Jump to content

mahiralkhoir

Members
  • Posts

    27
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by mahiralkhoir

  1. On 19/11/2015 at 0:04 AM, Baptiste Penaranda said:

    Hi,

     

    I would like to add a parameter to Agent installation command line : a static group, since I can set it with normal installation.

    Any way to do this ?

    I dont know if using command line.. but as long your agent.msi in the same path with install_config.ini (generated from ERA, select GPO or SCCM script). I am using shared folder, than execute remote command with msiexec.

  2. We found many email spam like request reset password to our user. We are using Endpoint Security and ESET Mail Security for Exchange, still not block email like this bellow.

    mailspam.png.baa063c8f5eb73a0ab618c95a0b9e150.png

    URL Link at email body looks like phising site _hxxp://vazweb.com.br/cn/index.php?userid=user@domain.com

    How can i block this email with EMSX or EES ?

  3. Instead using generated .bat file from ERA, i am create a simple script using autoit that stored configuration like ( hostname server, port server, agent certificate, and authority certificate ). You can see example here https://forum.eset.com/topic/5140-another-way-deployment-agent-and-endpoint-together/

    Create custom package from ERA 5 (contains custom script + agent + endpoint ), then using ERA 5 push install task. IMO, the easy way to deploy agent if your environment MS Active Directory is via GPO or SCCM.

  4. To me it's not clear what you mean by "I can set client custom for computers with mirror enabled or Update server".

    In Endpoint v6, you can specify a custom path to mirrored update files. Mirror can be created using a command-line Mirror tool or using Endpoint v6 or a server v6 product (EMSX, EFSW, EMSL, ESHP).

    However, by using an HTTP proxy you'd normally save a lot of data as only files that would be really needed by clients and have not been downloaded by any client yet would be downloaded. This is different to mirror which would always download all files with every update (more than 100 MB with each).

     

    You wrote "Don't suggest me to create apache http proxy, because internet access not allowed." However, if there's a single computer with Internet connection in the network, you can install HTTP proxy on it and confine the proxy for access to ESET's servers only.

     

    Maybe you don't believe, if i say there are no computers with internet connection directly except notebook for branch office manager. We can't use that notebook as HTTP Proxy, because they are not always in the office. Every computer connected head office via VPN through VSAT connection, only for specific port (internal application and 2222, 2221 for ESET communication). I know mirror download huge files, but its fine for us when i open ESET communication only at 00.00 AM and 17.00 PM.

     

    Another reason i don't use HTTP Proxy because it must installed, if computer broken you must installed again (its mean i need new images os with additional apache http proxy installed). So for now mirror for endpoint for us was the best solutions. Just change policy to activated mirror from ERA, and its done.

     

    As I do understand correctly, this is related to "tagging" computers for rapid identification of the ones, that are serving as update mirrors.

    Custom fields were removed, but for the next major (however not the upcoming 6.5 release) we are planning to introduce advanced tagging options, that will resolve this problem.

     

    Yup, you are correctly.

     

    May i ask you, can ESET provide msi apache http proxy installer that can be configurable for silent install instead zip files ? i think is very helpful for deployment.

  5. I am migrate from version 5 to 6. In version 5 we have many branch office ( 500+ ), every branch have one or two computer that connected to head office and assigned as mirror for local update 5 - 10 computer. The problem is when migration from era 5 to era 6, dynamic group, policies, and computers cannot migrated.

    I am trying re-creating group or re-searching endpoint with mirror enabled, so i can monitor branch office update.

    ps : don't suggest me to create apache http proxy, because internet access not allowed.

  6. Apache HTTP Proxy is a good solution for customer who have internet connection ( in all computer have access to the internet ). But for some customer with limited internet connection, its very difficult. I do some test with Apache HTTP Proxy and Mirror Tools for client with very very limited internet access. Let me explain my experience using Apache HTTP Proxy :

    1. Apache HTTP Proxy act like proxies server, when there are no request no cache. Even if there are request, some client just downloaded directly to the internet via Apache HTTP Proxy, not from cache. I am very happy, if ESET can prove or showing some log which Apache HTTP Proxy 100% delivering cached file to endpoint. Mirror Tool downloaded once from local or internet, 100% deliver it to endpoint.
    2. Proxy good for caching installer file ( mirror tool can't), but you must maintain cache from Apache HTTP Proxy, directory cache always grow up. So you must run htcache clean tools for resolved some issue ( manually or you can set up cron/scheduler ). You dont need clean up temp mirror tools.
    3. Cache directory from Squid or Apache HTTP Proxy very difficult to copy or migration. Mirror tools just copy.
    4. You must update some version Apache HTTP Proxy manually for solving some problem. So far Mirror tools nope.

    I am not hate Apache HTTP Proxy, i am still using it for activation client who are not have internet connection. It exception because connection for activation not much as update signature. Because there are no way you can activated endpoint from ERA without internet connection.

  7. I think mirror tools for now its good enough. I have create some script ( bat or bash ) for setup mirror tool for our client, and our customer looks happy with that.

     

     

    But for the future, maybe ESET should included wizard/check box for automation setup mirror tool when install ERA using All in One installers. For http server just put in webapps tomcat directory.

  8. I am setup per user permission, dashboard, generated report, computer menu works great. Dashboard only display assigned static group, generated report and computer menu works too. But not for Policy, Notification, Dynamic Groups in Admin Setting. Simple question :

     

    "whether it is possible in era to only displaying Policy, Notification, Dynamic Groups in Admin Setting per assigned group ?"

     

  9. Its simple, go to settings - in the bottom you will find User configuration

    1. Then add white-list and black-list category then save
    2. Set action for white-list and black-list then save
    3. Add sender address using "|" in the front then save
    4. Address will be found, in right panel, in my case SMTP, then Choose parent config for address inputed

    post-1569-0-83434500-1445500596_thumb.png

  10. I think the problem about DNS resolving, i am just reinstalling Agent on the Server. But after restart, icon and data gone again.

    Trying change DNS Server, and wait for sync. So far information about client on dashboard Oke, i will report back.

    ./Agent-Linux-x86_64.sh --skip-license --cert-path=Agent.pfx --cert-auth-path=CA.der --hostname=server.hostname.com --port=2222
    
  11. I'm try to install ERAS on CentOS 7. Installation successfully, trying restart once for makesure.

    But after one client connected and restart server again, there are no information about connected client ( even agent on localhost )

     

    post-1569-0-02492700-1444377700_thumb.png post-1569-0-79599000-1444377716_thumb.png

     

    I am also see for an agent and server status, everything fine

     

    post-1569-0-49996000-1444378202_thumb.png post-1569-0-71840900-1444378210_thumb.png

     

  12. I'm trying to make dynamic group by IP Range with ERA 6, and after read manual first hxxp://help.eset.com/era/6/en-US/rule_editor.htm

    Here the template

     

    IP Range : 172.17.77.1 - 172.17.77.254

     

    Operation : AND

    Network IP addresses, Adapter IP address : has prefix : 172.17.77.?*

     

    post-1569-0-91827600-1435566189_thumb.png

     

    Then create dynamic group by that template, but there is no client move to this dynamic group.

     

    The Question :

    1. There are any wrong of the above configuration?
    2. How long interval for ERA to move client to NEW dynamic group ?
  13. I know you can create MST transform and deploy through GPO or SCCM.

    But if you dont have network with AD it can some trouble,

    Anyway deployment with pstools its a good idea, thanks !

    But, i missed offline package installation from ERA 5

     

     

     

    This script contains 2 file agentcfg.ini and executable file.

    [Config]
    EndpointURL_32bit="hxxp://192.168.186.1/ENDPOINT/v6/eea_nt32_enu.msi"
    EndpointURL_64bit="hxxp://192.168.186.1/ENDPOINT/v6/eea_nt64_enu.msi"
    AgentURL_32bit="hxxp://192.168.186.1/ERA/Standalone/Agent/Windows/Agent-6.1.444.0_x86.msi"
    AgentURL_64bit="hxxp://192.168.186.1/ERA/Standalone/Agent/Windows/Agent-6.1.444.0_x64.msi"
    HostnameServer="192.168.186.1"
    ERAPort="2222"
    AgentCert="Your BaseCode64 Agent Certificate"
    CACert="Your BaseCode64 Authority Certificate"
    

    Edit and change according to your server configuration.

     

    attachicon.gifv6-einstaller.png

     

    Maybe this trick can helping sysadmin for deployment ESET more easier.

     

    Notes : you must compile using autoit for get executable file

     

×
×
  • Create New...