[KB6994] Configure SMTP client threat notifications using ESET Security Management Center (7.x)

Issue

ESET business product in Limited Support status

This content applies to an ESET product version that is currently in Limited Support status and is scheduled to reach End of Life status soon.

For a complete list of supported products and support level definitions, review the ESET End of Life Policy for business products.

Upgrade ESET business products.

Configure your ESET product to automatically email administrators or other users when threats are detected in your network

Details

You can use ESET Security Management Center to configure SMTP settings on client workstations so that threat or event notification emails are sent to a designated email address. You can also configure ESET endpoint settings to send SMTP messages from client workstations.

Solution

Prerequisites

Make sure SMTP Server is configured.

Endpoint users: Perform these steps on individual client workstations

There are two methods for configuring threat notifications using ESET Security Management Center:

Configure server notifications
Use a policy

Configure SMTP threat notifications using server notifications

Open ESET Security Management Center Web Console (ESMC Web Console) in your web browser and log in.
Click Notifications, select the check box next to the notification you want to configure and then click Actions → Edit (in this example, Network attack alert is selected).

Figure 1-1
Click the image to view larger in new window
Move the slider bar under Enabled to the right to enable the notification.

Figure 1-2
Click the image to view larger in new window
Click Distribution and type the email address you want this notification sent to into the Email Address field.

Optional settings

Click Basic and modify the name and description of the email notification.
Click Configuration and modify the rules that trigger the notification.
Click Distribution and modify the text of the email notification in the Message field.
Click Advanced Settings - Throttling and further refine the volume and frequency of your notifications based on statistical and time-based triggers.
Click Finish. Repeat the steps above to configure the other Notifications listed in step 2.

Figure 1-3
Click the image to view larger in new window

Configure SMTP threat notifications using a policy

Potential for high volume of notifications

When you use this method, there is the potential for the recipient email address to receive a high volume of notifications should a significant notification trigger occur, such as an outbreak of malware on one's network.

Open ESET Security Management Center Web Console (ESMC Web Console) in your web browser and log in.
Click Policies, select the policy you want to set up SMTP threat notifications for and then click Policies → Edit.

Figure 2-1
Click the image to view larger in new window
Click Settings and click Tools → Email notifications.

Move the slider bar next to Send event notifications by email to the right.
Type your server address into the SMTP server field, as well as the username and password needed for authentication (if necessary).
Type the email address you want notifications to be sent to in the Recipient address field; type the email address you want displayed as sender in the Sender address field.
Select your desired verbosity level from the Minimum verbosity for notifications drop-down menu. Click here for more information about verbosity levels.

Figure 2-2
Click the image to view larger in new window

Scroll down and in the Message Format section, you can modify the format of the SMTP threat notification emails that are generated in the Format of event messages and Format of threat warning messages fields.

Figure 2-3
Click the image to view larger in new window
Click Finish to save the policy.

All clients assigned to this policy will now send SMTP threat notifications to the email address (Recipient address) you specified in step 3.

Last Updated: Aug 22, 2022