Jump to content

Lockbits

Members
  • Content Count

    59
  • Joined

Profile Information

  • Location
    Chile

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hello guys, Thank you for the input. The last question I've is the possibility to create a new template for a Dynamic Group and assign there the computers that have some type of activity that triggered certain rules and to assign a policy to block all traffic from ESET's firewall. Is this a viable approach? I only found the possibility to sort and group computers that have some type of functionality error or issue in EEI's agent. Thank you.
  2. Hello guys, We're in the final stage with this customer and EEI. They like the software but have the following questions: 1) They want to know if it's possible to automatically block certain malicious actions like Filecoder behavior or any behavior that EEI consider critical (the rules that are marked as critical in red color). The others not because they can generate a lot of FPs. They ask this because if an attack occurs at night and nobody is looking at the alerts in the console or via email no action will be taken in the right time. They prefer to have some FPs than an attack that was not stopped because at that time nobody realized it happened. 2) We know that we can kill and also add MD5 to a black list in order to avoid the spread of the attack. It's possible to make this automatically? For example, if a critical rule is triggered the process is killed automatically and the MD5 blacklisted without user interaction. If these features are not available, will those functions implemented in next versions? When? We appreciate all the arguments you can give us in order to close the deal with the customer. Thank you.
  3. Hello guys, We're trying to create a new template for a report (only table without graphic). We need to include the following information: user name, IP address, serial number, RAM capacity and HDD capacity in the same report. The problem is that when you select user name, all others items disappear so you can't add serial number, RAM and so on. We can replicate this issue in three different installations including on premise and cloud. This also happens if you select others items. Is this a bug or it's by design? Please see this screenshot. If we select user name, then no HW inventory items are available:
  4. Hello guys, This version 7.1 includes the revamped module for Outlook? I ask because I read somewhere that 7.1 will include a revamped Outlook module in order to avoid the problem of email when users have a large quantity of email in inbox and doesn't use subfolders. Thanks.
×
×
  • Create New...