Technical support

Knowledgebase: Top Solutions
Getting started with the ESET Endpoint Encryption Server
Article ID: KB298 email a link to this article

Software Install

After installing the ESET Endpoint Encryption (EEE) Server, a wizard will run to guide you through the setup process (see:

However the aim of this setup wizard is only to configure the database enough to allow a login to the initial organisation. There are other configuration steps necessary within the Organisation itself which you will need to perform after this initial setup, and indeed will need to perform again if you create and add a new Organisation to an existing server.

This guide will detail the other configuration options you may wish to consider before you start actually managing users within the Organisation.


Creating Teams and defining User policies

User polices define what software features are available on the EEE client, control security policies (e.g. minimum password strength and removable media encryption) and can set default options for users.

All EEE policies in the EEE Server are hierarchical; meaning any policies defined in a "Team" within the EEE Server will automatically be inherited by all "Sub Teams". This means you can change only a single policy and apply it to a single user in a team, without affecting the other users, by creating a sub team with that one policy difference and moving the user to that team.

Team structure means you may wish to consider the layout of your organisation initially. If you are happy with ever user having the same policy then all users could be placed in a single root team. Or you may wish to have alternative policies for different users. Or you may even just wish to use the teams to group users by geographical location, business function or role, without changing the policies.

Users can be moved between teams, and policies changed, at any time. So it doesn't matter that you get this right straight away. You could choose to start with all users in a single team with one policy, and as you and your users become more experienced with the software, make changes then.

For more on user policies, see:

For a brief description on the different types of policy in the EEE Server see:

Creating encryption keys

If you are using the granular encryption features of the EEE client for file, folder, container or email encryption, you may wish to assign encryption keys to your users. Basically put, if you wish users to share the same encrypted data then they will need to be assigned the same encryption key. And if you do not wish users to access encrypted data, then they should not be granted that particular encryption key.

These encryption keys are only applicable to the granular encryption features and are not related to Full Disk Encryption.

As with policies, encryption key access is granted hierarchically, so users in a sub team will inherit encryption keys from a parent team. And keys can also be added and removed at any time so you can skip this stage initially and add keys later.

For more information on creating and assigning keys see:

Adding licences

Before the EEE client can be activated, the user must be licensed. This is done by selecting a licence from within the EEE Server. To add these you should receive a Product ID and Product Key when you purchase the licence. An EEE Server can store multiple licences and these might be different licences for different products (e.g. for Windows operating systems or for Mobile devices), or might contain different feature sets (e.g. Professional licences for users who require Full Disk Encryption, and Standard licences for those that do not).

For more information on adding licences see:

Adding Users

There are two basic ways to add users to the EEE Server: you can either add the details manually or; import the details from Active Directory. There is no actual difference with either approach and the users in the EEE Server would be identical in either case. Although one benefit to the Active Directory synchronisation is that it will automatically keep user details up to date in the Enterprise Server, if they are changed in the Active Directory. Or if you make use of the Team import it will create and maintain Teams within the EEE Server that correspond to the Organisational Units (OUs) defined in the Active Directory. But in either case the users are licensed in exactly the same way and there is absolutely no difference in behaviour on the EEE client.

Manually add users

Users can be added directly to a team by typing or pasting their details into the Add interface. For more details see:

Import from Active Directory

Users can be imported into the EEE Server from an Active Directory. For more details see:

Define workstation policy

Workstation policies operate in a similar way to user policies. The main point of the workstation policy is to control policies when the user deactivates EEE, and to be in place before they have activated. It also contains some workstation specific settings.

The workstation policy is included in the EEE client MSI so once defined, they will be included in the install when the install is created.

In a similar concept to User teams, you may wish to use Workstation teams either to arbitrarily group workstations into more convenient sets, or make it easier to have different sets of policy available for different situations.

For more on workstation policies, see:

For a brief description on the different types of policy in the EEE Server see:

Create managed install

There are two ways to install the EEE client. Firstly you may download the MSI from the EEE Server and deploy this manually or with third party tools like SCCM, Altiris or Avnet BMC (Marimba). Secondly, you may use the network push function in the EEE Server to automatically connect to the workstation over the network and run the install automatically.

There is no functional difference between either approach and the EEE client will operate identically in either case. So use the approach that is either the quickest or easiest for you.

For more information see:

Updating client installs

The EEE client software is frequently updated so depending on the age of your EEE Server, you may not have the latest version available. Alternatively, you may wish to add a non English language version of the client software to the EEE Server. You can therefore make changes to the client installs by uploading new versions and removing old versions you no longer need. For more information see:

Activating a user

The final step in using the EEE Server is to activate the user. This will also add the workstation record to the Organisation, and from this point you will be able to manage both the user and workstation and, if available, perform Full Disk Encryption operations.

For more information see:

Keywords: getting started EEE server setup set up how to install installation

We use cookies on our website to enhance your browsing experience. Read more