Jump to content

Matus

Former ESET Employees
  • Posts

    67
  • Joined

  • Last visited

Kudos

  1. Upvote
    Matus received kudos from j-gray in Issues with MacOS v7   
    Hi J-Gray,
    I'm very sorry, it's a bug. We're tracking it and plan to fix in version 7.1 (available most likely in May)
    Until that time you've 2 options which comes to my mind:
    - reboot computer so system popup will appear (or "sudo launchctl stop com.eset.protection" and then "sudo launchctl start com.eset.protection") and Allow Proxy configuration and you can keep it disabled.
    - or you'll have to approve it via MDM (Jamf): https://help.eset.com/eea_mac/7/en-US/installation.html?install_remote_pre-installation.html > part: Web access protection and keep it disabled in settings.
    Please accept my apology for inconvenience
  2. Upvote
    Matus received kudos from Peter Randziak in Issues with MacOS v7   
    Hi J-Gray,
    I'm very sorry, it's a bug. We're tracking it and plan to fix in version 7.1 (available most likely in May)
    Until that time you've 2 options which comes to my mind:
    - reboot computer so system popup will appear (or "sudo launchctl stop com.eset.protection" and then "sudo launchctl start com.eset.protection") and Allow Proxy configuration and you can keep it disabled.
    - or you'll have to approve it via MDM (Jamf): https://help.eset.com/eea_mac/7/en-US/installation.html?install_remote_pre-installation.html > part: Web access protection and keep it disabled in settings.
    Please accept my apology for inconvenience
  3. Upvote
    Matus received kudos from j-gray in Issues with MacOS v7   
    Hi J,
    thanks for the reply. 
    This "Security Alert that "Web and email protection is not configured."" in GUI should be fixable by by adjusting v7 policy:  User Interface > Application statuses please disable : Network content filtering integration warnings. (left checkbox)

    Please can you confirm it works?
    "not report web and email status to server," - is the right checkbox unchecked from picture above?
    Enterprise Inspector supports ESET Endpoint AV for macOS 7+ from version 1.7, released a week ago. I think that you still have installed version 1.6, which has no support for Endpoint for macOS v7+. In such case, such message is present. Please can you confirm?
    Thank you
     
     
  4. Upvote
    Matus received kudos from j-gray in Issues with MacOS v7   
    Hi J-gray,
    thank you for contacting us. Please find root causes for understanding and some solutions/workarounds for your issues. 
    1, Users are prompt because integration to the system is happening during installation. If you're using JAMF and have configuration from v6, then this has to be changed, please see here: https://help.eset.com/eea_mac/7/en-US/installation.html?install_remote_pre-installation.html . It seems that you don't want WAP at all. Unfortunately, right now it's not possible to install the product without WAP component, therefore it always tries to integrate into the system. We're planning to have possibility to "exclude" components for installation later this year.
    2, New generation of product requires new configuration. As Michalj mentioned, you'll need to apply new policy tree. Now it works differently than in v6, which makes more sense. If GUI is opened, then icon in dock is present. If GUI is closed, an icon in dock disappears. You can set to disallow opening GUI to users or to disable showing a menubar icon as well. 
    3, Within the policy > User Interface > Application statuses please disable : Network content filtering integration warnings. That you "solve" the problem.
    Regarding "Disable by policy"... In ESET, Disable means something like "don't use it/pause using it", not "don't integrate into the system". When you disable it still stays integrated so when you enables it back, it just works. That's why even though you've disabled it, it's screaming that it's not configured, because it's not integrated into the system (user probably clicked Deny or manually erased integrated component (ESET Web&Email) in Network Preferences of macOS. 
    However, if you're not using JAMF it's recommended that this component will be allowed and if you're using it, then please allow it via JAMF (see guide above) and then feel free to disable it via policy. I'm also afraid that possibly you'll need to reinstall application.
  5. Upvote
    Matus received kudos from igi008 in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Hi Bob,
    By default, we're sending to EDTD only documents with active content (e.g. Macro) and not standard documents.
    However, it's possible, that e.g. an ordinary document would be send to ESET LiveGrid Feedback system (not EDTD) in case this document would be downloaded from URL/domain, which is considered as dangerous based on historic data for further inspection (should not normally happen).
    That means, probability of sending an ordinary document to ESET which you receive e.g. from customer with sensitive data is close to zero.
  6. Upvote
    Matus received kudos from Ufoto in Endpoint for macOS - protect configuration   
    Hi Kostadin,
    If you set policy via Protect, you can't change that locally. 

    Password protected settings are meant in case you're not managed or some settings are not managed... If you set every setting like that (even defaults) from Protect, user can't change that.
    On Mac, ESET Agent password protection is not present. To limit/protect against uninstallation ensure, that users are not administrators (root access) of a machine. In UNIX world, root can do everything. 
  7. Upvote
    Matus received kudos from Peter Randziak in Endpoint for macOS - protect configuration   
    Hi Kostadin,
    If you set policy via Protect, you can't change that locally. 

    Password protected settings are meant in case you're not managed or some settings are not managed... If you set every setting like that (even defaults) from Protect, user can't change that.
    On Mac, ESET Agent password protection is not present. To limit/protect against uninstallation ensure, that users are not administrators (root access) of a machine. In UNIX world, root can do everything. 
  8. Upvote
    Matus received kudos from MichalJ in System's Accessibility Features in Security and Privacy are blocked   
    Hi Paul,
    Have you tried also with the latest version - 6.7.876.0 ?
    There have been a couple of changes regarding MacOS compatibility. 
    Thanks
  9. Upvote
    Matus received kudos from Peter Randziak in System's Accessibility Features in Security and Privacy are blocked   
    Hi Paul,
    Have you tried also with the latest version - 6.7.876.0 ?
    There have been a couple of changes regarding MacOS compatibility. 
    Thanks
  10. Upvote
    Matus received kudos from Peter Randziak in Blocked EDTD? ntoskrnl.exe?   
    Hi Guys,
    this thing was identified as malicious, however, it's False Positive. We've added that to whitelist not to trigger, however, we're investigating what has happened, which system and why it was identified that as malicious. The issue will be fixed properly after that investigation.
    Anyway, for imagination if that would not be FP, then to your questions:
    Was it really a threat file that got deleted thanks to EDTD? - YES
    Would the ESET EndPoint Antivirus (without EDTD) still catch it? - No, it would not. Into EDTD are sent only files which Endpoint identified as clean, but "interesting" to further investigation
  11. Upvote
    Matus received kudos from Peter Randziak in ESET Dynamic Threat Defense is not accessible alert in ESMC Console.   
    Hi guys. We're very sorry for the inconvenience. We'll surely adjust a tooltip. To your question, why suddenly it starts to appear is that we've added a new message in case license is not available and it was implemented in current AV module 1548. In next version 1549 we'll also provide a more specific description of the error in computer details > alerts. Also, we've adjusted behavior in an environment with ESET proxy, so in case you have licensed EDTD and you experienced some issues, it should much better.
    Thank you for understanding and we're really sorry for inconveniences. 
  12. Upvote
    Matus received kudos from Peter Randziak in Issues with OS X client after upgrade   
    Yes, it's known and will be fixed in upcoming update. Seems that there is some miscommunication. We're sorry.
×
×
  • Create New...