework (Anti-Theft, ESET PROTECT Hub, ESET Business Account, Parental control, Web control)
- ESET PROTECT On-Prem
- ESET PROTECT
- ESET Inspect
- ESET Connect
- ESET Push Notification Service
- ESET LiveGuard Advanced
- Services
- Online Help and Knowledgebase
- MSP
- DNS load balancers
- Telemetry
- Certificate Revocation Checks (OCSP)
- Syslog security restrictions and limits
- Receiving emails from ESET systems
To download detection engine updates:
| Hostname |
|---|
| um01.eset.com |
| um02.eset.com |
| um03.eset.com |
| um04.eset.com |
| um05.eset.com |
| um06.eset.com |
| um07.eset.com |
| um08.eset.com |
| um09.eset.com |
| um10.eset.com |
| um11.eset.com |
| um12.eset.com |
| um13.eset.com |
| um14.eset.com |
| um15.eset.com |
| um16.eset.com |
| um17.eset.com |
| um21.eset.com |
| um23.eset.com |
| um01.cn.eset.com |
| IP address |
|---|
| 91.228.166.13 |
| 91.228.166.14 |
| 91.228.166.15 |
| 91.228.166.16 |
| 91.228.167.132 |
| 91.228.167.133 |
| 38.90.226.36 |
| 38.90.226.37 |
| 38.90.226.38 |
| 38.90.226.39 |
| 185.94.157.14 |
| 91.228.167.170 |
| 38.90.226.40 |
| 185.94.157.10 |
| 185.94.157.11 |
| 38.90.226.44 |
| 91.228.167.92 |
| 91.228.167.26 |
| 91.228.167.21 |
| 119.29.72.159 |
| IPv6 address |
|---|
| [2a05:e800:1001:f00:b13d:71f1:e7c5:5e27] |
| [2a05:e800:1001:f00:f76e:548c:f14f:779e] |
| [2a05:e800:1001:f00:8390:1b8a:7f23:1323] |
| [2a05:e800:1001:f00:fd92:22a9:7f09:a2cf] |
| [2a05:e800:1003:f00:f837:6670:c755:2549] |
| [2a05:e800:1003:f00:85ae:64dd:5a9a:7134] |
| [2a05:e802:1005:f00:7141:7e00:1138:faa5] |
| [2a05:e802:1005:f00:8116:9e87:7a0f:157e] |
| [2a05:e802:1005:f00:cfc9:bf14:a574:15e7] |
| [2a05:e802:1005:f00:956f:8fa9:7691:791b] |
| [2a05:e800:1007:f00:f89f:41c9:473f:855a] |
| [2a05:e800:1003:f00:d1b1:9b14:34bc:bffc] |
| [2a05:e802:1005:f00:ea77:854f:2816:bf72] |
| [2a05:e800:1007:f00:93ab:650b:a906:5b06] |
| [2a05:e800:1007:f00:9df6:e953:8f27:659c] |
| [2a05:e802:1005:f00:1111:106e:b385:d36e] |
| [2a05:e800:1003:f00:eaf6:af3:268d:a2c1] |
| [2a05:e800:1003:f00:1007:8fef:4d49:7f20] |
| [2a05:e800:1003:f00:ff1a:68c9:d694:b6c0] |
| <blank> |
To download detection engine updates, use this hostname:
- update.eset.com
To download detection engine updates only from servers located in a specific region, select one of these hostnames:
- Europe: eu-update.eset.com
- US: us-update.eset.com
To download pico updates:
| Hostname |
|---|
| pico.eset.com |
| IP address |
|---|
| 91.228.166.13 |
| 91.228.166.14 |
| 91.228.166.15 |
| 91.228.166.16 |
| 91.228.167.132 |
| 91.228.167.133 |
| 38.90.226.36 |
| 38.90.226.37 |
| 38.90.226.38 |
| 38.90.226.39 |
| 185.94.157.14 |
| 91.228.167.170 |
| 38.90.226.40 |
| 185.94.157.10 |
| 185.94.157.11 |
| 38.90.226.44 |
| 91.228.167.92 |
| 91.228.167.26 |
| 91.228.167.21 |
| 119.29.72.159 |
| IPv6 address |
|---|
| [2a05:e800:1001:f00:b13d:71f1:e7c5:5e27] |
| [2a05:e800:1001:f00:f76e:548c:f14f:779e] |
| [2a05:e800:1001:f00:8390:1b8a:7f23:1323] |
| [2a05:e800:1001:f00:fd92:22a9:7f09:a2cf] |
| [2a05:e800:1003:f00:f837:6670:c755:2549] |
| [2a05:e800:1003:f00:85ae:64dd:5a9a:7134] |
| [2a05:e802:1005:f00:7141:7e00:1138:faa5] |
| [2a05:e802:1005:f00:8116:9e87:7a0f:157e] |
| [2a05:e802:1005:f00:cfc9:bf14:a574:15e7] |
| [2a05:e802:1005:f00:956f:8fa9:7691:791b] |
| [2a05:e800:1007:f00:f89f:41c9:473f:855a] |
| [2a05:e800:1003:f00:d1b1:9b14:34bc:bffc] |
| [2a05:e802:1005:f00:ea77:854f:2816:bf72] |
| [2a05:e800:1007:f00:93ab:650b:a906:5b06] |
| [2a05:e800:1007:f00:9df6:e953:8f27:659c] |
| [2a05:e802:1005:f00:1111:106e:b385:d36e] |
| [2a05:e800:1003:f00:eaf6:af3:268d:a2c1] |
| [2a05:e800:1003:f00:1007:8fef:4d49:7f20] |
| [2a05:e800:1003:f00:ff1a:68c9:d694:b6c0] |
| <blank> |
To download product installers, updates:
| Service |
|---|
| download.eset.com |
| download.liveinstaller.eset.systems |
| IP address |
|---|
| 91.228.166.154 |
| 91.228.167.190 |
| 38.90.226.111 |
| 20.224.75.204 |
To see the expiration date:
| Hostname |
|---|
| expire.eset.com |
| edf.eset.com |
| IP address |
|---|
| 138.91.165.201 |
| 13.93.203.130 |
| 20.224.75.204 |
| 23.99.12.158 |
| 52.160.70.199 |
To send support requests using the Support request function:
| Hostname |
|---|
| suppreq.eset.eu |
| IP address |
|---|
| 91.228.165.114 |
| 91.228.167.111 |
To allow communication with ESET Secure Authentication Provisioning Server (two-factor authentication):
| Hostname | IP address | Port |
|---|---|---|
| ecp.eset.systems | 138.91.165.201 | 443 |
| 13.93.203.130 | ||
| esa.eset.com m.esa.eset.com |
91.228.167.115 | 443 |
| 91.228.167.120 | ||
| 91.228.167.122 | ||
| 91.228.167.152 | ||
| 91.228.165.162 | ||
| 91.228.165.163 | ||
| 91.228.165.164 | ||
| 91.228.165.166 |
Servers:
| Hostname |
|---|
| h1-esa01.eset.com |
| h1-esa02.eset.com |
| h1-esa03.eset.com |
| h1-esa04.eset.com |
| h3-esa2-01-v.eset.com |
| h3-esa2-02-v.eset.com |
| h3-esa2-03-v.eset.com |
| h3-esa2-04-v.eset.com |
| IP address |
|---|
| 91.228.165.162 |
| 91.228.165.163 |
| 91.228.165.164 |
| 91.228.165.166 |
| 91.228.167.115 |
| 91.228.167.122 |
| 91.228.167.120 |
| 91.228.167.152 |
To use the online reputation database (ESET LiveGrid®):
- Ensure the following ports are open for all IP addresses listed below: TCP 80, TCP 53535, UDP 53535
- The IP addresses below have to be enabled for HTTP port 80
- Users on ESET Endpoint version 7.x and earlier, access to your local DNS server is required for DNS queries on UDP/TCP port 53
- Users on ESET Endpoint version 8.0 and later, access to your local DNS server is required for DNS queries and must be able to resolve hostnames
| Hostname |
|---|
| h1-c01.eset.com |
| h1-c02.eset.com |
| h1-c03.eset.com |
| h1-c04.eset.com |
| h1-c05.eset.com |
| h1-c06.eset.com |
| h1-c07.eset.com |
| h1-c08.eset.com |
| h3-c01.eset.com |
| h3-c02.eset.com |
| h3-c03.eset.com |
| h3-c04.eset.com |
| h3-c05.eset.com |
| h5-c01.eset.com |
| h5-c02.eset.com |
| h5-c03.eset.com |
| h5-c04.eset.com |
| h5-c05.eset.com |
| IP address |
|---|
| 91.228.166.45 |
| 91.228.166.46 |
| 91.228.165.43 |
| 91.228.165.44 |
| 91.228.166.52 |
| 91.228.165.12 |
| 91.228.165.40 |
| 91.228.165.100 |
| 91.228.167.137 |
| 91.228.167.43 |
| 91.228.167.46 |
| 91.228.167.103 |
| 91.228.167.33 |
| 38.90.226.11 |
| 38.90.226.12 |
| 38.90.226.13 |
| 38.90.226.46 |
| 38.90.226.47 |
Domains used by ESET LiveGrid®:
| Hostnames |
|---|
| avcloud.e5.sk |
| dnsj.e5.sk |
| livegrid.eset.systems |
| a.livegrid.eset.systems |
| i1.livegrid.eset.systems |
| i3.livegrid.eset.systems |
| i4.livegrid.eset.systems |
| i5.livegrid.eset.systems |
| u.eset.com |
| c.eset.com |
| a.c.eset.com |
| i1.c.eset.com |
| i3.c.eset.com |
| i4.c.eset.com |
| i5.c.eset.com |
These IP addresses need to be enabled for HTTP port 80. Also, access to your local DNS server is required for DNS queries on UDP/TCP port 53.
Advanced Machine Learning:
| Hostname |
|---|
| h1-aidc01.eset.com |
| h3-aidc01.eset.com |
| h5-aidc01.eset.com |
| augur.scanners.eset.systems |
| IP address |
|---|
| 91.228.166.137 |
| 91.228.167.184 |
| 38.90.226.41 |
| 91.228.166.137 |
To submit suspicious files and anonymous statistical information to ESET's Threat Lab:
- tsm09.eset.com – tsm18.eset.com, tsm22.eset.com – tsm25.eset.com
| Hostname |
|---|
| tsm09.eset.com |
| tsm10.eset.com |
| tsm11.eset.com |
| tsm12.eset.com |
| tsm13.eset.com |
| tsm14.eset.com |
| tsm15.eset.com |
| tsm16.eset.com |
| tsm17.eset.com |
| tsm18.eset.com |
| tsm22.eset.com |
| tsm23.eset.com |
| tsm24.eset.com |
| tsm25.eset.com |
| IP address |
|---|
| 91.228.166.11 |
| 91.228.166.148 |
| 91.228.166.149 |
| 91.228.167.144 |
| 91.228.167.145 |
| 91.228.167.146 |
| 91.228.166.150 |
| 91.228.167.151 |
| 91.228.166.152 |
| 91.228.167.155 |
| 91.228.166.95 |
| 91.228.166.96 |
| 91.228.167.70 |
| 91.228.167.71 |
- edtd-ts.eset.com
| Hostname |
|---|
| tsm19.eset.com |
| tsm20.eset.com |
| tsm21.eset.com |
| IP address |
|---|
| 91.228.166.74 |
| 91.228.167.83 |
| 91.228.167.32 |
To use the Web control/Parental Control module:
- Base domain for DNS queries: e5.sk
- Open UDP port 53535 for the addresses in the table below and allow requests to your local DNS server (ESET Endpoint version 8.0 and later must be able to resolve hostnames. ESET Endpoint version 7.x and earlier UDP/TCP port 53).
| Hostname |
|---|
| h1-arsp01-v.eset.com |
| h1-arsp02-v.eset.com |
| h3-arsp01-v.eset.com |
| h3-arsp02-v.eset.com |
| h5-arsp01-v.eset.com |
| h5-arsp02-v.eset.com |
| IP address |
|---|
| 91.228.166.42 |
| 91.228.166.43 |
| 91.228.167.141 |
| 91.228.167.142 |
| 38.90.226.14 |
| 38.90.226.15 |
To use ESET Password Manager:
| Hostname |
|---|
| eset-prod-ca48648d0ce7cadf.elb.eu-central-1.amazonaws.com |
| IP addresses |
|---|
| 18.159.98.220 |
To use the Antispam module:
- Version 5 and later: You need to allow requests to your local DNS server (ESET Endpoint version 8.0 and later must be able to resolve hostnames. ESET Endpoint version 7.x and earlier UDP/TCP port 53).
- Base domain for DNS queries: e5.sk
| Hostname |
|---|
| h1-ars01-v.eset.com |
| h1-ars02-v.eset.com |
| h1-ars03-v.eset.com |
| h1-ars04-v.eset.com |
| h1-ars05-v.eset.com |
| h1-ars06.eset.com |
| h1-ars07.eset.com |
| h1-ars08.eset.com |
| h3-ars01-v.eset.com |
| h3-ars02-v.eset.com |
| h3-ars03-v.eset.com |
| h3-ars04-v.eset.com |
| h3-ars05-v.eset.com |
| h3-ars06.eset.com |
| h3-ars07.eset.com |
| h3-ars08.eset.com |
| h5-ars01-v.eset.com |
| h5-ars02-v.eset.com |
| h5-ars03-v.eset.com |
| h5-ars04-v.eset.com |
| h5-ars05-v.eset.com |
| h5-ars06.eset.com |
| h1-tesla01.eset.com |
| h3-tesla01.eset.com |
| h5-tesla01.eset.com |
| IP address |
|---|
| 91.228.166.61 |
| 91.228.166.62 |
| 91.228.166.63 |
| 91.228.166.64 |
| 91.228.166.65 |
| 91.228.166.119 |
| 91.228.165.57 |
| 91.228.165.59 |
| 91.228.167.36 |
| 91.228.167.67 |
| 91.228.167.68 |
| 91.228.167.74 |
| 91.228.167.116 |
| 91.228.167.136 |
| 91.228.167.57 |
| 91.228.167.56 |
| 38.90.226.21 |
| 38.90.226.22 |
| 38.90.226.23 |
| 38.90.226.24 |
| 38.90.226.25 |
| 38.90.226.19 |
| 91.228.166.110 |
| 91.228.167.169 |
| 38.90.226.31 |
- Version 4: You only need to allow requests to your local DNS server (port 53)
- Version 3:
-
- 82.165.143.243
- 87.106.222.139
- 87.106.240.241
- 82.165.143.242
- 87.106.131.195
Domains used by the Antispam module:
| Hostnames |
|---|
| dns.e5.sk |
| salt.e5.sk |
| rsys.e5.sk |
| arb.e5.sk |
| asplog.e5.sk |
| mri.e5.sk |
| ipt.e5.sk |
| sample.e5.sk |
| stat.e5.sk |
| setting.e5.sk |
| gid.e5.sk |
| IP address |
|---|
| 91.228.167.63 |
These IP addresses must be enabled for HTTP port 80 (used for downloading updates of the Antispam database). Also, access to your local DNS server is required for DNS queries on UDP/TCP port 53 (ESET Endpoint version 8.0 and later must be able to resolve hostnames. ESET Endpoint version 7.x and earlier UDP/TCP port 53).
| 23.239.11.145 |
| 23.239.13.41 |
| 23.239.15.84 |
| 23.92.19.91 |
| 23.92.26.7 |
| 23.92.27.240 |
| 50.116.11.250 |
| 50.116.14.27 |
| 50.116.19.218 |
| 50.116.2.121 |
| 50.116.3.153 |
| 50.116.3.42 |
| 50.116.4.68 |
| 50.116.50.102 |
| 50.116.50.105 |
| 50.116.50.109 |
| 50.116.50.197 |
| 50.116.50.202 |
| 50.116.54.198 |
| 50.116.61.111 |
| 50.116.61.155 |
| 50.116.62.242 |
| 50.116.63.215 |
| 50.116.63.216 |
| 66.175.214.89 |
| 66.175.223.13 |
| 66.228.48.183 |
| 74.207.240.108 |
| 74.207.252.229 |
| 74.208.106.28 |
| 74.208.78.224 |
| 74.208.79.219 |
| 74.208.79.224 |
| 74.208.99.25 |
| 77.68.39.21 |
| 77.68.39.31 |
| 80.85.85.133 |
| 80.85.85.200 |
| 80.85.85.58 |
| 85.159.211.160 |
| 87.106.104.112 |
| 87.106.11.214 |
| 87.106.11.38 |
| 87.106.12.77 |
| 87.106.128.170 |
| 87.106.13.61 |
| 87.106.141.10 |
| 87.106.183.224 |
| 87.106.209.135 |
| 87.106.209.149 |
| 87.106.210.57 |
| 87.106.214.177 |
| 87.106.240.160 |
| 88.208.202.90 |
| 88.208.202.91 |
| 88.208.248.146 |
| 88.208.248.164 |
| 88.208.248.199 |
| 88.208.248.200 |
| 88.80.184.106 |
| 88.80.185.201 |
| 88.80.190.155 |
| 96.126.106.194 |
| 96.126.98.211 |
| 97.107.134.71 |
| 104.131.131.132 |
| 104.200.24.34 |
| 109.123.106.250 |
| 109.74.197.59 |
| 151.236.219.57 |
| 162.216.16.201 |
| 162.216.18.163 |
| 173.230.146.110 |
| 173.230.152.57 |
| 173.255.209.236 |
| 173.255.213.36 |
| 173.255.214.49 |
| 173.255.214.53 |
| 173.255.218.51 |
| 173.255.226.186 |
| 173.255.232.151 |
| 173.255.234.245 |
| 173.255.234.85 |
| 173.255.243.160 |
| 173.255.245.232 |
| 173.255.253.150 |
| 173.255.254.232 |
| 176.58.100.154 |
| 176.58.101.140 |
| 176.58.104.101 |
| 176.58.110.248 |
| 176.58.111.122 |
| 176.58.111.124 |
| 176.58.111.163 |
| 176.58.112.126 |
| 176.58.112.160 |
| 176.58.115.138 |
| 176.58.115.39 |
| 176.58.117.5 |
| 176.58.117.75 |
| 176.58.119.151 |
| 176.58.124.244 |
| 176.58.97.188 |
| 176.58.98.13 |
| 176.58.98.155 |
| 176.58.99.196 |
| 176.58.99.197 |
| 178.79.128.94 |
| 178.79.138.31 |
| 178.79.140.188 |
| 178.79.143.222 |
| 178.79.150.32 |
| 178.79.152.167 |
| 178.79.153.233 |
| 178.79.157.41 |
| 178.79.159.237 |
| 178.79.163.250 |
| 178.79.164.196 |
| 178.79.181.233 |
| 178.79.182.43 |
| 178.79.183.81 |
| 178.79.186.194 |
| 178.79.188.10 |
| 178.79.190.135 |
| 178.79.190.174 |
| 192.155.84.126 |
| 192.155.86.247 |
| 192.155.87.170 |
| 192.81.129.218 |
| 192.81.134.251 |
| 198.58.97.43 |
| 198.74.49.240 |
| 198.74.57.188 |
| 198.74.58.243 |
| 209.157.64.162 |
| 209.157.64.163 |
| 209.157.64.164 |
| 209.157.64.165 |
| 209.157.64.166 |
| 209.157.64.167 |
| 209.157.64.168 |
| 209.157.64.169 |
| 209.157.64.170 |
| 209.157.64.171 |
| 209.157.64.172 |
| 209.157.64.173 |
| 209.157.64.174 |
| 209.157.64.175 |
| 209.157.64.176 |
| 209.157.64.177 |
| 209.157.66.226 |
| 209.157.66.227 |
| 209.157.66.229 |
| 209.157.66.230 |
| 209.157.66.232 |
| 209.157.66.234 |
| 209.157.66.235 |
| 209.157.66.236 |
| 209.157.66.237 |
| 209.157.66.238 |
| 209.157.66.239 |
| 209.157.66.240 |
| 209.157.66.241 |
| 209.157.66.242 |
| 209.157.66.243 |
| 209.157.66.244 |
| 209.157.66.245 |
| 209.157.66.246 |
| 209.157.66.247 |
| 209.157.66.248 |
| 209.157.66.249 |
| 209.157.66.253 |
| 212.227.96.110 |
| 212.71.233.60 |
| 212.71.251.168 |
| 212.71.251.182 |
| 212.71.252.146 |
| 213.171.205.141 |
| 213.171.205.238 |
| 213.171.205.77 |
| 213.171.205.78 |
| 213.171.206.148 |
| 213.171.207.47 |
| 213.171.207.48 |
| 213.171.207.62 |
| 213.171.207.71 |
| 213.171.207.72 |
| 217.174.248.233 |
| 217.174.249.167 |
| 217.174.249.223 |
| 217.174.249.232 |
To ensure proper functionality of linking and redirection from your ESET product's main program window:
| Hostname |
|---|
| go.eset.com |
| go.eset.eu |
| support-go.eset.eu h1-redir02-v.eset.com h3-redir02-v.eset.com |
| IP address |
|---|
| 52.166.8.11 |
| 91.228.166.47 |
| 91.228.167.128 |
| 91.228.166.78 |
| 91.228.167.98 |
To activate ESET Mobile Security:
- reg01.eset.com/mob_activate - reg04.eset.com/mob_activate
- reg01.eset.com/mob_register - reg04.eset.com/mob_register
ESET Data Framework (Anti-Theft, ESET PROTECT Hub, ESET Business Account, Parental control, Web control):
| IP address |
|---|
| 23.99.12.158 |
| 52.160.70.199 |
| 91.228.165.74 |
| 91.228.167.40 |
| 91.228.166.104 |
| 91.228.166.71 |
| 91.228.167.64 |
| 91.228.167.81 |
| 38.90.226.16 |
| 38.90.226.17 |
| 38.90.226.42 |
| 38.90.226.34 |
| 138.91.165.201 |
| 13.93.203.130 |
| Note |
|---|
| Old ESET products only |
| Old ESET products only |
ESET Repository–repository.eset.com (ESET PROTECT On-Prem):
| IP address |
|---|
| 38.90.226.20 |
| 38.90.226.20 |
| 38.90.226.20 |
| 38.90.226.20 |
| 38.90.226.20 |
| 38.90.226.20 |
| 91.228.166.19 |
| 91.228.166.23 |
| 91.228.166.23 |
| 91.228.166.23 |
| 91.228.167.25 |
| 91.228.167.25 |
| 91.228.167.25 |
| 91.228.167.25 |
The IP address of the ESET repository server in China: 161.189.152.208
Some locations (such as Japan, Australia, or New Zealand) might have different IP addresses because of using CDN.
Use repositorynocdn.eset.com to connect ESET repository servers only; however, in this case, the best internet connection cannot be guaranteed.
Ensure HTTP 1.1 is enabled when accessing the repository or ESET update servers via third-party proxy. This applies to all products that have access to the ESET repository.
For more information, see:
- ESET Security Management Center repository is not working (7.x)
- ESET PROTECT On-Prem repository is not working
ESET Endpoint Security and ESET Endpoint Antivirus auto-updates
ESET Endpoint Security and ESET Endpoint Antivirus connect to repository.eset.com when the Micro PCU is executed.
Network configuration for ESET PROTECT
Allow the below network prerequisites in your firewall for ESET PROTECT to work correctly.
Domains and ports
| Domain | Protocol | Port | Service/Component | Description |
|---|---|---|---|---|
| eba.eset.com | TCP | 443 | ESET Business Account (ongoing termination) | |
| msp.eset.com | TCP | 443 | ESET MSP Administrator | |
| identity.eset.com | TCP | 443 | ESET Identity Server | |
| protect.eset.com | TCP | 443 | ESET PROTECT | |
| hub.eset.com | TCP | 443 | ESET PROTECT Hub | |
| eu02.protect.eset.com | TCP | 443 | ESET PROTECT Web Console | Location: Europe |
| us02.protect.eset.com | TCP | 443 | Location: USA | |
| jp02.protect.eset.com | TCP | 443 | Location: Japan | |
| ca01.protect.eset.com | TCP | 443 | Location: Canada | |
| de01.protect.eset.com | TCP | 443 | Location: Germany | |
| *.a.ecaserver.eset.com | TCP | 443 | Connection between the Agent and ESET PROTECT | |
| epc-de-agent-proxy.germanywestcentral.cloudapp.azure.com | TCP | 443 | Location: Germany | |
| edf.eset.com | TCP | 443 | Live Installer | |
| redirector.eset.systems | TCP | 443 | ||
| repository.eset.com | TCP | 80 | Repository required for deployment | |
| epns.eset.com | TCP | 8883 | Connection for EPNS service (Wake-Up calls) | |
| eu.mdm.eset.com (EUROPE) us.mdm.eset.com (USA) jp.mdm.eset.com (JAPAN) ca.mdm.eset.com (CANADA) de.mdm.eset.com (GERMANY) |
TCP | 443 | Cloud MDM | Enrollment |
| checkin.eu.mdm.eset.com (EUROPE) checkin.us.mdm.eset.com (USA) checkin.jp.mdm.eset.com (JAPAN) checkin.ca.mdm.eset.com (CANADA) checkin.de.mdm.eset.com (GERMANY) |
TCP | 443 | Check-in | |
| mdmcomm.eu.mdm.eset.com (EUROPE) mdmcomm.us.mdm.eset.com (USA) mdmcomm.jp.mdm.eset.com (JAPAN) mdmcomm.ca.mdm.eset.com (CANADA) mdmcomm.de.mdm.eset.com (GERMANY) |
TCP | 443 | Communication | |
| mdm.eset.com (GLOBAL) | TCP | 443 | Limited input device enrollment | |
| TCP | 139 |
ESET PROTECT Remote Deployment Tool (Target ports from the point of view of Remote Deployment Tool) |
Using the share ADMIN$ | |
| TCP | 445 | Direct access to shared resources using TCP/IP during remote installation (an alternative to TCP 139) | ||
| UDP | 137 | Name resolution during remote install | ||
| UDP | 138 | Browse during remote install |
IP addresses
| IP Addresses | Services | Description |
|---|---|---|
| 20.82.100.209 | Connection between the ESET Management Agent and ESET PROTECT | Location: Europe |
| 20.245.38.118 | Location: USA | |
| 20.194.197.189 | Location: Japan | |
| 4.172.129.94 | Location: Canada | |
| 98.67.237.69 | Location: Germany | |
| 13.69.61.76 20.31.123.179 |
ESET PROTECT Web Console connection | Location: Europe |
| 23.99.91.144 20.66.110.90 |
Location: USA | |
| 20.46.163.70 52.140.234.249 |
Location: Japan | |
| 4.172.67.88 20.175.250.3 |
Location: Canada | |
| 4.182.183.59 4.182.168.113 20.170.86.116 |
Location: Germany |
Find network prerequisites for ESET Connect in the ESET Connect Online Help.
Network configuration for ESET Inspect
The outbound connection in your network's firewall must be allowed for ESET Inspect to work correctly:
| Domain | Port Type / Port Number | Description |
|---|---|---|
| eba.eset.com | TCP / 443 | ESET Business Account (ongoing termination) |
| ema.eset.com | TCP / 443 | ESET Managed Service Provider |
| msp.eset.com | TCP / 443 | ESET Managed Service Provider |
| identity.eset.com | TCP / 443 | ESET Identity Server |
| inspect.eset.com | TCP / 443 | ESET Inspect |
| eu01.inspect.eset.com | TCP / 443 | ESET Inspect Web Console Location: Europe |
| us01.inspect.eset.com | TCP / 443 | ESET Inspect Web Console Location: USA |
| jp01.inspect.eset.com | TCP / 443 | ESET Inspect Web Console Location: Japan |
| ca01.inspect.eset.com | TCP / 443 | ESET Inspect Web Console Location: Canada |
| de01.inspect.eset.com | TCP / 443 | ESET Inspect Web Console Location: Germany |
| eu01.agent.edr.eset.systems or IP 52.166.186.239 |
TCP / 8093 | Location: Europe |
| us01.agent.edr.eset.systems or IP 40.83.252.19 |
TCP / 8093 | Location: USA |
| jp01.agent.edr.eset.systems or IP 20.188.24.252 |
TCP / 8093 | Location: Japan |
| a01.agent.edr.eset.systems or IP 52.233.40.229 |
TCP / 8093 | Location: Canada |
| de01.agent.edr.eset.systems or IP 20.113.169.211 |
TCP / 8093 | Location: Germany |
Find network prerequisites for ESET Connect in the ESET Connect Online Help.
Network configuration for ESET Connect
Required domains and ports that must be allowed in the network.
ESET Push Notification Service
| Hostname |
|---|
| epns.eset.com |
| h1-epnsbroker01.eset.com |
| h1-epnsbroker02.eset.com |
| h1-epnsbroker03.eset.com |
| h1-epnsbroker04.eset.com |
| h1-epnsbroker05.eset.com |
| h1-epnsbroker06.eset.com |
| h1-epnsbroker07.eset.com |
| h3-epnsbroker01.eset.com |
| h3-epnsbroker02.eset.com |
| h3-epnsbroker03.eset.com |
| h3-epnsbroker04.eset.com |
| h3-epnsbroker05.eset.com |
| h3-epnsbroker06.eset.com |
| h3-epnsbroker07.eset.com |
| h5-epnsbroker01.eset.com |
| h5-epnsbroker02.eset.com |
| h5-epnsbroker03.eset.com |
| h5-epnsbroker04.eset.com |
| h5-epnsbroker05.eset.com |
| h5-epnsbroker06.eset.com |
| h5-epnsbroker07.eset.com |
| IP address |
|---|
| 91.228.165.144 |
| 91.228.165.145 |
| 91.228.165.146 |
| 91.228.165.147 |
| 91.228.165.148 |
| 91.228.165.159 |
| 91.228.165.160 |
| 91.228.167.171 |
| 91.228.167.172 |
| 91.228.167.187 |
| 91.228.167.188 |
| 91.228.167.192 |
| 91.228.167.193 |
| 91.228.167.194 |
| 38.90.226.51 |
| 38.90.226.52 |
| 38.90.226.62 |
| 38.90.226.63 |
| 38.90.226.64 |
| 38.90.226.65 |
| 38.90.226.66 |
| Port |
|---|
| 8883, 443 |
ESET Push Notification Service (EPNS) sends Wake-Up calls between ESET Management Agents and ESET PROTECT On-Prem/ESET PROTECT server.
ESET LiveGuard Advanced:
Users need to whitelist both addresses for each hostname.
| Hostname |
|---|
|
r.edtd.eset.com
|
|
d.edtd.eset.com
|
| Old IP addresses |
|---|
|
137.117.138.135 (Europe)
13.83.244.211 (USA)
|
|
137.117.138.135 (Europe)
13.83.244.211 (USA)
|
| New IP addresses |
|---|
|
20.31.87.92 (Europe)
20.43.231.148 (USA)
|
|
20.31.87.92 (Europe)
20.43.231.148 (USA)
|
Services (activation, expiration, IP location, trace, version check, redirector, in-product images & messages, SSL certificate check):
Linking and redirection:
| Hostname |
|---|
|
proxy.eset.com
|
|
|
|
|
| h1-weblb01-v.eset.com |
| h3-weblb01-v.eset.com |
| IP address |
|---|
| 138.91.165.201 |
| 13.93.203.130 |
| 20.224.75.204 |
| 91.228.165.79 |
| 91.228.167.123 |
Activation:
| Hostname |
|---|
| h1-weblb01-v.eset.com |
| h3-weblb01-v.eset.com |
| iploc.eset.com |
| pki.eset.com |
| versioncheck.eset.com |
| edf.eset.com |
| IP address |
|---|
| 91.228.165.79 |
| 91.228.167.123 |
| 138.91.165.201 |
| 13.93.203.130 |
| 20.224.75.204 |
| 91.228.166.181 |
| 91.228.167.181 |
| 38.90.227.50 |
| 91.228.165.81 |
| 91.228.167.125 |
| 23.99.12.158 |
| 52.160.70.199 |
| Note |
|---|
| Old Activation services |
| Old Activation services |
Trace - Installation statistics:
| Hostname | IP address |
|---|---|
| trace.eset.com | 138.91.165.201 |
| 13.93.203.130 | |
| 20.224.75.204 |
In-product images & messages:
| Hostname | IP address |
|---|---|
| ipm.eset.com | 138.91.165.201 |
| 13.93.203.130 | |
| banner.eset.com | 91.228.167.30 |
SSL Certificate check:
| Hostname | IP address |
|---|---|
| proxy-detection.eset.com | 38.90.226.28 |
| 91.228.166.91 | |
| 91.228.167.91 |
Online help and Knowledgebase:
| Hostname |
|---|
| help.eset.com |
| support.eset.com |
| int.form.eset.com |
| IP address |
|---|
| 91.228.165.46 |
| 91.228.167.61 |
| 38.90.227.28 |
| 34.198.154.246 |
| 52.4.210.140 |
| 91.228.166.22 |
| 91.228.166.154 |
ESET MSP Utility (EMU)
| Hostname | IP address | Port |
|---|---|---|
| ftp.eset.sk | 91.228.166.130 | 80 |
| mspapi.esetsoftware.com | 168.62.212.42 | 443 |
DNS load balancers
ESET DNS service for eset.com domains is often used for optimal distribution of requests to ESET’s resources.
| Hostname |
|---|
| h1-f5lb01-s.eset.com |
| h3-f5lb01-s.eset.com |
| h5-f5lb01-s.eset.com |
| h1-f5gtm01-s.eset.com |
| h3-f5gtm01-s.eset.com |
| h5-f5gtm01-s.eset.com |
| IP address |
|---|
| 91.228.165.117 |
| 91.228.167.16 |
| 38.90.226.53 |
| 91.228.165.72 |
| 91.228.167.185 |
| 38.90.226.59 |
Telemetry
- gallup.eset.com:443
Certificate Revocation Checks (OCSP)
Some third-party applications (for example, web browsers) check the revocation status of SSL/TLS certificates via Online Certificate Status Protocol (OCSP).
- 93.184.220.29
- 72.21.91.29
- 192.16.58.8
- 117.18.237.29
- 66.225.197.197
Syslog security restrictions and limits
Due to the security requirements for Syslog server connection, the following settings are fixed and cannot be changed:
- Transport protocol: TLS
- TCP port: 6514
For the same reasons there are additional requirements on the receiving Syslog server:
- IP address: Globally routable IPv4 address
- IDN names : Must use ASCII representation ("xn--")
- FQDN: Must translate to a single fixed IPv4 address
Using FQDN
If your Syslog server operates under multiple machines / IP addresses (CDN), there is no guarantee when and how often the FQDN is re-resolved. It is, however, guaranteed that the first FQDN resolution is completed within a 10-minute window after the server's start as long as the Syslog export is enabled and correctly configured.
Administrators should configure their Syslog server's firewall to allow incoming Syslog Export events only from the following IP ranges:
-
Outgoing IP addresses from ESET PROTECT in the Europe region:
51.136.106.164 51.136.106.165 51.136.106.166 51.136.106.167 20.16.120.5 -
Outgoing IP addresses from ESET PROTECT in the USA region:
40.81.8.148 40.81.8.149 40.81.8.150 40.81.8.151 40.86.163.190 -
Outgoing IP addresses from ESET PROTECT in the Japan region:
20.78.10.184 20.78.10.185 20.78.10.186 20.78.10.187 48.210.54.247 -
Outgoing IP addresses from ESET PROTECT in the Canada region:
20.48.241.160 20.48.241.161 20.48.241.162 20.48.241.163 52.138.52.138 -
Outgoing IP addresses from ESET PROTECT in the Germany region:
20.170.86.116 4.184.232.133
Receiving emails from ESET systems
To receive emails from EPH, EBA, EMA, ESET HOME, etc., ensure the following sender IP address is allowed on your mail server and all related systems:
| IP address |
|---|
| 50.31.61.240 |
