Child pages
  • What to expect with ESET Antivirus
Skip to end of metadata
Go to start of metadata

ESET Antivirus will replace Microsoft System Center Endpoint Protection for mac by December 31st, 2018.  Please see Removing Microsoft System Center Endpoint Protection for mac for specific details and plan for managed and unmanaged devices.

Deploying ESET Antivirus

For managed laptops and desktops running macOS users will have the replacement antivirus deployed automatically.  EUT will create a policy that will automatically uninstall the previous av, Microsoft System Center Endpoint Protection (MS SCEP), and install the latest product, ESET.  The policy will be applied to all devices running MS SCEP or not running an antivirus at all.  For users, this process will be mostly silent with the exception of a notification asking them if they would like to start the installation now, or delay until a convenient time to install.  Once the process begins, a notification will appear indicating the policy is running, and finally a notification will appear when the policy has finished.

We do ask that when you are ready to install, please save any open files and close all open applications.  The installation process will require the computer to be on campus for the install to work correctly.  If you are away from campus and are prompted, please just select the deadline (last) option in the drop down and it will install later.  If you selected the deadline (last) option in the menu and decide to install sooner, launch the UMS Application Catalog and run "Deploy ESET Antivirus Latest."

If you are running a Mac that is not currently enrolled in the UMS Mac management platform (JAMF or MDM) please visit Enrolling your staff computer in JAMF (Non-DEP) to join.  This will install the application catalog IT provides and allow IT to more easily support your computer.


IMPORTANT NOTICE FOR ESET ENDPOINT PROTECTION USERS ONLY

A small group of users were setup with ESET Endpoint Protection while testing. ESET Endpoint Protection has a firewall included with the suite, which prompts users when they connect to a new wifi. If the users selected 'Public', the result has been users access some sites, services, or applications. To fix this, jump to the "Adding additional wifi networks to your zones" section of this document and change the rules for your connection to "work."


User experience with the new AV

While MS SCEP was merely a rebranded version of ESET AV, there are a few noticeable changes immediately visible to users:

MS SCEPESET Endpoint ProtectionESET Antivirus
Only an antivirus A full security suite including antivirus, firewall, and internet security for the browserOnly an antivirus 
macOS 10.13+ prompted users to accept the unknown extension in System Preferences > Security*macOS 10.13+ prompted users to accept the unknown extension in System Preferences > Security*macOS 10.13+ prompted users to accept the unknown extension in System Preferences > Security*
No FirewallWhen changing wireless networks (i.e. tempest to eduroam, or tempest to home wifi), users are asked what type of network they are connecting to. This is common on Windows devices, and is simply ensuring the right firewall rules are applied to best protect your system.**No Firewall
When using with Google File Stream and Box, rules were applied in the background to avoid rescanning the entire cloud storage everytime a file was changed. This would cause machines running 10.13 and 10.14 to stall for several minutes.No longer require the rules, folders are smart-scanned and only changed files are scanned. Runs much smoother.No longer require the rules, folders are smart-scanned and only changed files are scanned. Runs much smoother.



*Managed devices have a configuration set that will whitelist that extension, so user are no longer prompted to accepted it.  In macOS 10.14, Apple forces users to be prompted to allow ESET to read "All Files" on Macintosh HD; this has now been whitelisted as well.  User will no longer be prompted, another benefit of being in a managed environment.

**Once your select the wifi network and save, it will be added to your known Wifi list and should not prompt you further when connecting to that network again.  If you know the name of the most common Wifi, look at this document to add additional and avoid further prompts.  https://support.eset.com/kb3440/

How to suppress notifications – ESET Endpoint Protection only

Managed computers will automatically hide the unknown extension popup when the app is first installed.  This is because EUT has already deployed a profile to all macs running 10.13+ that whitelists the extension.

Firewall zone rules when connecting to a new or unknown Wifi.  Even if you have connected to the network many times before, the app does not recognize this and still needs to create an exception.

Users will be prompted with the following dialog identifying the network connection, wifi, and the profile to apply.  Public should be used when connecting to any network not at home or at campus.  Home is for your home wifi, and work is for UMS campuses.

New network detected

Users should click on "Show settings", and check "remember network".  This will display the following information and have the box checked for Wifi network: (eduroam or tempest).

Expanded new network detected window

Adding additional wifi networks to your zones – ESET Endpoint Protection only

Additional wifi networks added to your known list will not  prompt whenever you connect to that network.  To add those, click the ESET icon in the menu bar and select Preferences.  From the preferences window, click on firewall.

ESET menu bar optionsESET system preferences window

Once in the firewall settings, you will see the rules, zones, and profiles.  Click on zones to configure known networks and criteria.

ESET Firewall rules

On zones, click on Add... then give it a name, descriptions, firewall profiles (work, public, or home), interface, and network name.  Using the following settings are an example and are recommended.

  • Name: UMS Wifi tempest
  • Description: UMS tempest unsecured wifi
  • Profile: Work (keep in mind that tempest is unencrypted)
  • Activator: Wifi network
  • SSID: tempest

You can also use the same info but replace tempest with eduroam or your home wifi name.  Once set, click add and then okay.

ESET Firewall zones tabESET Firewall zones add new ruleESET firewall zone interface dropdownESET firewall zone, new network name rule from dropdown.

After you have built all the rules you want, click okay to close all the windows and you are done.

Disable launch splash screen and dock icon

If you do not wish to have the splash screen or dock icon present follow these steps to disable them.  With ESET open, click on menu bar icon and click preferences, or if you have the app open on screen, click on Setup and "Enter Application Preferences".

ESET app window on setup tabESET menu bar drop down with preferences selected

With the ESET application preference window open, click on "interface" in the "User" row of settings.

ESET application preferences


In this window, uncheck all the options you do not wish to occur.  These are just user interface options, and do not affect the overall use o the application.

ESET user interface preferences

  • No labels