Jump to content

ludolf

Members
  • Content Count

    39
  • Joined

  • Last visited

Everything posted by ludolf

  1. by giving out the password (even if that password is different then the general one), the user will be able to change the other settings. The expected behavior would be that user able to pause only the firewall, and not be able to change any other setting.
  2. Thanks for the reply. I'm sorry to hear that.
  3. Description: "Pause Firewall" permission with policy Detail: Client settings are locked down with password. The user ocassionally needs to disable/pause firewall, but we don't want to give out the password, just for this function. Also don't want to give to the user the possibility to change any other settings on the client.
  4. Hello We have ESMC 7.2.1266.0 on the server and EES 7 on the Windows 10 client. The user has local admin permission, but he only uses it as "run-as administrator". He doesn't log into the computer locally with the admin user. The EES settings are locked down with password. We would like to give a permission to the user: "Pause firewall", without giving out the password for the access setup. Setting a different access setup password for that computer is not a solution, because by doing that he could change the other settings also. How can we achieve this? thanks, Vilmos
  5. here: ESMC, select policy (product: Eset File Security for Windows Server), Detection Engine, Processes Exclusions, Processes to be excluded from scanning
  6. Description: ability to export folder exclusions from ESMC policy Detail: to migrate exclusions from one policy to another
  7. Description: ability to add process path containing environment variable: Detail: in ESMC policy, add process exclusion %systemroot%\System32\Vmms.exe doesn't accept, "Invalid value" c:\windows\System32\Vmms.exe this works +1: same value can be added multiple times
  8. Description: change behaviour of adding new file/folder exclusions #4 Detail: in ESMC policy, adding folder exclusions c:\test\* works c:\test*\* doesn't work, "invalid path"
  9. Description: change behaviour of adding new file/folder exclusions #1 Detail: I need to exclude all *.mdb files in c:\test and all subfolders Currently I can exclude *.mdb files only in the top folder (c:\test) but not in the subfolders Description: change behaviour of adding new file/folder exclusions #2 Detail: I would like to exclude all *.vhdx files, but without specifying folder/drive (ESMC says when setting this in policy: "Invalid path") If I type "\*.vhdx" into the field, I can save it, but if I scan a test file manually, the log file still shows: "Number of scanned objects: 1
  10. I understand that this issue doesn't exist at you, which is good. When I experienced this issue and restarted the service: - the clients reported back to the server - got the modified policy - email notifications are sent out Instantly. Nothing changed, fw, configuration, etc. Only the service has been restarted. This can be a bug in eset service or incompatibily between the OS and eset service. But I couldn't debug this, the debug log is not enough, or just don't understand some messages which could be relevant. If I could help to solve this, I would be
  11. - here is no third party plugin - also eraserver.exe process cpu utilization is ~50%, when the issue happens - clients don't seem to able to connect to the server (not all, but almost all), last connected time is the same hour, minute, second - clients don't get the modified policy on the servers, configuration tab shows "older" instead of actual (just a proof for the previous line) - notification emails are stuck on the server, until the next service restart Restarting the service solves all the above issues. I have no doubt, that the problem is with the service.
  12. Same here, waiting for fix. Scheduled service restart works as a workaround.
  13. I mean, I requested the actual policy in ESMC and I saw it differs from what configured for that client with policy. Today issue: EES 7.0.2073.1, esmc components upgraded, and on the client got this error in chrome: "Your internet access is blocked. etc. ERR_NETWORK_ACCESS_DENIED" The issue has gone after some minutes without changing anything in the policy.
  14. Similar issue today: client: EES 6.6.2052 Policy fixed (Not categorized->custom category group) And the client didn't apply correctly the policy. When I requested the current configuration, it showed the "Not categorized" category instead of the custom one. Tried to: - switch off the rule. It has been switched off on the client - create new rule with the custom category group. Client received this new rule, but still with the "Not categorized" group - created new custom category group, nothing - updated security components on the client, nothing Finally upgraded the
  15. Description: don't send notifications to all configured recipients Detail: we have 3 static groups: group1, group2, group3 All of them are maintained by different admin teams. For this reason we configured 3 notifications: Access group: group1 -> "threat notification" -> send email to group1@domain.com Access group: group2 -> "threat notification" -> send email to group2@domain.com Access group: group3 -> "threat notification" -> send email to group3@domain.com If an alert triggered in a group, all 3 groups receive an email about it. Only the affecte
  16. Hello Before the upgrade: - ERA 6.5 - webcontrol is enabled in two policies - created category group: "Torrent", selected some predefined urlgroup - created rule: "Torrent (block)", type category based. URL/category: "Torrent" (as above) Did the upgrade to ESMC 7 the URL/Category value changed to "Not categorized" and blocked some internal websites This happened after the upgrade, the policies haven't changed by us, and this occured in two policies, symptoms are the same. Unfortunately I couldn't reproduce this, maybe somebody could confirm. BR, Vilmo
  17. MichalJ, thanks for the answer. Audit log filter: for example somebody changed a server setting and broke a feature by doing this. I know what has been changed, but currently I cannot filter to it. If I could to filter, I would know who changed it, and ask him why did it.
  18. Description: possibility to export webcontrol/url groups/addresses Detail: possibility to export webcontrol/url groups/addresses. Usage example: ERA/ESMC used for more groups (more admin teams), with similar policies, and a group needs an existing url group in a separate policy . Export/import would the elegant way to migrate url addresses.
  19. Description: more details in audit log Detail: Reports/Audit log. If somebody modifies a policy, only one event added to the Audit log: "Modifying policy xxx" it would be nice to know more. What settings have been modified and before and after values.
  20. Description: more granulate audit log filter Detail: Reports/Audit log. If I would like to search for a specific setting ("who changed it"), I have to scroll down from page to page, or use CTRL-F Please add possiblity to filter string in "Action detail" column.
  21. Hello Eset endpoint security for MAC (latest version) is installed, which is managed by remote administrator. User has root privileges. How would you protect the agent+product from uninstalling? thanks, Vilmos
  22. Exactly. If somebody change product accidentally and saves the policy, the settings are lost. This shouldn't be happen. If the admin selects a product within a policy, and change any setting, the product selection list should be disabled. After this, if the admin would like to point the settings to other product, he should to create a new policy. IMHO
  23. Hello Description: disable product change possibility after any settings have been configured in a policy Detail: imagine the following: - create a policy - change some setting - change product within this policy - save the policy In this case all of the previous settings are gone.
×
×
  • Create New...