Settings

The Settings module lets you configure general settings. It contains following submodules.

1. EMC Settings: This submodule lets you define settings for FTP sessions, Log Settings, Client Grouping and Client connection settings.
2. Web Console Settings: This submodule lets you define settings for web console timeout, Dashboard Settings, Login Page settings, SQL Server Connection settings, SQL Database compression settings.
3. Update Settings: This submodule lets you define settings for General Configuration, Update Notifications, and Scheduling.
4. Auto-Grouping: This submodule lets you define settings for Grouping of computers after installation of eScan client is carried out.
5. Two-Factor Authentication: This submodule lets you to add extra layer of protection to your endpoints.
6. Roaming Client: This submodule allows the remote client to download all the updates via Cloud while Server uploads all the required client updates to Cloud.

EMC Settings

The EMC (eScan Management Console) Settings lets you configure the eScan Management Console. You can configure the FTP settings, Bind to IP Settings, Log Settings, Client Grouping and Client Connection Settings.
You can bind announcement of FTP server to particular IP by selecting the IP address in the list. However, you can choose to leave it as 0.0.0.0, which mean it will announce on all available interface/IP.

1. FTP Settings:
   This setting lets you approve the log upload from client computers. It also lets you set the maximum FTP download sessions allowed for client computers. (Note: 0 means unlimited)
2. Bind IP Settings:
   This setting lets you bind an IP address. Click the drop-down and select the preferred IP address for binding. The default IP address is 0.0.0.0.
3. Log Settings:
   This setting provides you with the option to delete the User settings and Log files after uninstallation of eScan from the computer. To enable the above setting, select the check box. After selecting the check box, you can store client logs for the preferred number of days.
4. Client Grouping:
   This setting lets you manually manage domains and computers grouped under them after performing fresh installations.
   Select NetBIOS, if you want to group clients only by hostname.
   Select DNS Domain, if you want to group clients by hostname containing the domain name.
5. Client Connection Settings:
   This setting lets you modify Thread Count and Query Interval (In Seconds). To reset the values, select Restore default values check box.

After performing the necessary changes, click on Save. The EMC Settings will be updated.

Web Console Settings

Web Console Settings submodule lets you configure web console Timeout, Dashboard, Login Page, SQL Server Connection, SQL Database compression, and Password Policy Settings.

1. Web Console Timeout Settings:
   To enable web console Timeout, select Enable Timeout Setting option.
   After selecting the check box, click the drop-down and select the preferred duration.
2. Dashboard Setting:
   This setting lets you set number of days for which you wish to View the Status, Statistics and Protection Status Charts in the Dashboard. Enter the preferred number of days.
3. Login Page Setting:
   This setting lets you show or hide the download links shared for eScan Client setup, Agent setup and AV Report. To show the download links on login page, select the check boxes of respective links.
4. Logo Settings:
   This setting allows you to add the organization logo in PNG or JPEG format. So the console and reports will have the uploaded logo for customization.

To have the default eScan logo, click on Default.
To have customized logo, click on Change.

SQL Server Connection settings

This setting lets you select an authentication mode between Microsoft Windows Authentication Mode to SQL Server Authentication Mode. Select the SQL Server Authentication Mode and define Server instance and Host Name along with the credentials for connecting to the database.

Enter the credentials in Username and Password fields.
To check whether correct credentials are entered, click on Test Connection.

SQL Database Purge Settings

This setting lets you define the maximum SQL database size in MB and purge data older than the specified days.
To enable SQL Database Purge Settings, select Enable Database Purge check box.
Enter the preferred value in Database Size threshold in (MB) field.
Enter the preferred number of days in Purge data older than specified days, if above threshold is met field.

RMM Settings

This setting lets you configure default RMM setting for connecting to client via RMM service:

1. Screen Quality can be set to Medium or High.
2. Screen Ratio can be set to anywhere from 20% to 100%.

Password Policy Settings

This setting allows the admin to configure the password settings for other users.

After making the necessary changes, click on Save. The web console Settings will be updated.

Update Settings

The Update Settings submodule keeps your virus definitions up to date and protects your computer from emerging species of viruses and other malicious programs. This submodule lets you configure update settings, update notifications and schedule updates according to your need.
You can configure eScan to download updates automatically either from eScan update servers or from the local network by using FTP or HTTP. You can configure following settings.

General Config

The General Config tab lets you configure update settings. The settings let you select the mode of update and configure proxy settings.

Select Mode
Select the mode for downloading updates. Following options are available:

Proxy Settings:
Proxy Settings lets you configure proxy for downloading updates.
To enable Proxy Settings, select Download via Proxy check box. You will be able to configure proxy settings depending on the mode of selection.
If you are using HTTP proxy servers, enter the HTTP proxy server IP address, port number and HTTP proxy server's authentication credentials.
If you are using FTP proxy servers, along with HTTP settings mentioned above you will have to enter FTP proxy server IP address, Port number, FTP proxy server's authentication credentials and Logon enter.
After filling the necessary data, click on Save > Update. The General Config tab will be saved and updated.

Update Notification

The Update Notification tab lets you configure email address and SMTP settings for email notifications about database update.

After filling the necessary data, click on Save > Update. The Update Notification will be saved and updated.

Scheduling

The Scheduling tab lets you schedule updates with Automatic or Schedule Download mode.

Update Distribution

The Update Distribution tab allows the admin to enable and disable the sharing of eScan Virus signature to be distributed to air-gapped/isolated network.
Select Enable Share in Setting section, this will allow the distribution of eScan Virus Signatures to the isolated/air-gapped network. After enabling this, it is mandatory to set the update mode to the network in network that is isolated/air-gapped through eScan Protection Center.
To update it, follow the below steps:

1. Open the eScan Protection Center in air-gapped network; click on Update option present in the Quick Link section.
2. Click on Settings. Update Settings window appears.
3. Select Network option and set the Source UNC Path as \\ServerName\esupd or \\ServerIP\esupd.
   E.g.: \\192.0.2.0\esupd
   After setting UNC path for the air-gapped network, the update will be available automatically to the Isolated/Air-gapped network.

Auto-Grouping

The Auto grouping submodule consists following subsections:

Auto Add Client setting:
Selecting the check box Auto adding client(s) under Managed Group(s) enables automatic adding computers under Managed group(s) after manual installation of eScan client.

Client(s) list excluded from Auto adding under Managed Group(s):
Adding a client in this list ensures that it does not auto add itself again after you remove it from the Managed computer(s).

Group and Client selection criteria for Auto adding under Managed Group(s):
This section lets you define/create groups with client criteria for auto adding under managed group(s). You can add a list of clients under a particular group name here and then add it under the exclusion list if required.

Excluding clients from auto adding under Managed Group(s)

To exclude clients from auto adding under managed group(s), follow the steps given below:

Removing clients from the excluded list

Group and Client selection criteria for Auto adding under Managed Group(s).
This feature can be used to automate the process of adding computers/clients under a particular group. This process is manually done under unmanaged computers.

Defining a group and client selection criteria for auto adding under managed computer(s)

To define group and client selection criteria for auto adding under managed groups(s), follow the steps given below:

1. Under the Group Name, enter the group's name and click on Add.
   OR
   Click on Browse and select the group from the existing list.

NOTE	To browse through the list of groups, click Up or Down.

2. Select the group for which you want to define the criteria.
3. Under the Client Criteria, enter either Hostname, Hostname with wildcard, IP address or IP address range and click on Add. The clients displayed in the list will be added under the selected group.
4. Click on Save. The client will be saved under that group.
5. To apply the settings for the newly added client, click on Run Now.

Two-Factor Authentication (2FA)

The system login password is Single-Factor Authentication which is considered unsecure as it may put your organization's data at high risk of compromise. The Two-Factor Authentication, also more commonly known as 2FA, adds an extra layer of protection to your eScan web console login.
The 2FA feature mandates you to enter a Time-based One-Time Password (TOTP) after entering eScan credentials. So, even if somebody knows your eScan credentials, the 2FA feature secures data against unauthorized logins. Only administrator can enable/disable the 2FA feature. It can also be enabled for added users as well.
To use 2FA login feature, you need to install the Authenticator app for Android devices from Play Store or for iOS devices from App Store on your smart device. The Authenticator app needs camera access for scanning a QR code, so ensure you get an appropriate approval to use device camera in your organization. If a COD or BYOD policy restricts you from using device camera in your organization, enter the Account Key in the Authenticator app.

Enabling 2FA login

To enable 2FA login,

1. Go to Settings > Two-Factor Authentication.
2. Open the Authenticator app.
   After basic configuration following screen appears on smart device.
3. Select a preferred option. If you tapped Scan a barcode, scan the onscreen QR code via your smart device. If you tapped Enter a provided key, enter the Account Key and then tap ADD.
   After scanning the Account QR code or entering Account Key the eScan server account gets added to the Authenticator app. The app then starts displaying a Time-based One-Time Password (TOTP) that is valid for 30 seconds.
4. Click on Enable Two-Factor Authentication.
   Verify TOTP window appears.
5. Enter the TOTP displayed on smart device and then click on Verify TOTP.
   The 2FA login feature gets enabled.
6. To apply the login feature for specific users, click on Manage Other User Settings tab.
   The tab displays list of added users and whether 2FA status is enabled or disabled.
7. To enable 2FA login for an added user, click the button to check icon.
   The 2FA login for added users gets enabled. After enabling the 2FA login for users, whenever they log in to eScan web console Verify TOTP window appears.

Disabling 2FA login

To disable 2FA login,

1. Go to Settings > Two-Factor Authentication.
2. Click on Disable Two-Factor Authentication.
   Verify TOTP window appears.
3. Enter the TOTP and then click on Verify TOTP.
   The 2FA feature gets disabled.

Users For 2FA

This tab helps to add the users and apply 2FA to the endpoints via policy template. The users can be added directly or from Active directory.

Method 1: Adding user

To add users for the same, follow the below steps:

1. Go to Settings > Two-Factor Authentication > Users For 2FA.
2. Click on Add User.
   Add User window appears.
3. Enter the Username and Description.
4. Click on OK.

Method 2: Adding User from Active Directory

To add users from Active Directory, follow the below steps:

1. Go to Settings > Two-Factor Authentication > Users For 2FA.
2. Click on Add from Active Directory.
   Add Active Directory Users window appears.
3. Enter the required information.
4. Click on OK.
   The Active Directory Users will be added.

Roaming Clients

Roaming Clients submodule provides protection for the remote endpoints when not connected to the organization network, adding another layer of security. According to the needs of the business, admins might want to continue the protection of roaming client on the organization network. Using this feature admin can provide protection for such clients connected to both organization network and also to internet via cloud.
This feature is quite helpful for the remote clients. Apart from it, it does not require any additional machine set up apart from the (on-premise) EPS Server in the network. All the communication is handled by the EPS Server via Cloud to the client having stable internet connection.
Here, the remote clients will update their status, download the latest configuration from the EPS Server via Cloud.
This service allows admin to apply policies to the client from EPS Server. All events from the clients such as Application Control Scan, Vulnerability Scan, Virus Scan, etc. are collected and managed on EPS server via Cloud Platform.

Adding Roaming Client

To add roaming client, it is mandatory to connect to the Cloud Platform. Follow the below steps, to do the same:

1. Go to Settings > Roaming Clients.
2. Enter the company name and email address.
3. Click on Generate Secret Code.
   A secret security code will be generated and sent to given email address.
4. Enter the secret code received via email, click on Connect to cloud platform.
5. A confirmation window appears. Click on OK, this will authenticate and allows to connect to Cloud Platform.
   An information window appears.
6. After connecting to the cloud platform successfully, you can manually enable and disable the roaming service.
7. Click on Download Roaming Client Setup to download the setup file. Install the set up file in the client system to make it as roaming client and it should be connected to the internet.

Installing Roaming Clients

To install Roaming Clients setup, follow the below steps:

1. Go to Settings > Roaming Clients > Download Roaming Client Setup.
2. Transfer the file to the client system.
3. Double-click and install the setup file.
   It will connect to eScan Cloud Server and automatically gets added and managed by eScan EPS Server.