Jump to content

kapela86

Members
  • Posts

    190
  • Joined

  • Last visited

Kudos

  1. Upvote
    kapela86 received kudos from Ajvan in Problems on Windows 2012 R2 RDP   
    For now I restart our RDP servers every sunday when no one is working. No problems so far.
  2. Upvote
    kapela86 gave kudos to Marcos in Small fix on "Operating system support policy and ESET products" page   
    Thanks for the heads-up, I've reported it to the documentation team.
    P_DOC-9577
  3. Upvote
    kapela86 gave kudos to Tomasz Trynkowski in Disable "Your operating system is out of date" notification   
    There's also one more peculiar issue tied to this that i have noticed. There is actually a setting that (on surface) seems it should do exactly what was asked for in this thread. It's in agent policies (advanced settings/operating system block). And it even works! It disables the system out of date notification! Except, it works on the notification that is shown locally, in Eset Endpoint Security. It does not prevent the agent from pushing the very same notification to Eset Protect. 
    Which is the exact opposite of what i'd expect. Personally, i'd think that notification settings for each local Eset Endpoint program instance would be in Eset Endpoint policy (hint: they're not present there), and the Agent policies would be tied to Protect notifications only. Instead, it seems to work sort of backwards, completely counterintuitively.
    I'd suggest moving the local notification to the notification settings in Endpoint policies, and switch the already existing Agent setting to work on Protect client status reporting instead.
  4. Upvote
    kapela86 gave kudos to arusconi in ESET PROTECT on Rocky Linux   
    It will be a major change. Surely the migration process will involve the creation of a new appliance. My choice in such a case would be Debian.
  5. Upvote
    kapela86 gave kudos to T3chGuy007 in Stop Auto-Updates   
    I understand keeping ESET products up-to-date is very important, but why not leave it up to the customers who pay for your products to decide when to update their devices?  I always keep my products patched, but I decide when to apply them and schedule reboots.  I don't like it that you apply the updates without admin approval and when I login to ESET PROTECT, I find red alerts all of my devices.  What if you push out an update and two hours later, you find it causes a major problem?  You also said that you have an opt out policy, but I don't think you do.  If you did, you would allow customers to permanently disable auto updates and manage them on their own.  If some customers want to keep your auto update policy enabled, that's fine, but you should allow customers the choice to do enable it or keep it disabled without having to worry about it re-enabling.
  6. Upvote
    kapela86 gave kudos to Marcos in Stop Auto-Updates   
    That's because the setting is not applied for security and stability updates. V9.0.2032.6/7 is a security update.
    https://help.eset.com/ees/9/en-US/security_stability_updates.html
  7. Upvote
    kapela86 gave kudos to Marcos in And so it begins....   
    In this case it is an important security update which is installed and therefore the protection status changes to red and tells to reboot the machine. After the reboot, the product will be upgraded to the latest v9 version and no further restart will be needed. In the future when there's a standard program update available, the protection status won't turn red and users will not be distracted by a change of the protection status. Upgrade will be performed silently the next time the OS is (re)started.
  8. Upvote
    kapela86 gave kudos to T3chGuy007 in Stop Auto-Updates   
    Hello.  I do not want my PCs to automatically update to the latest version of Endpoint Security when it's released, so I created a new policy to disable the auto-update feature per the article below.  I assigned this policy to my 'All' OU and then I unassigned the built-in auto update policy from the same OU.  However, I upgraded ESET Server Security on my ESET PROTECT server and I discovered the built-in auto update policy was reassigned to my 'All' OU again.  How do I prevent that built-in policy from reapplying to all of my devices after an upgrade?  I want to handle software updates manually and not have it managed by ESET PROTECT.  I cannot delete the built-in policy, but it seems unassigning only works until the server is rebooted or upgraded.
    https://support.eset.com/en/kb8147-opt-out-from-auto-updates-in-eset-protect-and-eset-protect-cloud
  9. Upvote
    kapela86 gave kudos to Peter Randziak in Endpoint Security can't connect to Push Notification Service   
    Hello guys,
     
    Let me share few findings of our support and dev teams on this with you.
    Endpoint 9 started to use EPNS instead of DNS requests to check for license changes. Endpoints 8 and below didn’t report an issue if this check failed.  
    When it comes to issues reported on ESET PROTECT Virtual appliance
    The issue seems to be the default setting of the following module "reqtimeout_module" which is used/loaded only on VA (this module provides a way to set timeouts and minimum data rates for receiving requests).
     The issue should not be present on the Windows version of the Apache HTTP PROXY because this module is not loaded there.
    The workaround could be (1) disabling this module on the VA or (2) setting the appropriate values. We are not sure what is the preferred way and how it might affect other services, as it was not fully tested yet.

    To disable limits (i.e. "(2) setting the appropriate values"):
    set "RequestReadTimeout header=0 body=0"
    in the newly created(in /etc/httpd/conf.d/) configuration file "reqtimeout.conf" with settings mentioned above
    and of course the file has to be included in used configuration "IncludeOptional conf.d/reqtimeout.conf" in the "/etc/httpd/conf/httpd.conf"

    We are expecting some official solution in the following days.
     
    If the customers do not use the Apache HTTP Proxy on VA, enable the Direct Cloud advanced logging, reproduce the issue, collect the logs by ELC and open a ticket for our support teams to check.
      
    The configuration option for App status and Notification of "Eset Push Notification Service server cannot be reached" state will be added (P_EESW-8067) The  "Do not remind me again" from EPNS app status doesn't work issue is tracked to be fixed (P_EESW-8048)  
    Regards, Peter
     
  10. Upvote
    kapela86 gave kudos to Marcos in Endpoint Security can't connect to Push Notification Service   
    To sum it up, the issue may be caused by 2 things:
    1, If you use Apache http proxy on Linux - the configuration of the http proxy is incorrect. Please refer to the post above how to fix it. Apache HTTP proxy for Windows is not affected.
    2, If you don't use Apache http proxy - the issue is caused by a bug in Endpoint v9 which checks for EPNS connectivity even if checking for license changes via EPNS is disabled, ie. when the interval check is set to "Limited". Solution: change it to Automatic. If you need to have it set to Limited for whatever reason, there will be a fix via an automatic module update within a couple of days. Please use "Automatic" at least temporarily until the new Direct cloud communication module is available.

  11. Upvote
    kapela86 received kudos from alur in Endpoint Security can't connect to Push Notification Service   
    I have it on Automatic, and with proxy I get that message about Push Notification Service, and when I disable proxy in policies then that message is gone. So maybe there are two different bugs here, one with proxy and one with License Interval Check
  12. Upvote
    kapela86 gave kudos to Frost89 in For two months there were more bugs than for three years of use.   
    Hi.
    We use EES about more than three years. But never faced with so many bugs as now.
    1: This bug appeared two and a half months ago with the next update of modules. Now, after each signature update, a message is displayed in the main program window that "the program update is not executed, the authorization error". But it is not true and all modules are updated normally.
    1.1 License still valid, we checked.
    1.2 All modules up-to-date.
    1.3 Yes we use proxy and NO we will not change its settings just because you have changed something on your side. Three years everything was fine.
     
    2: This bug appeared only in version 9.0.2032.2. But you already know about it from other users.
     
     
    3: The third and most annoying bug appeared along with the version 9.0.2032.2 and the update of some module in version 8.1.2037.2 a few days ago. It is as follows. We have changed Windows privacy add one registry tweak:
    Registry Hive    HKEY_LOCAL_MACHINE
    Registry Path    Software\Policies\Microsoft\MRT
    Value Name       DontReportInfectionInformation
    Value Type        REG_DWORD
    Value                 1
    This tweak disable Malicious Software Reporting tool diagnostic data (stop sending data to microsoft). But now after each reboot, EES removes value name "DontReportInfectionInformation". I apologize but you do not have the right to change OUR Windows privacy settings without OUR permission.
     
    4: In version 9.0.2032.2, we noticed that you began to cache all DNS addresses in "C:\ProgramData\ESET\ESET Security\dnscache.dat". This Is Not OK. You violate our privacy and confidentiality. We did not allow such data collection permits.
     
    Please fix all the existing problems or we will have to refuse to cooperate with you. We hope for your understanding.
                           
  13. Upvote
    kapela86 received kudos from Kamilos in Endpoint Security can't connect to Push Notification Service   
    I did 1 and 2, but that "Other" I don't want to, get your devs to create test environment in lab and see for themselves.
    eset.zip
  14. Upvote
    kapela86 gave kudos to igi008 in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Hello, thank you very much for reminding those things. Yes, we are also tracking these various smaller improvements. Unfortunately, capacity is limited, and we need to solve a lot of things with higher priority with broader business impact. However, do not worry. We have it in the backlog, and I hope that some of them will be able to address in the upcoming release.
    # 1 Uptime
    There was a tricky part how often to synchronize. We are considering adding it, but not sure if directly to the main computer table, maybe under details and sync it in some time intervals.
    # 2 Service pack / OS version
    It is problematic because it is impossible to guarantee that MS won't bring some ServicePack for Win 10. Now is possible to parse this information from the "OS version" in ESET PROTECT (that is technically the OS build). However, is good to consider creating a new field "OS build" and report version (e.g., 20H2) to "OS version", but it needs to be analyzed cross-platform.
    # 3 Network adapters
    Now we are reporting more physical adapters also wireless.
    Yes, the problem with duplicity (IPv4 and IPv6) is not fixed yet, but it is planned.
    Many thanks for your patience, I hope you have found other interesting improvements in ESET PROTECT 9.0.
    And of course, we will also try to move forward the smaller improvements suggested in this forum thread, but in some cases, we need more time due to other priorities.
     
  15. Upvote
    kapela86 received kudos from Kamilos in Endpoint Security can't connect to Push Notification Service   
    @sdnian
    It's not that, I had it on Automatic
    @Marcos
    I checked /var/log/httpd/access_log and there are lot of entries
    [01/Dec/2021:13:38:47 +0100] "CONNECT epns.eset.com:8883 HTTP/1.1" 200 - "-" "-" but no GET entries.
    I disabled proxy in policy, after waiting a bit that notification is gone, so now we know that proxy is the culprit here. I didn't have it enabled on ESMC policies, I only changed it in Protect. I can live without it, but we have almost 90 computers in our LAN that use ESET, so I would like to start using proxy.
  16. Upvote
    kapela86 gave kudos to Kamilos in Endpoint Security can't connect to Push Notification Service   
    Hi
    I've got the same problem. In eset endp. av. version 8.1.2037.2 haven't got notification with error. After update few workstations to 9.0.2032.2 and using proxy http server in policy the note appears. Turning off policy with proxy make it disapears.
    I have over 150 workstations connectet to Eset Protect so turning off proxy polixy is unacceptable. ESET Management Agent 9.0.1141.0, ESET PROTECT (Server), ver. 9.0 (9.0.2144.0) in virtual appliance
  17. Upvote
    kapela86 received kudos from RXZ in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Even better, just send this information from agent to ESMC everytime he reports to it. And add this information in computer "Details" and maybe as a column in "Computers".
  18. Upvote
    kapela86 received kudos from Zen11t in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Even better, just send this information from agent to ESMC everytime he reports to it. And add this information in computer "Details" and maybe as a column in "Computers".
  19. Upvote
    kapela86 gave kudos to karlisi in Recomended way to upgrade ESMC Virtual Appliance to ESET Protect   
    https://help.eset.com/protect_deploy_va/80/en-US/?va_upgrade_migrate.html
  20. Upvote
    kapela86 gave kudos to HMCIT in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    When we update our ESET Agents we find that we need to have all our machines reboot.  With the reboot option in the management console the machines just reboot with no warning.  Any open work is lost and the user is confused, thus generating a call to the help desk.
    Would it be possible to have a reboot notification when pushing a reboot on a machine.  ESET is finishing an update and will reboot in 30min.  Reboot later or reboot now.

    I reached out to support and was told to post this request here.
  21. Upvote
    kapela86 gave kudos to Nono in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    For a long LTS, staying on Linux, I would peak Ubuntu LTS which is by far the best choice IMO. I would definitely NOT use Oracle Linux as Oracle isn't known to be a Long Term Free solution (see ZFS, MySQL, Java etc ....).
    On another way, if you're up to go on the unix world, I would definitely looking at free/openBSD 
  22. Upvote
    kapela86 gave kudos to opadilla in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    It would be great to have a "Repair" task for any ESET product to be run from ESMC. I have seen many problems that may be easy fixed with this. If there is a local endpoint repair option, there also should be available on tasks in ESMC for that same purpose. I would also be great also to add to this "Repair" process (I don't know if it already done this) to initialize all ESET client databases and download them again from the Internet or ESMC or proxy (it could also be an option inside the repair task).
  23. Upvote
    kapela86 gave kudos to karlisi in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    This was in Cloud Administrator topic but should be here too
    Description: A new task/setting to reboot computers with a popup message warning,
    Detail: Add the possibility to notify user that computer will be restarted when reboot computer task is triggered and let them for example 5 minutes to save/close programs/data.
  24. Upvote
    kapela86 gave kudos to chadczerny in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: Policy for disabling network drive scans when run from custom scan.
    Detail: It would be nice if we could have tighter control on the custom scan process. Right now users can scan the mapped drives that we have set in group policy. To avoid potential performance hits to our file servers if someone were to run this scan on a mapped drive, a feature to disable scanning of mapped network drives would be nice.
  25. Upvote
    kapela86 gave kudos to tbsky in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    It had been discussed again and again. but I still want to say: with endpoint 8.0, Please give up stupid MySQL and use MariaDB. check current system requirement it is really funny:
    MySQL ODBC driver versions 5.3.11 and later, 8.0.0 – 8.0.15 and 8.0.18 and later are not supported.
×
×
  • Create New...