[KB7323] Recommended settings for ESET File Security installed on a terminal or Citrix server (7.x)

Issue

  • Citrix and other terminal servers should be configured using these parameters when running ESET products
  • Disable the ESET File Security GUI to prevent it from starting up every time a user logs in

Details


Click to expand

ESET server products can run in virtualized environments (such as Citrix) using default settings. By making a few small changes you can minimize the impact on performance ESET products will have on your virtual machine.

Normally, ESET File Security GUI starts up every time a remote user logs onto the server and creates a terminal session. This is usually undesirable on Terminal Servers.


Solution

ESET business product no longer supported

This content applies to an ESET product version that is currently in End of Life status and is no longer supported. This content is no longer updated. 

For a complete list of supported products and support level definitions, review the ESET End of Life policy for business products.

Upgrade ESET business products.

Complete the procedures below in sequence to achieve the best performance on a server with ESET File Security for Microsoft Windows Server (EFSW) installed. 

  1. Prerequisites
  2. Disable the graphic user interface (GUI)
  3. (only Citrix servers) Scan file execution events and local drives only
  4. (only Citrix servers) Add needed exclusions

I. Prerequisites

Server 2008/2008R2 users: There are 2 ways to verify that the Network protection module in ESET File Security for Microsoft Windows Server (EFSW) is installed.

a. If you have already installed EFSW, follow the instructions below to enable the Network protection module.

  1. Double-click the installer you used to install EFSW (for example, efsw_nt64_ENU.msi), click Run and then click Next.

  2. Click Modify from the ESET File Security Setup screen.

Figure 1-1
  1. Click the product component drop-down menu option next to Network Protection, click Entire feature will be installed on local hard drive and then click Modify.

Figure 1-2

You will now see the Web access protection and Email client protection modules in the SetupComputer section of EFSW.

b. If you are installing EFSW for the first time, follow the instructions below to enable the Network Protection module. You can modify installed components anytime by running the installer. This can be done without a server restart. The GUI will restart and you will see only the components you chose to install.

  1. Double-click the EFSW installer you downloaded (for example, efsw_nt64_ENU.msi), click Run and then click Next.

For illustrated instructions to download and install ESET File Security, see the following ESET Knowledgebase article

Install and activate ESET File Security for Microsoft Windows Server (7.x)

  1. Select Custom from the Setup type installation screen and click Next.
Figure 1-3
  1. Click the product component drop-down menu option next to Network protection, click Entire feature will be installed on local hard drive and then click Next.
Figure 1-4
  1. Click Install.

II. Disable the graphic user interface (GUI)

The steps in this section will disable the GUI from launching automatically at startup. However, you can still access the GUI at any time from the Start Menu.

a. Apply the ESET Security Management Center (ESMC) policy File Security for Windows Server – Visibility –Silent mode to enable silent mode on any server assigned to that policy.

  1. Open ESET Security Management Web Console (ESMC Web Console) in your web browser and log in.

  2. Click Computers, then click the cogwheel icon next to the group name, and select Manage Policies.

Figure 2-1
  1. In the Policy application order window, click Add Policy.

Figure 2-2
  1. Select the check box for policy File Security for Windows Server – Visibility –Silent mode and click OK.

Figure 2-3
  1. Click Close.

Continue to part III below if you are using a Citrix server.

b. Manually update individual client workstations using ESET Shell.
Check or Change your GUI Mode

If you want to find out what mode is currently used, run the following command in ESET Shell:
get ui ui gui-start-modeThe following commands will change the GUI mode you are using:

set ui ui gui-start-mode fullset ui ui gui-start-mode none

To see what policies are assigned to a particular group, select that group and click the Policies tab to view a list of policies assigned to the group. For more information about policies, see the Policies chapter in Online Help. Perform these steps on individual client workstations
  1. Open ESET Shell by clicking StartAll ProgramsESET ESET File Security (for Windows Server 2012, type ESET Shell into the Search field).

  2. Right-click ESET Shell and select Run as administrator from the context menu. If prompted, type in the username and password for the administrative account.

  3. Type the letter "x" (without quotes) to skip the help section.

  4. Type the following command:

    set ui ui gui-start-mode none
Figure 2-4
  1. Press Enter and wait for the command to complete.

  2. Close the window.

Continue to part III below if you are using a Citrix server.

III. (only Citrix servers) Scan file execution events and local drives only

  1. Open ESET File Security by clicking Start All Programs → ESET  ESET File Security.

  2. Press the F5 key to open Advanced Setup.

  3. Click Detection Engine → Real-time file system protection from the main menu on the left.

  1. Turn off the following four features by clicking the toggles bars next to Network drives, File open, File creation and Removable media access to disable them and click OK.

Continue to part IV below to add exclusions for a Citrix server.

Figure 3-1

IV. (only Citrix servers) Add needed exclusions

  1. Open ESET File Security by clicking Start All Programs → ESET → ESET File Security.

  2. Press the F5 key to open Advanced Setup.

  3. Click Detection Engine from the main menu on the left, then click Exclusions, and then click Edit next to Performance exclusions.

Figure 4-1
  1. Click Add, enter C:\Program Files\Citrix\ in the field next to Path, and click OK → OK → OK.

    You can add additional file paths to exclude. Using a \ at the end of the path will cause ESET to treat it as a wildcard, and all children of that path will be excluded.

    View the Citrix Consolidated list of Antivirus exclusions

Figure 4-2