I have a question about http(s) filtering. I have ESET File Security 7.1.12006.0 installed on RDS server. I set it up so it blocks all http(s) connections "List of blocked addresses: *" and only allow specific hosts, for example "*.eset.com/*", "*.microsoft.com/*" etc.
I Noticed that ERAAgent.exe makes requests to different addresses in these ranges: 91.228.166.* and 91.228.167.*
Is this the desired behavior? If yes, can I somehow allow them safely? What I mean by that is, if I allow "91.228.166.*/*" then one could open "hxxp://91.228.166.somedomain.com" which is not good.