[KB8556] Migrate ESET PROTECT Virtual Appliance to ESET PROTECT On-Prem on a Linux Server

Issue

CentOS 7 End of Life

CentOS 7 will reach its End of Life on June 30, 2024 and will stop receiving updates afterwards.

Affected systems include ESET PROTECT Virtual Appliance and ESET PROTECT On-Prem installed on CentOS 7.

We do not recommend running ESET PROTECT Virtual Appliance or ESET PROTECT On-Prem on an unsupported platform, as it poses security risks.

  • You receive a "Migration required" notification in your ESET PROTECT Virtual Appliance or ESET PROTECT On-Prem
  • Migrate ESET PROTECT Virtual Appliance to ESET PROTECT On-Prem on a Linux Server

Solution

  1. Prerequisites
  2. Create a certificate with connection information
  3. Set a new ESET PROTECT Server hostname and assign the policy
  4. Create database backup and export the database
  5. Install a new database on Linux and import the VA database
  6. ESET PROTECT Server Setup
  7. Create a new policy and set a hostname for a new ESET PROTECT Server

I. Prerequisites

II. Create a certificate with connection information

  1. Open ESET PROTECT Virtual Appliance Web Console and log in.

  2. Click MorePeer CertificatesNew → Certificate.

    Figure 1-1

  3. Type the certificate description into the Description field and select Server from the Product drop-down menu. The Host field is pre-set to the default value (*), but we recommend using a real hostname. Leave the Passphrase and Confirm passphrase fields empty. Click Continue.

    Figure 1-2

  4. Verify that the radio button next to Certification authority under Signing method is selected and click Select certification authority. A new window will open. Select the certification authority you want to use to sign a new certificate and click OK to confirm and return to the previous window. Type the Certification Authority passphrase in the respective field. In this case, you use the same password you use to log into ESET PROTECT Virtual Appliance Management Console. Click Finish.

    Figure 1-3

III. Set a new ESET PROTECT Server hostname and assign the policy

  1. Open ESET PROTECT Virtual Appliance Web Console and log in.

  2. Click PoliciesNew Policy.

    Figure 2-1

  3. In the Basic section, type a name for your policy.

  4. Click Settings, select ESET Management Agent from the drop-down menu, and click Edit server list.

    Figure 2-2

  5. In the Servers window, click Add. In the host field, type the hostname of your new ESET PROTECT Server. If you use a port other than the default ESET PROTECT Server port 2222, specify your custom port number. Click OK. Ensure that your new ESET PROTECT Server hostname is listed first and click Save.

    Figure 2-3

  6. Select Append from the drop-down menu next to Edit server list.

    Figure 2-4

  7. Click AssignAssign to display a new popup window with all Static and Dynamic Groups.

    Figure 2-5

  8. Select the checkbox next to the groups of computers you want to assign the policy and click OK. We recommend applying the policy in batches to different groups of computers.

    Test the policy before assigning it to all agents

    We recommend assigning the policy to a test group of computers first. If the policy is applied correctly, apply the policy to another group of computers.

    Figure 2-6

  9. Review the settings for this policy and click Finish to apply. The time to apply the policy will vary depending on your ESET PROTECT Virtual Appliance replication interval.

  10. Open ESET PROTECT Virtual Appliance and create a database backup.

IV. Create a database backup and export the database

Database backup period

There might be a discrepancy in the data collected during the database backup due to ESET Management Agents still connecting to the source ESET PROTECT Server Appliance.

We do not recommend making any essential changes to the ESET PROTECT Server Appliance during the database backup period (for example, creating new tasks or policies, etc.) to limit the difference between the backup database and the source database.

UTF-8 charset

Ensure that the database schema has a UTF-8 character set encoding.

Backed up database size

Verify that you have enough free space for your database backup file on your ESET PROTECT Virtual Appliance.

Create database backup
Database backup

Read more details about the database backup.

  1. In the ESET PROTECT Server Appliance window, press the Enter key to access the management mode menu.

    Figure 3-1

  2. Log in and select Backup database.

    Figure 3-2

  3. Type your password (note that there will be no visible characters indicating you are typing) and press the Enter key. Wait until the database backup is created and review the message. Press the Enter key to continue.

    Figure 3-3
Export the database

  1. In the ESET PROTECT Server Appliance management mode menu, select Enable/Disable Webmin interface to enable the Webmin Management Interface.

    Figure 3-4

  2. Connect to the Webmin interface using a web browser with the IP address of ESET PROTECT Virtual Appliance and port 10000. A sample address: https://xxx.xxx.xxx.xxx:10000.

  3. Log into the Webmin interface. Type the ESET PROTECT Virtual Appliance credentials where root is the login and click Sign in.

    Figure 3-5

  4. Expand Tools and click File Manager. Click the root folder, right-click era-backup.sql file and select Download from the context menu. Save the file to a local drive and copy it to a location accessible from the target Windows machine.

    Figure 3-6

  5. Return to the ESET PROTECT Virtual Appliance window, press the Enter key to access the management mode, log in and select Shut down system.

    Figure 3-7

V. Install a new database on Linux and import the ESET PROTECT Server Appliance database

  1. On the target Linux Server, prepare a clean installation of MySQL Server. When you are prompted by the MySQL installer to create a Root Account Password, we recommend that you use the same password you used in ESET PROTECT Server Appliance.

  2. Follow the migration process for MySQL Server (if you have already created a database backup as described in section IV, start with step 3).

    • Skip step 7 (Connect the ESET PROTECT Server to the database) and follow the steps in section VI below.

VI. ESET PROTECT Server Setup

Remove former ESET PROTECT Appliance Server 

Do not uninstall old ESET PROTECT Appliance Server, as it might cause license dissociation.

We recommend removing the former ESET PROTECT Appliance Server from your virtual environment.

  1. Download the ESET PROTECT Server component and begin the installation.

  2. Install ESET PROTECT Web Console.

    After the migration

    Verify that the agents have migrated successfully and are connecting to the new server.

    Do not uninstall your old ESET PROTECT Server Appliance until you have verified the migration was successful.

  3. Connect ESET PROTECT Server to the database.

  4. Open ESET PROTECT On-Prem in your web browser and log in using your password.

VII. Create a new policy and set a hostname for a new ESET PROTECT Server

  1. Click PoliciesNew Policy.

  2. In the Basic section, type a name for your policy.

  3. Click Settings, select ESET Management Agent from the drop-down menu, and click Edit server list.

  4. In the Servers window, click Add. In the host field, type the hostname of your new ESET PROTECT Server. If you use a port other than the default ESET PROTECT Server port 2222, specify your custom port number. Click OK. Make sure your new ESET PROTECT Server hostname is listed first, and click Save.

  5. Click AssignAssign to display a new popup window with all Static and Dynamic Groups.

  6. Select the checkbox next to the groups of computers you want to assign the policy and click OK. We recommend applying the policy in batches to different groups of computers.

  7. Review the settings for this policy and click Finish to apply. The time to apply the policy will vary depending on your ESET PROTECT Virtual Appliance replication interval.

  8. When the new policy is applied, and there is no problem with the new ESET PROTECT Server, delete the old policy with two hostnames you created in section III.

Last Updated: Jan 22, 2024

Additional resources

User Guides

ESET Forum

YouTube videos

Need further assistance?

Contact ESET Technical Support

More Information

Support News
Customer Advisories