Jessraea

Would that be different then what I am already doing when I submit them here? Report Miscategorized URL (eset.com) What I am getting at is this is persistent among their WebEx IP blocks which means to me this will continue to happen and i will continue to have to report it if these aren't just corrected to begin with. Here are are a few blocks that I see consistently see IP's from popping up on our network (per the URL I provided in the previous post) pretty regularly. 23.89.0.0/16 (CIDR) or 23.89.0.0 - 23.89.255.255 (net range) 62.109.192.0/18 (CIDR) or 62.109.192.0 - 62.109.255.255 (net range) 64.68.96.0/19 (CIDR) or 64.68.96.0 - 64.68.127.255 (net range) 66.114.160.0/20 (CIDR) or 66.114.160.0 - 66.114.175.255 (net range) 66.163.32.0/19 (CIDR) or 66.163.32.0 - 66.163.63.255 (net range) 69.26.160.0/19 (CIDR) or 69.26.160.0 - 69.26.191.255 (net range) Here 2 just from today (both of which i submitted to ESET as being miscategorized) 23.89.53.82 & 23.89.82.98 Is there a way these can be categorized in batch form, via your 'categorization provider'? Is this not ESET that does this?

I'm curious if this is simply our constant struggle or if this is prevalent with other organizations too. I have opened a ticket with ESET on this previously but they treated it as a non-issue as they chalked it up to being dealt with as I had submitted the IP's as incorrectly categorized. We use WebEx and I would say, a minimum of twice a month , I have users tell me they are being bombarded with Web Control errors saying that an IP has been blocked by Web Control. Sometimes this effects their audio, othertimes it's just insanely annoying for due to their prevalence while the meetings are going on. The thing is, these IP's are clearly a part of WebEx's IP Ranges on Cisco's page. Video Conferencing - How Do I Allow Webex Meetings Traffic on My Network? I have sent these to ESET asking them to categorize these appropriately. Each time this happens with my users it's honestly a different category. Gambling, pornography or most recently hate speech. These IP's are not new, from what I can tell these have been posted on their site for quite some time. I can continue to submit miscategorization requests but it seems pretty futile, as I still have to whitelist them. How can I get ESET's attention to at least get the current WebEx blocks categorized appropriately? This doesn't seem to be a case of the IP's are updating/changing faster than ESET can realistically keep up. Rather it seems like a complete oversight. Thanks in advance.

I am not sure if this is the default but my Connection Settings for my Remote Workstation Agent is set to Data Limit: 1 MB at a 10 minute interval. We will have around 140 machines connecting remotely to ESET's server. Can i get some feedback on these settings is this too frequent is the limit a good benchmark?

Thanks for the quick response Marcos.

I am asking as I believe i may have heard/read this at and earlier date but can't re-confirm. Is the Web & Email settings, including Protocol Filtering, Web Access Protection, Anti-Phishing and Web Control only functional with Personal Firewall turned on or can they work correctly without the Firewall turned on?

Thanks Marcos. But we are not utilizing the Firewall portion of ESET for our remote devices so this is not enabled whatsover.

We are testing our new ESET 6 policy for our remote devices. We use SSL VPN through CheckPoint we have no issues at this juncture with getting through the VPN. Once we RDP to our local machines on site, RDP hangs within <3 minutes of working on the session. Any ideas on what within the policy is causing this? If i remove it - and roll back to ESET 5, I have no issues to speak of. I have at least one other testing laptop unable to work normally as well with this policy in place.

Thanks Michal. It looks like the trace message says "Task failed in the security product." I only found one other post with that error noted and I am not sure where that leaves me. Is this relating to a license issue for this client?

Hey all - I am just starting to dive into Task creation for devices i will be managing. I noticed one of my servers is presently listed as having out of date virus signature updates. I scheduled a task to update that. As you can see from the screenshot it failed. OR so i think this is the same task i just ran - it's hard to say without the time/date of occurrence. When I got to Edit Columns i can only remove the current columns not add a new one. Is there a reason why this is not considered incredibly valuable when reviewing task executions for clients? And am I missing a step here perhaps to getting that?

Yes, that makes sense to me and that is what i was expecting as well. However, it seems the ESET dialogue in the browser and the pop-up are just not applying correctly. hxxp://craigslist.org Screenshot 1. Not showing my custom message. Facebook, screenshot 2. Not showing an ESET message by category block or the pop-up.

Marcos - that is valuable to know, thank you. So the blocked message will only be applied on HTTP sites? It still begs the question, why is HTTP ://www.craigslist.org not getting the message I have in place as an HTTP address as it is sitting in my URL Group with a Block rule applied to it?

I am testing out how URL Groups & Category Groups that I have BLOCK/WARNING rules set up for show my custom message. This is what is happening. An explicitly blocked website, within the URL Group Rule, gets the "Access Denied" ESET banner stating: The web page is on the list of blocked websites specified by the user. We also see the small ESET pop-up box on the bottom right stating the site is on my LIST, the URL & IP address. Those within the Category group get the generic browser "This page can't be displayed" and no pop-up from ESET. I was tipped off this could be relating to redirects for the sites as a few i am testing are social media, like Facebook, Twitter, etc. Logically i would expect that if these are all BLOCKED sites, they should be prompting the ESET message i created. Also, my logs are not showing me any notifications for explicitly blocked sites - only the categorical ones. Is that normal? Any help is appreciated. Thanks.

Thank you for clarifying.

That sounds very likely based on what I have read.

Thanks Bbahes. I read through that a few times, but it still begs the question as to why you would use 'blocked' addresses through this function. As for logging, nothing on the Security Knowledge base, that I could find, explicitly said I could log from this setting.