Jump to content

JAF1979

Members
  • Content Count

    11
  • Joined

  • Last visited

Posts posted by JAF1979

  1. One of the forthcoming builds of the HIPS module should add an option to use wildcards within the path which should be a solution to your issue. Also we're trying to find a way how to make the use of user variables possible in ESET's products as ekrn runs in the local system account by default and therefore user variables don't resolve.

     

    Any idea of when this "forthcoming" option might become available within ESET??

  2. From my understanding, Windows 7 Professional can be used to create AppLocker rules, but the rules cannot be enforced on computers running Windows 7 Professional. Only Win7 Ultimate and Enterprise.
    hxxp://technet.microsoft.com/en-us/library/dd759131.aspx

    All of our systems run Windows 7 Pro, so AppLocker does not seem like a viable option for me to use.

     

    I migrated from Symantec Endpoint Protection, which allowed me to block applications through SEP rules (which IMHO was the only good thing about Symantec). I was hoping to use ESET in the same manner to block apps.

  3. Description: The ability to customize notification messages to sites that have been blocked/filtered through ERA policy.

     

    Detail: Currently, when an employee is prevented from accessing a site that fits a certain category, for example "Gambling", they see a notice that the site was blocked because it fit the "Gambling" category.  It would be great if we, the IT Admins, were able to customize the warning message that the end user sees. For instance, we could customize the message to "Notify the user that the site they are accessing violates XYZ policy, etc. And to contact the Help Desk should they require further  assistance."

  4. ChadH,

     

    Sorry for the long delay in responding to your suggested workaround. Unfortunately, I never got a chance to reply back that it did not work, as you have indicated in the edited post above.

     

     

    Is there any idea of when we will see a solution to this issue?

     

     

    My users are currently running amuck installing these kinds of programs and I have to keep a constant eye on my logs to see who has what installed. They all claim ignorance to our policy against installing software and management is reluctant to discipline those who violate the policy. Sadly, all I can do is continue to ask my users to remove the software once it is discovered to be installed on their system.

     

    I have executive-level users that have approval to use the site (Dropbox), so I can't block the site itself. They are just not allowed to install the app and being able block these types of applications through a global ESET policy would make life much easier for all IT admins!!

     

    Thanks...

  5. I am a former Symantec Endpoint user. I switched the whole organization over to ESET Endpoint Security because it was a far better product. But as with all comparable software, there is always something that the other guy has that you wish you had.

    Description: Ability to quickly verify that ESET client is reporting back to ERA server.

    Detail: With Symantec, the system tray icon is a gold shield that would display a GREEN dot whenever it was reporting to the main server. The green dot would be missing if it was not reporting to the main server. Which was a great visual aid for our end-users to see if their system is checking-in to receive the latest policy updates and definitions. It would be a great feature add-on for ESET to have a similar display icon that visually indicates that the client is checking-in with the ERA server. Perhaps have the "eset-eye" turn a different color when it is connected to the ERA server. See examples below:


    Green = Normal, up to date, checked-in to ERA server

    post-1822-0-18037900-1382097375.jpg

     

    Blue = Normal and up to date, not reporting to ERA server

    post-1822-0-65882800-1382097374.jpg

     

    Red = Problem!! Needs attention!

    post-1822-0-72080900-1382097376.jpg

  6. I have this same question. I am using Endpoint Smart Security v5 for business.

     

    I tried the suggestion, but unfortunately it does not work for certain types of applications that are not installed in the same directory across all systems. Applications such as Dropbox, which can be installed by a standard user, is installed under the user's profile (c:\users\username\AppData\Roaming\Dropbox\bin\dropbox.exe) and not the standard c:\Program Files\Dropbox etc.

     

    I tried following the same steps and created a policy from ERA and instead replacing the actual username with %username% in hopes that it would automatically fill in the name of the user that is logged in, but that didnt work either.

     

    Open to any other suggestions as this is something that I REALLY need to be able to implement in order to prevent my clients from using unauthorized software.

     

    Thanks for your help!

     

  7. Description: Application Blocking - Ability to BLOCK certain applications from running or even being installed.

     

    Detail: It would be great if ESET could implement a way to block certain applications from running or even being installed. By using the ERA, an Administrator could create a policy that would BLACKLIST (or WHITELIST) certain applications from being installed, launching and/or running as a service. 

     

    Symantec Endpoint Protection has this feature and it allows you to block an application from running either by it's application fingerprint or executable name. 

    With the development of certain applications, such as Dropbox, Chrome, Spotify, etc., that have the ability of being installed under a Standard user's profile which circumvents the need to be an Administrator to install an application, it is becoming more and more difficult for IT administrators to block these type of "rogue" apps from being installed on a computer by standard users. Most of these apps use common ports for outbound and inbound communication so they are not easily blocked using firewall settings.

     

    Hope to see this feature implemented SOON!!

×
×
  • Create New...