Peter Randziak

Hello @Sec-C
thank you for sharing this, the team responsible has a task tracked to analyze possibility of using it.
Peter 
Note for us: P_EESU-1800

If you set correct exclusion to backup process you could still see that real time protection is scanning backup files because other system processes could access those files, e.g. spotlight indexer. This could be turned off by correct performance expulsions on target or may be source folders. But if you will exclude so much it is dangerous, you can backup infections too. So if such huge exclusion is used it is important to scan source backup folder[s] by custom on-demand scan with In-Depth profile before backup. This on-demand scan on source data before doing backup is good to do regardless exclusions because od-scan, especially in in-depth profile, does more strong scanning that real time protection. RTP can not do it because strong scannig is time consuming and not too much real time.

Hi, you must write complete path to process binary. It is not sufficient to use application bundle only. Wildcards are not supported.
 
e.g. if I want to exclude Safari I should create process exclusion with process path:
/Applications/Safari.app/Contents/MacOS/Safari

 

That is indeed true, we are always 1 hour ahead of the UK. But that's not what the "+1" refers to 🙂
In winter, UK is on GMT and we are on GMT+1. In summer, UK is on GMT+1 and we are on GMT+2.
The difference is always one, but the time zone name refers to GMT, rather than UK time.

Hi eornate,
it look like enhanced security is enabled and package manager is unable to check GPG keys. Our package isn't signed and therefore installation is failing. You should be able to install efs manually, but you need to skip gpg check. 
 
sudo dnf install --nogpgcheck ./efs-10.2.41.0.x86_64.rpm Regards,
Kurco

Hi eornate
I advised to the client to client to contact their internet provider, since a lot of customers who are using Telstra as internet provider are experiencing troubles with the ESET modules update. 
This client called me and he informed me that the resolution from their internet provider is to have the replacement of new modem, when they got a new version of modem and connect to the internet the problem has been resolved
 
Cheers, 
Gil 
 

Thank you for the report, @Damjan, the data is now fixed.
@cyberhash The "+1" offset is not compared to the UK, though, but to UTC/GMT time, which does not shift for daylight saving (time in the UK is the same as UTC/GMT only during the "winter" half of the year).
So the green zone from your map is UTC/GMT+2 during daylight saving time (CET becomes CEST), while the blue zone (UK including) is officially UTC/GMT+1 (British Summer Time).

Just to add to Aryeh's well-put answer, I would like to react to
A country's international position very much depends on the current government. Up until the recent elections in late 2023, Slovakia's government was very pro-Ukraine since day one of the invasion.
Anyway, since its inception, ESET has seen several governments in Slovakia, leaning to either side of the political spectrum - and regardless of the government at any given time, ESET has always maintained its core values and principles, which are also reflected in the links provided by Aryeh.
We will now lock this topic, as politics have no place in this forum and tend to create heated discussions, but we wanted to provide you with accurate information to address your concern.

Thank you very much for your valuable feedback. I absolutely agree with you. It is our goal to improve this situation and have all necessary components and tools in one installer/agent, with components enabled based on your license.
Currently, we are making efforts to introduce more improvements that enhance the experience of easily enabling additional protection layers. We are striving to achieve this through an installer that installs all components based on your license across all platforms. By expanding ESET Solutions, we allow for the easy enablement of additional protection layers via a context menu over a single computer or groups of computers. The license is preselected automatically, and everything necessary is enabled or installed on the endpoint.
We also aim to expand a dedicated section in the menu titled "ESET Solutions" where we are adding support for more and more protection layers. In this section, it is easy to distinguish where a protection layer is enabled and where it is missing.
If a customer does not have a sufficient license, they can request a trial and try an additional protection layer like LiveGuard directly from this section.

Hello,
 
Currently, only automatic VAPM scan launch is designed. VAPM scan is launched once in 24 hours within scheduler time frame (usually as soon as time frame starts)
You can workaround this by unassigning the policy > waiting till policy is unassigned and assigning again,  the VAPM scan should be re-set and launched again within the scheduled time frame.
We are constantly improving the product and Manual VAPM Scan Task is included in roadmap for implementation within few months, generally when EESW 11.1 product will be released - ETA end of June 2024.
 

This is a known clash between CloudStrike and Deep Behavioral Monitor. While the issue is investigated, you can:
 
Add cmd.exe, Powershell.exe, DllHost.exe, rundll32 to the Deep Behavioral Monitor exclusion list
or Temporary disable Deep Behavioral Monitor
or Try the latest version of modules from the pre-release update channel. If it makes no difference, resort to 1, 2 or 4.
or Disable Crowdstrike

The virtual appliance based on Rocky Linux 9 is planned to be available soon. As for installation on Linux, this is yet to be evaluated and decided. Would it be ok for you to use the virtual appliance if the database could not be migrated?

Hi @Mromeroq,
The Encryption Key is unique per EFDE Workstation. It is stored in an Encrypted location on the disk and is used to gain access to the workstation by using the users credentials to authenticate against.
Thank you,
Kieran

Hello. The licensing is the same for cloud and on prem. So when you have upgraded your license, it has upgraded it on all active endpoints, regardless if they are connected to the cloud version or on premises version. Even if you uninstall ERA from the on-prem server, but do not remove ESET from those other 11 machines, they will continue being counted.  The best thing would be to login to EBA, deactivate all devices, and reactivate only the ones connected to ESET PROTECT Cloud, using the console activation task. Unless you have some more machines to migrate. 

Hello, there will be soon a new version of the virtual appliance, that will be based on the Rocky Linux 9.  

It was fully tested. Upgrade with the msi installers or via a software install task was ok and the error didn't occur. Only those who clicked Checked for update were upgraded to v11 via uPCU. You can either switch to the pre-release update channel for the next few days or ignore the error and wait for the latest Configuration module 2109.2 to be released next week.

The error occurs if you manually check for updates and update to v11 is downloaded and installed after a reboot. The error doesn't occur if you upgrade to v11 via an msi installer which contains the latest version of the Configuration module 2109.2. This module is also downloaded if you switch to the pre-release update channel (a reboot will be required for the firewall to load properly).
On Monday we plan to release a newer version of the Configuration module 2109.2 on the regular update channel.

ESET Endpoint v11.0.2044 was released yesterday.

Hi @mathisbilgi , ECOS scans .tar archives so it is surprising it would not scan this one. If you have logging of clean objects turned on in your policy, you can go into Scan Logs and see the detail of the log and it should say what the result and the reason was. There may be cases when it would not be scanned, such as if the archive is password protected. But it would be helpful in diagnosing the problem if you could let us know what the detail says. thank you

Hello, as mentioned earlier, the specifics of pricing can vary from market to market, that's why you need to contact your local ESET distributor for the details.
Marcos provided you with as much as can be said from a general, non-country-specific point of view.
Thank you for your understanding.

We've found that you are probably using so-called micro updates with only a limited set of modules that they contain because of the "Port-IT" application for vessels. If that's true, then at least the Update module v1019 from 2019 will need to be updated at least to v1020 from 2020.

I've reached out to the product manager with a reference to this topic and asked to look into it with higher priority, if possible.

I've eventually received the ticket ID from our DE support. In the ticket a developer replied: We plan to investigate the problem in much greater detail in the future and optimize the product to provide a better performance in a next version. As the problem is easily replicated by accessing the website from a default installation of our product, we don't expect the need further data from the client.

Hello in version 9.1.13.0 is fixed to run on Ubuntu 22.04 latest kernels, in changelog Fixed: Compilation of kernel modules fails with latest kernels on Ubuntu 22.04. Latest kernel on Ubuntu in time of release is 6.5, it should work with latest kernel with no issues.

Hello,
the Network Prerequisites are covered at https://help.eset.com/protect_cloud/en-US/?prerequisites.html
the full list is available at https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall 
using ESET Bridge might be an option for you as it
1. by default (when Vulnerability & Patch Management is not being used) allows traffic related to ESET's services
2. caches significant portion of the traffic to save your bandwidth 
So I recommend to explore this option
Peter