brandobot
Members-
Posts
64 -
Joined
-
Last visited
Everything posted by brandobot
-
Product is installed, but it is not running error
brandobot posted a topic in ESET Endpoint Products
I have ~40 machines in our environment who are in this current status. When I ssh or remote into the machines, I find that only the ERAAgent process is running and not the ESET Endpoint Security app. I've tried to uninstall and re-install the app. Is there a way to remotely restart all of the eset processes on a Mac and Windows machine? -
Has anyone else been noticing hanging or unresponsiveness Macs on Mojave running ESET Endpoint Security 6.6.866.1? About once a week, half of my test Mojave machines get the spinning beach ball and the mouse becomes unresponsive. Some recover if you wait a few minutes, others you have to force shut down. After I uninstall ESET, it's been 9 days since I've experienced freezing/hanging.
-
ERA v7 Mac agents failing to check-in
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
This is what we've seen: - Machine initially connects after installation of ERA. - After an undetermined amount of time, usually anywhere from a couple days to a couple weeks, the machine will no longer check-in - Removal and re-install of Agent and the machine will immediately show up again I have not tried restarting the agent service yet. ESET support just showed me how to do this today. I will find another machine that is broken, try to restart the agent service to see if it gets it re-connected. If it does not, I can use wireshark to start capturing the log while restarting the service. I don't want to rule out the network, but I don't think this is the cause because I've had test machines that never leave the office lose connection before and require a re-install of the agent to fix. -
ERA Agent V7 issues
brandobot replied to jimmy09's topic in ESET PROTECT On-prem (Remote Management)
I'm getting similar issues here. A ton of machines are losing connection to ESET. The workaround has been to re-install the agent; however, the last time I did this, the machines show up in the ESET Management Center, but their status isn't a green check. It's been sitting with an empty circle for the past 2 days, modules unknown, and most last connected the same exact time the agent was reinstalled. -
ERA v7 Mac agents failing to check-in
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
See below for screenshots. I ran your commands and the database integrity reports OK. I also attached the status.html where it shows the failure and last connection. ESET console shows Sept 28, 2018 was the last connect day. I ssh'd into the machine and verified I can reach the eset server on port 2222 by doing "nc -z *IP* 2222" If I remove and re-install the Agent, it'll register just fine in the ESET Remote Administrator console. I wrote an extension attribute in Jamf to determine machines out of compliance. So far I've scanned 300 machines and 75 have the word "error" in the status.html, and haven't successfully replicated within the last 3 days. -
ERA v7 Mac agents failing to check-in
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
Case #103515. It's been open for nearly a year. I've been told "our new version will fix this" at least 2-3 times. I've wasted countless hours installing their beta versions that they promised would fix the issue. Our current workaround is to uninstall and reinstall as well. Do you have a good way of determining which Macs are losing connection to the ESET console? Are you using Jamf? How long have you been experiencing this issue? As far as I can tell, half of our Mac population (~350) already lost its' connection in the past 1.5 weeks since we upgraded to v7 agent. -
This has been an issue in our environment for the past year. We were told from our support rep that v7 agent will remedy this issue. On the machine losing connection to the ESET Security management center, I ran nc -z *server redacted*2222 Connection to *server redacted* port 2222 [tcp/rockwell-csp2] succeeded! This confirms that the client can reach the server; however, connection fails. The workaround fix has been to re-install the ESET agent to get it working again. CDynamicGroupsModule 2017-Aug-28 16:19:04 Agent is matching 2 dynamic group templates from 20 CDynamicGroupsModule 2017-Aug-28 16:19:04 Agent is matching dynamic group template with uuid 00000000-0000-0000-7014-000000000003 and version 1 CDynamicGroupsModule 2017-Aug-28 16:19:04 Agent is matching dynamic group template with uuid eac7ca9f-d3ab-4200-9905-5a464f10a368 and version 2 CDynamicGroupsModule 2017-Aug-28 16:19:04 Evaluating 15 dynamic groups AutomationModule 2017-Aug-28 16:19:09 Trigger: Tick ALLOWED [UUID=00000000-0000-0000-7006-000000000001, TYPE=REPLICATION]. AutomationModule 2017-Aug-28 16:19:09 Task: Executing task [UUID=00000000-0000-0000-7005-000000000001, TYPE=Replication, CONFIG=scenarioType: REGULAR linkData { dataLimit: 1024 isDisabled: false connections { host: "*SERVER REDACTED*" port: 2222 } }]. CReplicationModule 2017-Aug-28 16:19:09 CReplicationManager: Processing client replication task message CReplicationModule 2017-Aug-28 16:19:09 CReplicationManager: Failed to start replication, connection for replication link '00000000-0000-0000-7007-000000000001' (Automatic replication (REGULAR)) is already pending CReplicationModule 2017-Aug-28 16:19:09 CReplicationManager: Queuing replication task to be executed after current replication is finished SchedulerModule 2017-Aug-28 16:19:09 Received message: GetRemainingTimeByUserDataRequest CSystemConnectorModule 2017-Aug-28 16:19:19 Retrieving network configuration information CSystemConnectorModule 2017-Aug-28 16:19:19 StatusLog_NETWORK_ADAPTERS_STATUS: "Rows":[] CSystemConnectorModule 2017-Aug-28 16:19:19 StatusLog_NETWORK_IPADDRESSES_STATUS: "Rows":[] CSystemConnectorModule 2017-Aug-28 16:19:19 StatusLog_NETWORK_IPGATEWAYS_STATUS: "Rows":[] CSystemConnectorModule 2017-Aug-28 16:19:19 StatusLog_NETWORK_IPDNSSERVERS_STATUS: "Rows":[] SchedulerModule 2017-Aug-28 16:19:19 Received message: RegisterSleepEvent NetworkModule 2017-Aug-28 16:19:19 Forcibly closing sessionId:43, isClosing:0 NetworkModule 2017-Aug-28 16:19:19 Sending message: ConnectionFailure NetworkModule 2017-Aug-28 16:19:19 Removing session 43 NetworkModule 2017-Aug-28 16:19:19 Closing connection , session id:43 NetworkModule 2017-Aug-28 16:19:19 The connection will be closed due to timeout. Resolved endpoint is NULL CReplicationModule 2017-Aug-28 16:19:19 CReplicationManager: Replication (network) connection to 'host: "1XXXXX" port: 2222' failed with: Operation timed out
-
Modules Update failures
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
I spot checked a dozen machines on the Client Task Execution list that failed, ironically, it is showing module updated. Even on the ones that show Task Failed in the last 30 minutes. Looking at my dynamic group for Computers with outdated module, it only shows 16 out of 1900 machines. Perhaps the client task execution is reporting incorrectly? -
ESET Security Management Center Server v7.0.553.0 Endpoints on Windows 10, macOS 10.12 and 10.13 I noticed our module updates have a huge amount of failures on our Mac and Windows machines. There's no error other than "failed" in the status. How would I begin troubleshooting this?
-
When upgrading to the latest Endpoint Security (downloading from here and then deploying with management tool -- https://www.eset.com/us/business/endpoint-security/mac-security/download/) ESET splash screen and the ESET console launches. Please provide a way to suppress these pop-ups. We don't want our users to see these notifications and pop ups, we want it to be silent.
-
Eset Business 6.6 web control issue
brandobot replied to Manikandan R's topic in ESET Endpoint Products
I have a similar thing still going on in my environment. My ESET gui shows no blocks on uncategorized sites; however, all uncategorized sites are getting blocked. When uploading my logs and ESET policy to ESET, they are able to see uncategorized sites are being blocked. Very strange. At this point, we disabled web control... -
Cisco Anyconnect VPN not working with ESET v7
brandobot replied to greyjoy99's topic in ESET Endpoint Products
What version of AnyConnect are you running? I'm on v7 and Anyconnect 4.6 without any issues. -
I upgraded my mac to 6.6 a couple days ago. Today I noticed that it has failed to read the kernel extension and the firewall/web protection is disabled. After re-installing the 6.6 again, the error went away. 2 questions: 1) How do we prevent this from happening again? 2) How do I detect if any other machines are experiencing this issue? Also, when deploying the .pkg downloaded from the ESET site, it upgrades my machines successfully, but how do I suppress the ESET console from launching and flashing the splash screen? We want a silent upgrade and do not want our users to know we are updating them. Inside the .pkg, there's a "gui_startup.sh", is there a way the development team can disable this for upgrades?
-
Push Install ESET Endpoint for MAC Remotely
brandobot replied to niran's topic in ESET Endpoint Products
@MartinK In the past, we were instructed by ESET that you can deploy using the downloadable .pkg on your website. We've done this with success in the past; however, the only flaw is that the ESET splash screen and console will launch automatically once installed. -
MS Outlook 2016 "Sync Issues" and "Confilcts"
brandobot replied to RangerZ's topic in ESET Endpoint Products
@marcos when can we expect 7.1 to roll out? -
https://nypost.com/2018/08/16/hackers-target-thousands-of-bank-emails-in-cyber-attack/amp/ What is ESET doing to protect their customers?
-
All our Windows machines are blocking websites (web control)
brandobot replied to brandobot's topic in ESET Endpoint Products
private messaged you -
All our Windows machines are blocking websites (web control)
brandobot replied to brandobot's topic in ESET Endpoint Products
Uploaded one set of logs. Edit:: Uploaded the wrong logs. I just uploaded it again with the affected machine ees_logs.zip -
Requiring encryption for removable media?
brandobot replied to brandobot's topic in ESET Endpoint Products
Thanks @tmuster2k. I'll look into ESET Endpoint Encryption. We do not need auto encryption, but at minimum need to block any drives that are not encrypted.