Jump to content

DeltaSM

Members
  • Posts

    17
  • Joined

  • Last visited

About DeltaSM

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Belgium
  1. Hello Folks, I also have this notification (warning) since I proceed with the update from 8.0 to 8.1 on some PCs. So something changed between the two versions. It's quite annoying and was better before. Regards, DeltaSM
  2. @Marcos I tried these two examples: 1st: Disabling all ESET protections. 2nd: Creating exceptions in Performance exclusions with the following paths: A. C:\Users\*\AppData\Local\JetBrains\Transient\*.* B. %PROGRAMFILES%\Test\* 3rd: Downloading and pasting EICAR test files in those folders. 4th: Turning all protections ON again Test A is not working and when accessing to the folder and files are deleted. Test B is working and when accessing to the folder are still present. As mentioned by @itman I think that wildcards are not support in a path except for the end. This is really annoying
  3. Hello Marcos, Indeed, this makes sense. I understand. I just tried C:\Users\*\AppData\Local\JetBrains\Transient\*.* but it doesn't work. I guess there is not other solution?
  4. Hello, We have the following version of the ESET Endpoint Antivirus: 7.1.253.0. We purchased a new development software. In its prerequisites, it is asked to add exceptions in antivirus software in the following location: %LOCALAPPDATA%\JetBrains\Transient So i tried to add this in ESET (performance exclusion): %LOCALAPPDATA%\JetBrains\Transient\* %HOMEPATH%\AppData\Local\JetBrains\Transient\* %USERPROFILE%\AppData\Local\JetBrains\Transient\* Nothing is working. C:\Users\*\AppData\Local\JetBrains\Transient\* Still not working. I read the following article: https://help.eset.com/eea/7/en-US/idh_exclude_format.html?idh_performance_exclusion.html Indeed, %LOCALAPPDATA%, %HOMEPATH% or even %USERPROFILE% are not working. This is really annoying... I did another test with %PROGRAMFILES% and it works well but this is not a solution... Is there any workaround? Kind Regards, DeltaSM
  5. Hello Jdashn, Thanks for the explanation. Unfortunately, the use of non-admin rights seems pretty impossible in our case. We have already policies that are more and more strong and we also try to raise awareness among our HR department... Life is not simple for an IT department Regards, DeltaSM
  6. @MichalJ: It will be nice! Thanks a lot for the feature request! @jdashn: Silly question: why is password bypassing easy in Safe Mode? @Marcos: we didn't password protected our parameters because our administrators to add exceptions for SSLfiltering for example. This is the main reason: if they connect a device with a self-signed certificate, they can't connect to it without the possibility of adding exceptions.All the other settings are locked. ESET solutions are very good but I think there are lots of improvements to do on the user side. Admin should device or not if users can add their on own exceptions/exclusions. I know this is feasible but you have to set no password or either don't set exclusion policies (which is set in our case). I know that it would be improved in the next release
  7. Hello Marcos, thanks for your answer. Problem is, if override mode is available for users and that password is set, that means users must know the password to access it because it is in the advance setup parameters. If they know the password, they could also uninstall the software. So it's not good in this case. A good feature for the future would be a dedicated password for uninstalling like ESET Agent.
  8. Hello, We use ESET Endpoint Antivirus on our computers. Some users are Administrators (developers which need full rights) and others are "simple" Users. We did configure parameters of the Endpoint without password so that Administrator users can add some exceptions if needed. We did block some parameters that can't be modified by users even if they're Administrators. Everything is OK except that, if no password is set for parameters, Administrator users can uninstall the Endpoint without any problem. My question is simple: is there a way to block ESET Endpoint Antivirus from being uninstall from an Administrator user without setting a password on the parameter? Is there a way to set a password for software removal only (like ESET Agent)? Regards, DeltaSM
  9. Hello MichalJ, First of all, Best Wishes for 2018! Sorry for the delay, I understood how it works now thanks to your explanation. Problem is solved. However, in this explanation (hxxp://help.eset.com/era_admin/65/en-US/index.html?admin_pol_ordering_groups.htm) I don't understand why for PC2 the order is 1.ALL 2.SG1 3.DG1 4.PC2 According to your explanation it should be: 1.ALL 2.DG1 3.SG1 4.PC2 Am I wrong? Why is DG1 at level 3? For me it's at Level 1 like all no? Kind Regards, DeltaSM
  10. Hello, I'm currently setting policies for my computers but I'm quite lost... How are policies applied? In which order? I just read this article hxxp://help.eset.com/era_admin/65/en-US/index.html?admin_pol_ordering_groups.htm If I understand well, policies applied on dynamic are applied AFTER policies on static groups and it should be these policies on dynamic groups which should have the priority right? I don't understand why it doesn't work in my case. Example: Static Groups: ALL (no policy applied on root) -> PC (with Policy 1) ==> COMPUTER IS HERE: MY_COMPUTER (no policy directly applied) -> PCP (with Policy 2) Dynamic Groups: Non-Admin Computers (with Policy 2) What is the order of policies applied on MY_COMPUTER? For me it should be Policy 1 (because of Static Group) and then Policy 2 (because of Dynamic Group). Unfortunately it doesn't work and it's still Policy 1 that is applied. I checked and MY_COMPUTER is well in the Dynamic Group. Regards, DeltaSM
  11. Hello Marcos, First of all, thank for your answer! 1. As a workaround, as you suggest, I put all policies needed by static groups on these groups directly instead of using the "All" group. The reason why I was doing that before was because it was simply easier. It's not a problem anymore but it should be a great feature if we could disable policies inheritance for a static group or a single computer for example. Especially for test purposes. To sum up:problem solved. 2. So it would be possible to deliver exceptions/exclusions from ERA through a policy and still allow the user to add his own exceptions/exclusions? It would be nice! When is V7 plan to be released? EDIT: just found it was planned for Q1/2018. 3. This is a very annoying problem in our case. Especially for SSL filtering and certificates exceptions. We have several self signed certificates internally and users without admin rights are being prompted every time about these certificates. It represent a lot of work for our IT department to manage all these prompts. I understand that this a lack of security in a way but the most important is to have a popup in this case for us. So is there maybe a workaround? Moreover, what is the "Require full administrator rights for limited administrator accounts" parameter? Regards, DeltaSM
  12. Hello everybody, I recently deploy ESET Enpoint Antivirus and I have several questions/issues about it. First question: In ERA, for a specific computer or for a whole Static Group, is it possible to disable policy inheritance? I did search after this features but I couldn't find it. This is particularly annoying when you put policies on "All" static group and have to do some tests on a computer. I know that "Force" parameter exists but it should have a "Disable policies inheritance" feature. Second question: When adding paths or files to exclude (with append option) on the antivirus module and also certificates exceptions for SSL filtering to a policy, why is it impossible for a user to add his own exceptions after this policy is applied? I know that parameter are set by the policy and then user shouldn't modify these ones once applied but, in this case, we just want to have few paths and certificates to be delivered as exceptions for all our users and that users can still add their own exceptions. Problem is that once paths/certificates are applied, settings are locked and users can't add nothing anymore... I don't know if I'm clear enough because it's not easy to explain textually. To sum up: is there a feature for a user to add his own exceptions once exceptions are already delivered by admin through a policy? Third question (most annoying one): We have several users that are running Windows 10 Pro with Users rights (so NON Administrators rights) with UAC activated (default configuration on Windows). We don't set any parameters in the policy applied for files/paths/certificates exceptions in this case and so, users should normally add their own exceptions without problem. However, each time a user wants to add an exception, a prompt is coming and ask for admin credentials. We want our users to manager their exceptions and avoid to enter administrator credentials. That's why I thought that disabling "Require full administrator rights for limited administrator accounts" in the policy options would do the trick (see below on picture) but unfortunately it didn't and I'm still ask to enter admin credentials once I want to add a credentials or even modify the setup settings. Administrator users have no issues and no prompt. So no problem on this side. So question is simple: how can I avoid Administrator rights prompts when adding exceptions or modifying setup on a limited user account? I asked support for our reseller but it seems that they are quite lost too. Thanks in advance. Regards, DeltaSM
  13. Hello Marcos, Thanks for these information. Everything is ok in my mind.
×
×
  • Create New...