Jump to content

Cp3p0

Members
  • Posts

    21
  • Joined

Everything posted by Cp3p0

  1. Hey itman, That's a bummer. Have you contacted your local ESET branch? I'm sure any understanding inside sales team member will reimburse the difference and resolve the issue a lot faster than via the forums.
  2. Holy hell whats with you? You realize this isn't exclusive to ESET? Other AV's even Firewall solutions perform similar actions. You're joking if you think this is quote "plain WRONG! And it's DISCRIMINATION to say the least". Man, thank you for the good laugh.
  3. Hi all, I have a few issues with the new EMA2 and I'm hoping someone can help me out here. Please feel free to comment/contribute or advise whether any of this is user error. 1) Bright red Company/Site records in EMA2: This is the first thing you see when signing into the MSP portal. In EMA1, these were auto hid by default, however, we now need to manually apply a check box filter. (Why??) 2) De-provisioning sites: It is not uncommon where customers come and go. Unfortunately, it's not possible to remove these customers static groups from the ESMC which reside under the MSP Automation Framework. Imagine having 50 new customers & 10 leave in the space of 6 months. You'll have a bloated tree with endless static group records. (Suspending the site in MSP 2 will not remove the Static Group from the console). View from EMA2: View from ESMC: 3) Customers who no longer need certain licences/accidentally creating a "Full Licence": Previously I've mistakenly created sites with Full license opposed to selecting the "Trial" tickbox. Unfortunately it's not possible to re-create or downgrade the licence to a trial since a "Full" already exists. In the below screenshot you can see the customer no longer needs File Security for Linux so this is suspended. However, they still need Endpoint for Windows/File Sec for Windows. This unfortunately leaves a legacy record which cannot be removed from the console adding unnecessary noise. 4) Licence Management - Deactivate seats not connected to EBA/ELA In EMA1, we used this option in ELA to de-activate machines which are no longer connecting in. This worked great as certain teams would activate machines using the ELA/EMA account. Now, with EMA2, the activated seats are managed here and not from the EBA. This is great, however, we can no longer set these options for "Deactivate after x days" like we previously were able too.
  4. I guess it is not possible to create a Dynamic Group Expression to look for RDS/Terminal Servers.. 😅
  5. Hi all, Curious to hear whether people have successfully created a Dynamic Group Expression to identify RDS/Terminal servers? If so.... Please share your secrets 😅 Thanks
  6. Hey, I would first recommend ruling out any potential firewall from blocking the communication to ESETs repository servers. The list can be found here - https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall#era6
  7. Hi guys, Apologies If I'm replying on-top of anyone. We have a considerably large customer running the affected v5.0xx Endpoint along side a 6.x ERA. All version 5.x machines are updating from a v7.x File Security Mirror server. I've read that the current update module version 1559.4 resolves the issue. Two questions. 1) Is this module updated via Virus signature? Does the Mirror server need "Component Updates" enabled? 2) Is there any clear way to confirm that the affected machines have received this update via the ERA? Before we push out a later product installer, we want to absolutely confirm these machines are ready. Before anyone suggest checking on the endpoint itself, It's not really possible to check the hundreds of machines locally. Thank you
  8. Hey, When you create a new task in the ESMC, the task is added to a queue and will be executed automatically the next time the computer checks in (typically 1 minute which is default Agent replication time). Looking at the screenshot, the task was picked up and executed. You'll have to wait a little while for the status to change to either finished or fail. If you want the task to execute immediately, send a wake-up call to the computer via actions tab. This will force the computer to check in and pick up any pending task or simply update the machines status. Also, FYI, I would recommend creating a generic company ESET Business Account (EBA) www.eba.eset.com, adding your company licencing to this account, then signing into your ESMC with this EBA account. This will make managing licence usage of your licences much easier. ESET Security Management Center Administration Guide - https://help.eset.com/esmc_admin/71/en-US/ ESET Business Account Getting Started Guide - https://help.eset.com/eba/en-US/
  9. Thank you guys for the response! With your help I figured out what the issue was. The EI Server certificate only contained the EI Server host name. However, my EI Agents used the my server Alias as the "Connect to Server" address. Note to self, if you're going to use the alias for connecting your Agents, make sure it's also mentioned on the EI Server Certificate. (Not just the server hostname.... Duh)
  10. Hi Scott, Just my 2c... If you've got sometime to trouble shoot I would recommend giving the Manual Uninstaller tool a shot. https://support.eset.com/en/kb2289-uninstall-eset-manually-using-the-eset-uninstaller-tool You'll need to reboot your computer in Safe-mode then try again. This occasionally works for me.
  11. Hi All, I'm turning to the forums for help. I'm experiencing trouble getting my EEI Agents to report back to the EEI Server. After EEI Agent installation I receive the warning messages from within the ESMC: "Missing or invalid SSL certificate or certificate authority" & "Can't connect to Enterprise Inspector Server" From the trace log found under "C:\ProgramData\ESET\EnterpriseInspector\Agent\logs" on the machine I can see errors like: "Error while sending request to server at "xxxx.local:8093". unknown protocol" "Error while sending request to server at "xxxx.local:8093". certificate verify failed" Please help! I've been scratching my head but cannot see where I went wrong with the configuration? I will outline the steps I've taken below: 1) Install the EEI Agent using the following Client Task from the ESMC console: 2) Apply a new ESET Enterprise Inspector Agent Policy where I define the only CA found in my ESMC under "Certificate Authorities". Please note there are no other Enterprise Inspector Policies applied: 3) After a replication or two these are the errors visible from the ESMC: 4) Trace log from the EEI Agent Machine: Re-installing the Agent both via Client task/Manual Repair does not resolve the issue :(. Any advice would truly be appreciated! Thank you.
  12. Hi all, I've got a question regarding SSL Inspection/Decryption, You'll have to forgive me for the uneducated and or limited understanding. Hopefully you can read between the lines.. Anyway, the majority of Firewalls now offer SSL Inspection or Decryption as they say, in particular, Forcepoint which requires importing a CA to every machine usually by the likes of GPO. Noting that ESET Endpoint products already imports a root CA on every Endpoint and perform SSL Inspection/MITM to inspect all traffic... Will this cause complications for with SSL Inspection enabled at a firewall/network level? Or is it one of those, "It's up to you whether you perform SSL Inspection at a Network/Firewall level or Endpoint level"? Or is it actually totally fine to perform this on both, will I need to import any trusted CA into ESET? Any comments, advise or general read that will better my understanding would be greatly appreciated. Thank you!
  13. Hi Aim2018, In order to give you accurate trouble shooting help we might need a bit more information on what you're trying to achieve. Assuming you're trying to push a installation package from the ESMC/ERA console, I would first check whether you have defined any HTTP proxy settings on the ESMC/ERA Server. (ERA/ESMC Admin/More > Server Settings > Advanced Settings > HTTP Proxy) Now ensure that the Proxy or ESMC/ERA are able to reach ESET's repository by white-listing the mentioned addresses: https://support.eset.com/Platform/Publishing/images/Authoring/Image Files/ESET/KB_ENG/Repository.txt
  14. Hi Andrew, Yeap. Just make sure that the Offline computers are able to reach the Server/Machine which has the HTTP Proxy installed on over port 3128. Now make sure that the Server/Machine with the HTTP proxy installed has a clear line of site to the following list of ESET servers found here: https://support.eset.com/kb332/#era6 -Download detection engine and module updates -Download product installers, updates -Expiration date -ESET Live Grid -Antispam -GUI -ESET Data Framework -ERA6/ESMC 7 -ESET Push Notification Service -Serives Now, make the necessary HTTP Proxy policy configuration changes from the ERA/ESMC and apply to all machines you wish to have updating locally. Agent Policy -> ESET Remote Administrator Agent -> Settings > Advanced > Use HTTP Proxy - Set to HTTP Proxy address. For the download of Security Software installation files (ESET Remote Administrator Agent/Advanced Settings/HTTP Proxy) Endpoint Antivirus Policy > ESET Security Product for Windows > Advanced Settings > Tools > Proxy Server - Can use either Corporate Web Proxy address or internal HTTP proxy address. Used for client traffic to the internet (Live Grid, Activation etc.) - (In your case do not set as Corporate Web Proxy as this will create issues with your offline licencing.) Endpoint Antivirus Policy > ESET Security Product for Windows > Update > Profiles > Connection Options > Proxy Server - Set this to internal HTTP Proxy. Used for Virus Signiture updates Please make sure the Server/Machine with the HTTP Proxy installed has a clear line of site, this includes no proxy chaining as it is not supported.
  15. Hi Zamar27, I believe you'll get a better response by submitting the potential false positive to samples@eset.com. Check out the requested information for submissions below: https://support.eset.com/kb141/ Alternatively, at your own risk try excluding the installation path for Twilight-Utilities https://support.eset.com/kb2769/
  16. Hi there, I have a brand new Samsung Galaxy J5 Mobile with ESET Mobile Security installed. After removing the sim card due to work changing mobile carriers the sim guard kicked a fuss and locked the device. I'm glad the Sim guard feature works, however, not so glad that the device lock screen has bugged out. As per picture, If I click the "<" Arrow nothing appears to happen. Same with spamming the Home/Go back/Window key's... There is no visible field to type my unlock password or view unlock options. ------------------ It got me thinking, is it possible to restart the mobile in Safe-mode after the battery finally dies and remove ESET? If so..... Is there any way I can force a restart or drain the battery flat... It was on 100% battery life two days ago when the lock occurred.. I suspect I'll be waiting a few more days until it drains flat :S Thanks!
  17. Hey Edmund129, Follow my above steps clearly, it's guaranteed to work. So far I've resolved at least 20 computers with this issue.
  18. The solution I found for this exact message was to open Chrome prompting the JS/Mindspark message leaving it open - Then drag this to the corner of your screen out of sight, Now.... 1)Chrome>More Tools>Removing all extensions except for Google related ones. 2)Clear cookies & cache under advanced settings 3)Drag the prompt back on screen and select "Clean" for all prompts.. You'll then be notified to restart the computer, select yes.. When the computers back up and running open Chrome and these messages will be gone. If you then choose to do so, you can re-add the extensions later.
×
×
  • Create New...