Jump to content

Peter Randziak

ESET Moderators
  • Content Count

    1,839
  • Joined

  • Last visited

  • Days Won

    64

Kudos

  1. Upvote
    Peter Randziak gave kudos to Marcos in EIS started blocking Outlook POP3s recieving   
    We've reverted the Cryptographic support module to the previous version while the issue is being investigated and a solution prepared. You should now have version 1028.2 of the module which didn't cause the issue.
  2. Upvote
    Peter Randziak gave kudos to Marcos in List of hardware of all managed clients   
    Clicking "hw report" on the top of this topic will show you another topic with a similar question. If that is what you are after, then creating such report is not currently possible but we track it and possibly it will be implemented in one of future versions.
  3. Upvote
    Peter Randziak gave kudos to MichalJ in List of hardware of all managed clients   
    Hello @Cruz This is a common request, that is being tracked. However, as of now, it is not yet confirmed for the scope of the version 7.1. I will verify, whether it´s still doable. 
  4. Upvote
    Peter Randziak gave kudos to MichalJ in Built-in Policy Seemingly Not Functioning   
    You are right, the policy is "buggy", as it by default it includes also default rules (when you click on the " Show built in (predefined) rules" checkbox in the bottom they will be shown). I will ask our team to change it.
    As a quick workaround, you should either edit the policy, and move the rules to the top (above the default ones). Or disable the predefined rules. I am sorry for the inconvenience. 
  5. Upvote
    Peter Randziak gave kudos to Marcos in cmd.exe showing as suspicious file   
    Ignore this. The file was indeed suspicious for some reason but it was not detected. Actually you're using a very old version of EFSW 4.5 which already reached its end of life in 2016 according to https://support.eset.com/kb3592/#efsw.
    While module updates are still provided, EFSW 4.5 cannot protect you from new borne malware effectively enough. Moreover, it was made long before Windows Server 2008 R2 was available so it doesn't natively support it and you may run into issue.
    I strongly recommend uninstalling EFSW 4.5 and installing EFSW v7 from scratch.
  6. Upvote
    Peter Randziak gave kudos to MichalJ in ECA - Can we create dynamic groups?   
    Thank you for the idea. I agree, it might be beneficial. I will discuss it with relevant people. 
  7. Upvote
    Peter Randziak gave kudos to Mirek S. in MDM https requirements   
    Hello,
    Those requirements are there mainly because iOS devices as we use built-in iOS. What iOS devices accept as trusted differs per iOS version and we described _most_ restrictive rules which should work always. (There are other requirements like RSA2048+, SHA256+ etc... for iOS described elsewhere in documentation)
    So in the end Your certificate may work (it will definitely work for Android devices), however when Apple brings some update to their trust validation it might stop working.
    HTH,
    M.
  8. Upvote
    Peter Randziak gave kudos to Michael S in ESET Cloud Administartor - Client Installer   
    MartinK, you're great! Thanks for your suggestion about problems accessing the ESET repository servers.
    The firewall in our network provides a transparent HTTP proxy. This seemed to cause the problem. After adding  HTTP exceptions in the transparent proxy for the test computers the ECA Live-Installer package starts without error.
    Thanks again for your support, you saved my weekend!
    🙂
  9. Upvote
    Peter Randziak gave kudos to sdnian in Activation fail. ECP.20006   
    Thanks for @MartinK and @Peter Randziak help.
    I have found a solution to resolve this issue. The Sophos Firewall have a function - Web Proxy, it works as transparent proxy mode by default, after I added a rule to bypass transparent proxy for ESMC host, the product activation works well.
  10. Upvote
    Peter Randziak gave kudos to MartinK in Activation fail. ECP.20006   
    Certificate that is considered by ESET products as untrusted, i.e. injected into communication has following identifiers inside:
    IP Address=fe80:0000:0000:0000:...:2a5a IP Address=192.....204 DNS Name=localhost DNS Name=G....net.local which might help you identify source.
    Otherwise certificate contains no other details, it actually like like default certificate that is generated for ESMC Webconsole, but it makes no sense to be injected into communication. Could you verify this certificate is used by your ESMC console for Apache Tomcat connections (I have made some redaction of data present in certificate)?
    Also as you mentioned, MAC addresses from communication with ESET licensing server (IP=13.91.57.145) indicates that next device is Sophos, but it does not mean it is source of this injected certificate.
  11. Upvote
    Peter Randziak gave kudos to BeanSlappers in Eset parental control is better than Kasperskys parental control.   
    Hopefully this is the right place to do this.
     
    As a ex user of kaspersky, I have noticed a few things different with eset parental control and kasperskys parental control which makes eset better:
    How eset is better:
    One place for the settings for the parental control. The parental control has more settings and more room to play with. The parental control works on encrypted sites without any additional settings to change somewhere else. The parental control actually blocks sites. So far I have not found any sites that its blocking incorrectly. So far I am loving it and have changed over to it on all home PC's for the trial.
  12. Upvote
    Peter Randziak gave kudos to Mirek S. in ERROR WHILE INITIALIZING CONFIGURATION EDITOR.: (TYPEERROR) : ((INTERMEDIATE VALUE)(INTERMEDIATE VALUE) , K).INITCONFIGEDITOR IS NOT A FUNCTION   
    Hello,
    We checked multiple browsers to identify which one produces this error (seems like you posted chrome error), However for future reference (and potentional improvement) can you please answer following?
    browser(s) (in case of IE ideally export security settings for security zone console is in) - you already said you tried multiple, however platform/browser still matters for reproduction. webconsole behind reverse proxy/application firewall ESET (or other) product with TLS filtering enabled installed on computer connecting to console Any "uncommon" setup you can think of This issue can arise in case _some_ https requests on same site (in this case as Pavel said seems like js script) is blocked from download. Which in case of TLS (to my knowledge) requires MITM interception (product/WAF/RP/actual attack) or extremely restrictive browser rules.
    Thanks,
    M.
  13. Upvote
    Peter Randziak gave kudos to Mirek S. in ERROR WHILE INITIALIZING CONFIGURATION EDITOR.: (TYPEERROR) : ((INTERMEDIATE VALUE)(INTERMEDIATE VALUE) , K).INITCONFIGEDITOR IS NOT A FUNCTION   
    Hello,
    It's possible CloudFlare incorrectly caches some parts of configuration editor and returns out-of-date data causing this. Please create HAR log @PavelP mentioned it might help us determine whether issue is with CloudFlare or webconsole itself.
    Ideal would be to have tomcat access log paired with this log to determine which requests made it to server and which did not.
    Thanks.
  14. Upvote
    Peter Randziak gave kudos to filips in Cycled antispam   
    Hi yardstudio,
    Releasing of spam from mail quarantine should work even if you don't report the false positive. The message is resent using replay directory and antispam is not evaluated again.
    If the email was marked as spam again, it means that it was routed through SMTP agent and tested for spam again - this is not the usual case. Do you have more Exchange servers in your environment? If yes can you describe routing of mail?
    Information about delivery of the message can be seen in "Received" headers (in the detail dialog) of the message that returned to quarantine. Please post the "Received" headers.
    BTW, which version of EMSX do you use?
  15. Upvote
    Peter Randziak gave kudos to TomasP in Upgrade to Windows 10 version 1903 may cause boot error on Windows 10 with ESET Endpoint Encryption   
    We have identified a problem when upgrading a Windows 10 system with ESET Endpoint Encryption installed to the 1903 feature update. Installing the update can cause the system to crash (blue screen) when booting.
    We are currently investigating the cause and recommend not upgrading an encrypted system to 1903 until further notice.
    Systems that have been affected will need to be decrypted using our recovery tool (if full disk encryption was enabled) and then repaired using the Windows recovery console. See this knowledgebase article for more details: https://support.eset.com/kb7309/
  16. Upvote
    Peter Randziak gave kudos to serlockwright in Can not create license offline in ELA and EBA   
    I already created the offline license file. Thank you for support.
  17. Upvote
    Peter Randziak received kudos from serlockwright in Can not create license offline in ELA and EBA   
    The issue has been resolved, you should be able to generate the offline license file now, can you confirm?
    Peter
  18. Upvote
    Peter Randziak gave kudos to Marcos in Horizon - Endpoint Antivirus   
    This is untrue. We contacted VMware and provided them with details about the problem in their driver. It's their turn now.
  19. Upvote
    Peter Randziak gave kudos to TomasP in Can No Longer View Who Is Logged Onto The Forum?   
    Thank you for pointing this out, last time it was an issue with a cache, we reported this again to the service provider, so hopefully it will be resolved soon.
    Tomas
  20. Upvote
    Peter Randziak gave kudos to itman in Can No Longer View Who Is Logged Onto The Forum?   
    This just started today. All I see is myself?
  21. Upvote
    Peter Randziak gave kudos to TomasP in Can No Longer View Who Is Logged Onto The Forum?   
    Hello, this has now been fixed, you should be able to see all online users again.
  22. Upvote
    Peter Randziak gave kudos to Pinni3 in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Thank You @MichalJ and @MartinK for explaination
  23. Upvote
    Peter Randziak gave kudos to pps in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @MichalJ just make an AD synchronization and get the computers from there.
  24. Upvote
    Peter Randziak gave kudos to MartinK in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Unfortunately I am al so not sure how it was meant. We are officially declaring maximal number of managed clients to 10000 when using MySQL database, but it is not related to number of actually connecting clients, but rather limit is amount of data. ESMC installed over MySQL might have performance issues with processing larger amount of data and rendering larger datasets. As an result rendering of specific reports (threats for example) might be much slower, but in "clean" network even much larger environments can be managed with MySQL-based ESMC installation.
    Persistent connections as introduced in ESMC should actually significantly reduce load of ESMC server, especially in "dormant" state when no changes are made in management console. If properly configured on recommended HW, ESMC should handle hundreds of clients per second.
  25. Upvote
    Peter Randziak gave kudos to MichalJ in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @Pinni3. To get to your points: 
    For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept.  We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 
×
×
  • Create New...