[How to correctly use "Display message" task on ERA?]

I think display message task in ERA depend on "net send" windows

[Specify static group in Agent installation command line]

On 19/11/2015 at 0:04 AM, Baptiste Penaranda said:

Hi,

 

I would like to add a parameter to Agent installation command line : a static group, since I can set it with normal installation.

Any way to do this ?

I dont know if using command line.. but as long your agent.msi in the same path with install_config.ini (generated from ERA, select GPO or SCCM script). I am using shared folder, than execute remote command with msiexec.

[How to make ERA appliance work in AD domain with SMB1 disabled?]

this topic maybe can helpyou

 

 

[Phising spam email]

On 11/7/2017 at 0:22 PM, Marcos said:

Please drop me a pm with the original email saved as eml or msg file attached.

Hello, any update about this ?? we still get this spam...

[Phising spam email]

We found many email spam like request reset password to our user. We are using Endpoint Security and ESET Mail Security for Exchange, still not block email like this bellow.

URL Link at email body looks like phising site _hxxp://vazweb.com.br/cn/index.php?userid=user@domain.com

How can i block this email with EMSX or EES ?

[Duplicate Policy All Group - ERAS 6.5]

I found there are something strange in webconsole 6.5. When there are policies used by multi group, in my case shared object group. Policies sometime duplicate under access group ALL. See the picture below.

[Compatibility for Windows XP and 2003]

According to this KB hxxp://support.eset.com/kb3507/?viewlocale=en_US, Windows XP SP3 and Windows Server 2003 still supported with latest v6 as long as license still valid.

But, for version 5 (well know fully support windows XP) EOL at Dec 2018. May i know how long ESET v6 supported Windows XP or 2003 ? 

[Deploy ERA Agent using ESET Remote Administrator 5.x]

Instead using generated .bat file from ERA, i am create a simple script using autoit that stored configuration like ( hostname server, port server, agent certificate, and authority certificate ). You can see example here https://forum.eset.com/topic/5140-another-way-deployment-agent-and-endpoint-together/

Create custom package from ERA 5 (contains custom script + agent + endpoint ), then using ERA 5 push install task. IMO, the easy way to deploy agent if your environment MS Active Directory is via GPO or SCCM.

[Windows 2008 R2 Domain Controller Policy]

i think automatic exclusion EFSW enough for domain controller or other microsoft software. but, if you need more information about exclusion, you can see here https://social.technet.microsoft.com/wiki/contents/articles/953.microsoft-anti-virus-exclusion-list.aspx

 

[Client custom info - Configuration Mirror Enabled]

To me it's not clear what you mean by "I can set client custom for computers with mirror enabled or Update server".

In Endpoint v6, you can specify a custom path to mirrored update files. Mirror can be created using a command-line Mirror tool or using Endpoint v6 or a server v6 product (EMSX, EFSW, EMSL, ESHP).

However, by using an HTTP proxy you'd normally save a lot of data as only files that would be really needed by clients and have not been downloaded by any client yet would be downloaded. This is different to mirror which would always download all files with every update (more than 100 MB with each).

 

You wrote "Don't suggest me to create apache http proxy, because internet access not allowed." However, if there's a single computer with Internet connection in the network, you can install HTTP proxy on it and confine the proxy for access to ESET's servers only.

 

Maybe you don't believe, if i say there are no computers with internet connection directly except notebook for branch office manager. We can't use that notebook as HTTP Proxy, because they are not always in the office. Every computer connected head office via VPN through VSAT connection, only for specific port (internal application and 2222, 2221 for ESET communication). I know mirror download huge files, but its fine for us when i open ESET communication only at 00.00 AM and 17.00 PM.

 

Another reason i don't use HTTP Proxy because it must installed, if computer broken you must installed again (its mean i need new images os with additional apache http proxy installed). So for now mirror for endpoint for us was the best solutions. Just change policy to activated mirror from ERA, and its done.

 

As I do understand correctly, this is related to "tagging" computers for rapid identification of the ones, that are serving as update mirrors.

Custom fields were removed, but for the next major (however not the upcoming 6.5 release) we are planning to introduce advanced tagging options, that will resolve this problem.

 

Yup, you are correctly.

 

May i ask you, can ESET provide msi apache http proxy installer that can be configurable for silent install instead zip files ? i think is very helpful for deployment.

[Client custom info - Configuration Mirror Enabled]

I am migrate from version 5 to 6. In version 5 we have many branch office ( 500+ ), every branch have one or two computer that connected to head office and assigned as mirror for local update 5 - 10 computer. The problem is when migration from era 5 to era 6, dynamic group, policies, and computers cannot migrated.

I am trying re-creating group or re-searching endpoint with mirror enabled, so i can monitor branch office update.

ps : don't suggest me to create apache http proxy, because internet access not allowed.

[Client custom info - Configuration Mirror Enabled]

With ERA 5, i can set client custom info for computers with mirror enabled or Update server. How can i do that in ERA 6 ? is it possible ?

[Full Backup ERA 6.3/6.4]

Hello Team

 

 

how to backup era 6.3/6.4 include agent connection & policy with database?

 

 

Regards

 

Vimarsh P. 

 

Since ERA 6 all configuration and setting stored in database, you just do full backup on your database. Please check this link hxxp://help.eset.com/era_install/64/en-US/index.html?db_backup.htm

[Mirror Tool]

Apache HTTP Proxy is a good solution for customer who have internet connection ( in all computer have access to the internet ). But for some customer with limited internet connection, its very difficult. I do some test with Apache HTTP Proxy and Mirror Tools for client with very very limited internet access. Let me explain my experience using Apache HTTP Proxy :

1. Apache HTTP Proxy act like proxies server, when there are no request no cache. Even if there are request, some client just downloaded directly to the internet via Apache HTTP Proxy, not from cache. I am very happy, if ESET can prove or showing some log which Apache HTTP Proxy 100% delivering cached file to endpoint. Mirror Tool downloaded once from local or internet, 100% deliver it to endpoint.
2. Proxy good for caching installer file ( mirror tool can't), but you must maintain cache from Apache HTTP Proxy, directory cache always grow up. So you must run htcache clean tools for resolved some issue ( manually or you can set up cron/scheduler ). You dont need clean up temp mirror tools.
3. Cache directory from Squid or Apache HTTP Proxy very difficult to copy or migration. Mirror tools just copy.
4. You must update some version Apache HTTP Proxy manually for solving some problem. So far Mirror tools nope.

I am not hate Apache HTTP Proxy, i am still using it for activation client who are not have internet connection. It exception because connection for activation not much as update signature. Because there are no way you can activated endpoint from ERA without internet connection.

[how to make newly installed agents join a static group ?]

Nope, i am trying to find that way. The only way you can assign static group when install agent is using agent server assistant installation.

[Mirror Tool]

I think mirror tools for now its good enough. I have create some script ( bat or bash ) for setup mirror tool for our client, and our customer looks happy with that.

 

 

But for the future, maybe ESET should included wizard/check box for automation setup mirror tool when install ERA using All in One installers. For http server just put in webapps tomcat directory.

[Show Policy, Notification, Dynamic Groups Setting Per User Log In]

I am setup per user permission, dashboard, generated report, computer menu works great. Dashboard only display assigned static group, generated report and computer menu works too. But not for Policy, Notification, Dynamic Groups in Admin Setting. Simple question :

 

"whether it is possible in era to only displaying Policy, Notification, Dynamic Groups in Admin Setting per assigned group ?"

 

[Mail Security for OpenSUSE]

Its simple, go to settings - in the bottom you will find User configuration

1. Then add white-list and black-list category then save
2. Set action for white-list and black-list then save
3. Add sender address using "|" in the front then save
4. Address will be found, in right panel, in my case SMTP, then Choose parent config for address inputed

[Webconsole Not Showing Installed Icon]

I think the problem about DNS resolving, i am just reinstalling Agent on the Server. But after restart, icon and data gone again.

Trying change DNS Server, and wait for sync. So far information about client on dashboard Oke, i will report back.

./Agent-Linux-x86_64.sh --skip-license --cert-path=Agent.pfx --cert-auth-path=CA.der --hostname=server.hostname.com --port=2222

[Webconsole Not Showing Installed Icon]

I'm try to install ERAS on CentOS 7. Installation successfully, trying restart once for makesure.

But after one client connected and restart server again, there are no information about connected client ( even agent on localhost )

 

 

I am also see for an agent and server status, everything fine

 

 

[problems installing ERA 6.2 in Centos 7]

if you Install mysql odbc connector from MySQL website, its suggested for install MySQL Server using installer from website too.

I think you need upgrade first ( yum update ) using epel-release before execute installer ERA Server.

[eset with japanese language]

just change enu with jpn for windows

and en with ja for mac

hxxp://download.eset.com/download/win/ees/ees_nt32_jpn.msi
hxxp://download.eset.com/download/win/ees/ees_nt64_jpn.msi
hxxp://download.eset.com/download/mac/ees/ees_osx_ja.dmg

[How to create dynamic group by IP addresses]

Wow, thanks bro

its working now

[How to create dynamic group by IP addresses]

I'm trying to make dynamic group by IP Range with ERA 6, and after read manual first hxxp://help.eset.com/era/6/en-US/rule_editor.htm

Here the template

 

IP Range : 172.17.77.1 - 172.17.77.254

 

Operation : AND

Network IP addresses, Adapter IP address : has prefix : 172.17.77.?*

 

 

Then create dynamic group by that template, but there is no client move to this dynamic group.

 

The Question :

1. There are any wrong of the above configuration?
2. How long interval for ERA to move client to NEW dynamic group ?

[Another way deployment agent and endpoint together]

I know you can create MST transform and deploy through GPO or SCCM.

But if you dont have network with AD it can some trouble,

Anyway deployment with pstools its a good idea, thanks !

But, i missed offline package installation from ERA 5

 

 

 

This script contains 2 file agentcfg.ini and executable file.

[Config]
EndpointURL_32bit="hxxp://192.168.186.1/ENDPOINT/v6/eea_nt32_enu.msi"
EndpointURL_64bit="hxxp://192.168.186.1/ENDPOINT/v6/eea_nt64_enu.msi"
AgentURL_32bit="hxxp://192.168.186.1/ERA/Standalone/Agent/Windows/Agent-6.1.444.0_x86.msi"
AgentURL_64bit="hxxp://192.168.186.1/ERA/Standalone/Agent/Windows/Agent-6.1.444.0_x64.msi"
HostnameServer="192.168.186.1"
ERAPort="2222"
AgentCert="Your BaseCode64 Agent Certificate"
CACert="Your BaseCode64 Authority Certificate"

Edit and change according to your server configuration.

 

v6-einstaller.png

 

Maybe this trick can helping sysadmin for deployment ESET more easier.

 

Notes : you must compile using autoit for get executable file