Jump to content

Dan Massameno

Members
  • Content Count

    12
  • Joined

  • Last visited

Profile Information

  • Location
    USA
  1. MichalJ, I totally see where you're coming from. Requiring the ERA Agent to be knowledgeable of every Antivirus software on the planet would be impossible! May I suggest the following pseudo code that I suspect would catch 99% of the antivirus packages out there... 1. Does the OS report a antivirus app is installed? If yes… 1.a Is it the built-in OS antivirus (e.g., Windows Defender, or Windows Security Essentials?) If yes, return FALSE. 1.b. Otherwise, return TRUE. <<One would hope this would catch just about everything. :-) 2
  2. Bundled tasks would be a useful feature. Bundling the remover and the EES installer would be something I would do. But it still would be nice to have a Dynamic Group Template to identify Foreign 3rd party antivirus. Maybe the removal process didn't work. In which case it would be nice to have a report or dynamic group to show the administrator what machines need manual remediation.
  3. I don't know what the "symbols" are that you are referring to. I was referring to the Dynamic Group Templates (DGTs) in ERA Server. Screen shot attached. For example, Functionality/Protection problems, Functionality/Protection Status and Functionality/Protection Status of computer all have a of subclass "Status" (see screen shot.) The available options to match on for all three items are Malfunction, OK, Security notification and Security risk. It seems like these are complete duplicates of each other and would (probably) produce the same result.
  4. For instance, Functionality/Protection Status of computer has the subclass Status. Functionality/Protection Status has the subclass Status and Source. Functionality/Protection problems has the subclass Status and Source and Problem and Feature. It seems like Functionality/Protection problems came along later in the evolution of the product and makes the other two obsolete.
  5. Yes. I know that's how you need to do it now with ERA 6.4. I'm asking if this is a great idea for an enhancement to a future version of ERA.
  6. I'm a VAR and I walk into a a number of sites where the management of the IT systems is a little "haphazard," to be kind. :-) The method from MichalJ would work if all the machines in the organization had one particular 3rd party antivirus app installed. That assumption breaks down quickly when you find out that the machines out in Shipping Department have Kaspersky installed. OK, well you might have been able to identify that if you ran a report on all apps installed across all machines and manually looked through a huge list and said "ah ha! Kaspersky" and added it to the filter.
  7. This seems like a good area to request a feature enhancement (ERA v6.6). To detect if any antivirus is installed I can use: Functionality/Protection problems-Feature NOT-EQUAL Antivirus That will trigger TRUE if something is installed, including EES or Defender or other 3rd party app (e.g., Symantec), I can use Computer-Managed Products Mask To detect if it is a ESET product is installed. None of these existing filters get us to what we want. We want to know if a 3rd party app is installed. I think we need a dynamic group filter named Foreign Antivirus Installe
  8. The Functionality/Protection problems dynamic group template seems to have all the settings and more of the Functionality/Protection Status template and the Functionality/Protection Status of computer template. Is the Functionality/Protection Status template and the Functionality/Protection Status of computer template legacy templates from prior versions of ERA? If yes, now that we have ERA 6.4, should we just stick with the newer Functionality/Protection problems template and ignore the other two? Thank you.
  9. How can I setup a Dynamic Group Template to identify machines that have no antivirus on them? I want to use this Dynamic Group Template to identify those machines that are ready to get ESET Endpoint Security installed. I want to exclude machines that have Symantec, Panda, Norton, Vipre, AVG, etc. installed (they need remediation steps before I have the ERA Agent install EES.) Thank you.
  10. Are all Dynamic Group Templates sent to the remote Agent, or just those that are used by ERA to categorize computers into existing dynamic groups? The reason behind the question is (to use an example) if I have one-hundred Dynamic Group Templates but only five of them are used to assign computers to Dynamic Groups, are all one-hundred downloaded and evaluated by the remote Agent? If yes, that might cause a slow-down of the client. Maybe I should work to eliminate unnecessary (unused) Dynamic Group Templates from the ERA Server. Thank you.
  11. I'm using a Client Task for uninstallation of "Third-party antivirus software (Built with OPSWAT)". Is this designed to remove/disable the Windows built-in antimalware (Defender or Security Essentials)? I'm finding that it does not and I'm wondering if it was designed to only remove 3rd party apps, or it's a bug, or I’m doing it wrong. Thank you.
  12. In March of 2015 the ESET agent Timos gave some insight on how computers are processed into Dynamic Groups: That's very interesting information and it helps me understand what's going on. But how can the administrator troubleshoot this process? I have some computers that don't seem to be getting into the right dynamic group. Can I enable some logging in the Agent to see: 1. What dynamic group templates are sent to the Agent when it last connected. 2. How did it process these dynamic group templates? What was the result (either they are in our out of each one)?
×
×
  • Create New...