Christian Stück
-
Posts
48 -
Joined
Kudos
-
Christian Stück received kudos from SALC in Apache http Proxy Auth Problem
Hi Forum,
i'm a bit stuck here trying to set up Apache http proxy with authentication.
Apache proxy is st up to forward Protect Agent Replication from WAN to protect server.
It works as long as i don't enable Password auth
I followed this Doc: Apache HTTP Proxy installation - Linux | ESET PROTECT | ESET Online Help
9.Optional basic authentication
curl test works
curl --proxy proxyserver:3128 -U esetproxy:............ https://protectserver:2222 logfile: 127.0.1.1:3128 10.95.215.65 - esetproxy [25/Oct/2022:14:43:50 +0000] "CONNECT erafix.intern.woelfel.de:2222 HTTP/1.1" 200 1611 "-" "curl/7.68.0" Agent-Communication does not work:
127.0.1.1:3128 10.95.215.25 - - [25/Oct/2022:14:44:09 +0000] "CONNECT protectserver:2222 HTTP/1.0" 407 760 "-" "grpc-httpcli/0.0"
Error: Replication connection problem: failed to connect to all addresses (code: 14) for request
Agent got the right policy with username/password set.
Any ideas how i can further investigate?
Thanks in advance!
-
Christian Stück received kudos from IggyPop in Secure Authentication iPhone Backup
Okay, thanks!
Another Reason to use iPhone Transfer or iTunes Backup.
iPhone Transfer includes Authenticate-Data.
-
Christian Stück gave kudos to Benjamin82 in Future changes to ESET Endpoint programs
Application Control/Whitelisting. I've inquired before about this, but I view it as a core capability that ESET still lacks. Microsoft's tools for application control are varied and cumbersome to manage. SRP is dated, Applocker only works on Enterprise versions of Windows 10 and 11, and Windows Defender Application Control is probably the most cumbersome yet of their application control tools. So my suggestion would be some manner to whitelist authorized applications (via hash, publisher, etc.) and effectively block execution from user writeable directories within ESET. Basically similar to how SRP and Applocker works.
-
Christian Stück gave kudos to schuetzdentalCB in Future changes to ESET Endpoint programs
Include BadUSB Prevention like G Data's USB Keyboard Guard. That would be cool. It scans all connected devices and after that, every other/new connected usb device will need to be allowed manually. user interaction or by eset protect backend.
-
Christian Stück gave kudos to thae in Future changes to ESET Endpoint programs
Description: Users can send request to allow a device
Details: When users plug in a blocked USB device, a pop up is shown to send an e-mail to the administrators for a request to allow this device. The Manufacturer, Model and Serial Number should be in this e-mail.
This was possible in our last Endpoint product, but in ESET it's kinda complicated. You have to enable diagnostics log, so that we can see all the device control info of a PC on the ESET server and the devices are marked with warnings, because that's enabled.
-
Christian Stück received kudos from Peter Randziak in ESET Endpoint Antivirus for macOS 7 with completely new architecture Early access program signup
Even better! Thanks and sorry for not getting it by myself. Have a nice day!
-
Christian Stück received kudos from NateS in Migrate ESMC from Windows Server to ESMC VA
Hmm, i would think if you do "clean install with same ip" it should work.
Of course thats more a manual move than a migration because you have to reconfigure everything like polices etc.
Did this once for a customer who wanted to move from VA to Windows and ist was less effort than i thougth.
By my experience its easier to keep all clients when you choose "same ip, same certs".