Jump to content

Peter Randziak

ESET Moderators
  • Content Count

    1,950
  • Joined

  • Last visited

  • Days Won

    72

Kudos

  1. Upvote
    Peter Randziak received kudos from MartinK in EOL for ESET MSP Administrator 1 set to DEC 31, 2020   
    This is an early announcement related to the end of life for ema.eset.com (EMA1). As we're completing the migration of MSPs to EMA2 (msp.eset.com), the aim is to phase out EMA1 completely by the end of the year.
     
    For more in-depth information and details, please consult the below links:
    ESET MSP Administrator V1 to V2 Migration Process FAQ: https://help.eset.com/ema/en-US/migration_faq.html  ESET MSP Administrator versions feature comparison (EMA1/EMA2): https://www.eset.com/int/business/msp-administrator/ More about ESET MSP Administrator V2: https://help.eset.com/ema/2/en-US/ How to use EMA2 with your ESMC https://help.eset.com/msp_getting_started/en-INT/  There will be more detailed information about what this specifically means coming via the usual channels and you'll be informed about any action steps that may arise as part of this EOL initiative.
  2. Upvote
    Peter Randziak received kudos from MichalJ in ESET cloud Administrator   
    Hello @Christoforos
     The team responsible was able to determine the root cause of the issue.
    Fix will be prepared, tested on test environment and deployed to production.
    Consoles has been restarted to resolve the issue until permanently fixed, so you should be able to access your ECA right now.
     
    We apologize for the inconvenience caused,
    Peter
  3. Upvote
    Peter Randziak received kudos from Nightowl in ESET cloud Administrator   
    Hello @Christoforos
     The team responsible was able to determine the root cause of the issue.
    Fix will be prepared, tested on test environment and deployed to production.
    Consoles has been restarted to resolve the issue until permanently fixed, so you should be able to access your ECA right now.
     
    We apologize for the inconvenience caused,
    Peter
  4. Upvote
    Peter Randziak gave kudos to Marcos in ESET NOD32 Google Chrome 79 crashes   
    A fix will be included in v4.0.95. There's no ETA yet but it shouldn't take long.
  5. Upvote
    Peter Randziak gave kudos to Marcos in Chrome 79 always starts a core dump and crashes   
    As I wrote, there will be a hotfix of ESET NOD32 for Linux desktop that will address the issue.
  6. Upvote
    Peter Randziak gave kudos to Mirek S. in MDM certificate   
    Hello,
    As @Perry noted 3rd party certification authorities typically provide pem or pkcs#12 web certificate which does not contain root CA as that is not required for common webservers - this certificate is typically preinstalled on devices so that chain of trust can be established. MDM does a "bit more" than typical webserver - during enrollment we also install root CA to enrolled device to establish trust (we can't guess whether certificate is selfsigned or signed by CA already trusted by device) so we have extra requirement.
    I'll look into improving documentation wrt to 3rd party certificates as openssl command line how to convert between formats and appending root CA to existing certificates should help some users.
    HTH
  7. Upvote
    Peter Randziak gave kudos to Perry in MDM certificate   
    Hi,
     
    You should create a full chain certificate which contains SSL cert, intermediate, root and private key.
     
    - Download XCA and install it.
    - Download OpenSSL and install it.
    1.) Create a empty file (C:\temp\cert-chain.txt) on your PC and past the following inside it:
    -----BEGIN CERTIFICATE-----
    (Your Primary SSL certificate from C:\temp\your_domain_name.crt)
    -----END CERTIFICATE----- 
    -----BEGIN CERTIFICATE-----
    (Your Intermediate certificate from C:\temp\TheIntermediateCA.crt)
    -----END CERTIFICATE----- 
    -----BEGIN CERTIFICATE-----
    (Your Root certificate part from C:\temp\TheTrustedRoot.crt)
    -----END CERTIFICATE-----
    2.) Now replace the content inside the brackets with your certificates (which you can export via XCA; PEM txt format). The order above is VERY important so do not mix it!
    2.) Export the private key (unencrypted in text format) with XCA from your certificate and store it inside  C:\temp\server.pemkey
    3.) Now merge everything together as pkcs12 (filename extension for PKCS #12 files is .p12 or .pfx). To do that open a CMD (run as admin) and perform:
    cd C:\OpenSSL-Win32
    openssl pkcs12 -export -inkey C:\temp\server.pemkey -in C:\temp\cert-chain.txt -password pass:ABCD -out C:\temp\certificate(chain_and_key).pfx
    4.) Your PFX file is now ready to be used.
  8. Upvote
    Peter Randziak gave kudos to Mirek S. in MDM certificate   
    To have "secure" as in trusted by browser, You need to purchase 3rd party certificate from common internet certification authority.
    One of such certificate authorities is let's encrypt who provide certificates for free.
    ESMC creates self-signed certificates which are not trusted unless their root CA is imported into device certificate store.
    @Command IT What You probably mean was certificate chain installation which was required till 6.5 due to TLS layer we used. In 7.0+ we use different TLS layer on windows (openssl) and PKCS#12 is newly required to contain entire certificate chain including root CA - system certificate store is not used anymore.
  9. Upvote
    Peter Randziak received kudos from Camilo Diaz in Latest update causes eset_proxy to flip out   
    Hello guys,
    I opened a ticket with the dev team to check the logs provided by @Camilo Diaz
    In case you have the logs (as described by Marcos), or are willing to record them feel free to provide me with them so I can have them checked...
    Regards, Peter
  10. Upvote
    Peter Randziak received kudos from Nightowl in ESET Endpoint Antivirus for Linux 7 BETA signup   
    Dear Linux community,
     
    We’ve been working on the new generation of our solution for Linux desktops for quite a while.
    The hard work of our development & QA teams, using technologies developed for the ESET File Security for Linux 7, were materialized into the first BETA version of our Endpoint product, which we would like to share with you.
    To mention just few of the top new features:
    Completely new distributed architecture, natively 64-bit, with better performance, security and stability New technology for On-access scanning by means of ESET-in-house-developed lightweight kernel module   Optimized for multi-core performance  Compatible with latest ESET Security Management Center 7.1  
    If you are interested in getting a chance of a hands-on experience with it and see the full list of improvements, just leave a comment here or send me ( @Peter Randziak) and @TomasP a private message.
     
    We are looking forward to your participation.
  11. Upvote
    Peter Randziak received kudos from PodrskaNORT in ESET Endpoint Antivirus for Linux 7 BETA signup   
    Dear Linux community,
     
    We’ve been working on the new generation of our solution for Linux desktops for quite a while.
    The hard work of our development & QA teams, using technologies developed for the ESET File Security for Linux 7, were materialized into the first BETA version of our Endpoint product, which we would like to share with you.
    To mention just few of the top new features:
    Completely new distributed architecture, natively 64-bit, with better performance, security and stability New technology for On-access scanning by means of ESET-in-house-developed lightweight kernel module   Optimized for multi-core performance  Compatible with latest ESET Security Management Center 7.1  
    If you are interested in getting a chance of a hands-on experience with it and see the full list of improvements, just leave a comment here or send me (  @Peter Randziak) and @TomasP a private message.
     
    We are looking forward to your participation.
  12. Upvote
    Peter Randziak gave kudos to Marcos in Latest update causes eset_proxy to flip out   
    When esets_proxy is heavily utilizing the CPU, select esets_proxy on the CPU tab in Activity Monitor. From the menu choose Sample process and Save as. Please provide the file along with ESET Log Collector logs to customer care. You can also upload the files here.
  13. Upvote
    Peter Randziak gave kudos to TomasP in Upgrade to Windows 10 version 1903 may cause boot error on Windows 10 with ESET Endpoint Encryption   
    We have identified a problem when upgrading a Windows 10 system with ESET Endpoint Encryption installed to the 1903 feature update. Installing the update can cause the system to crash (blue screen) when booting.
    We are currently investigating the cause and recommend not upgrading an encrypted system to 1903 until further notice.
    Systems that have been affected will need to be decrypted using our recovery tool (if full disk encryption was enabled) and then repaired using the Windows recovery console. See this knowledgebase article for more details: https://support.eset.com/kb7309/
  14. Upvote
    Peter Randziak gave kudos to Pinni3 in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Thank You @MichalJ and @MartinK for explaination
  15. Upvote
    Peter Randziak gave kudos to pps in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @MichalJ just make an AD synchronization and get the computers from there.
  16. Upvote
    Peter Randziak gave kudos to MartinK in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Unfortunately I am al so not sure how it was meant. We are officially declaring maximal number of managed clients to 10000 when using MySQL database, but it is not related to number of actually connecting clients, but rather limit is amount of data. ESMC installed over MySQL might have performance issues with processing larger amount of data and rendering larger datasets. As an result rendering of specific reports (threats for example) might be much slower, but in "clean" network even much larger environments can be managed with MySQL-based ESMC installation.
    Persistent connections as introduced in ESMC should actually significantly reduce load of ESMC server, especially in "dormant" state when no changes are made in management console. If properly configured on recommended HW, ESMC should handle hundreds of clients per second.
  17. Upvote
    Peter Randziak gave kudos to MichalJ in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @Pinni3. To get to your points: 
    For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept.  We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 
  18. Upvote
    Peter Randziak gave kudos to TomFace in Forum Feedback   
    A nice addition to the Forum...hopefully folks will take the time to read it.

     
  19. Upvote
    Peter Randziak gave kudos to Ceterisparibus in Introduce yourself   
    Hello,
    I'm ceterisparibus and I have been using Eset products (currently Cyber Security Pro for Macs) for about 4 years. I run them on Mac OS (both Mojave and High Sierra on two different computers). I look forward to reading the forums.
     
  20. Upvote
    Peter Randziak gave kudos to TomasP in Chrome is attempting to access my webcam when visiting a banking URL   
    Hello @lvl1k0n, Just to let you know, our development team analyzed the calls and the implementation on the websites you mentioned and came up with a fix for this issue that will be a part of a future application update.
    Regards,
    T.
  21. Upvote
    Peter Randziak gave kudos to MichalJ in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 
  22. Upvote
    Peter Randziak gave kudos to Thomas Stats in Introduce yourself   
    Hi there I am security expert and blogger. I am working in the IT area for over 10 years. All the gathered experience throughout the years I share with people at reviewedbypro.com.  Its a cyber security website that helps people deal with various online threats by providing detailed and insightful reviews to those who are interested.
  23. Upvote
    Peter Randziak gave kudos to MichalJ in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Thank you @Campbell IT Concerning the "logged users" - all is clear. We are already tracking an improvement for that, so I have added your feedback to it. With regards to the "Detection Engine", would the information about "last update attempt" (= when the application contacted ESET Servers, to check whether there is a newer version of any module) or "last successful update" (= when the application actually downloaded any of the newer modules from ESET Servers, which means it´s working with the latest modules), be sufficient to you?
    In the meantime, logic works, that machine changes its status from updated to non-updated after 7 days, and will report a protection status (red) with "modules out of date". If you are more strict with this, what you can do is to shorten the alert interval down to one day, by configuring a setting in a policy for security product as follows:
     

  24. Upvote
    Peter Randziak gave kudos to Marcos in Future changes to ESET Internet Security and ESET Smart Security Premium   
    This is not possible since only IP addresses are known to the firewall. Unlike firewall, web access protection works at the highest application level in the OSI model and has information about hostnames as well.

    You can try enabling SSL/TLS filtering for all applications under Web and email -> SSL/TLS -> Filtering mode: Policy mode.
    In case of any issues with SSL/TLS filtering in certain applications, you can adjust SSL/TLS scan mode for particular applications:

     
  25. Upvote
    Peter Randziak gave kudos to Bill_k in Introduce yourself   
    I'm a semi-retired engineer with a background in telecommunications software development and project management. I've always had an interest in computer security and its related software, and have been through a large number of available solutions in the market. I've found that ESET is the most efficient in its resource usage as well as offering the best level of control while also operating with a minimum of intrusions compared to its competitors. Looking forward to gaining knowledge about ESET's products on this forum, and am excited about the 2019 version of ESET Internet Security which from what I read here is expected to be released shortly. ☺️
×
×
  • Create New...