brandobot
Members-
Posts
64 -
Joined
-
Last visited
Everything posted by brandobot
-
Our infosec wants us to be able to require encryption before using removable media such as usb drives. Is there a way to do this in ESET Endpoint Security?
-
We're running ESET Endpoint Security for AV/Firewall,etc.. version 6.5.600.1 and am noticing huge slow downs after installing CarbonBlack Response 6.1.3. the esets_daemon process spikes up to over 100% cpu usage after CarbonBlack is installed. I've tested on both 10.13.4 and 10.12.6. We've had both CarbonBlack and ESET for some time back in 2017 without any issues, but ended up removing CarbonBlack for the past couple months due to the kernel panic issues. Simple tasks such as launching terminal takes 20 seconds or attaching an image to an Outlook e-mail takes a minute and sometimes presents the spinning beach ball. Removing CarbonBlack makes the slowness go away and leaving CarbonBlack and removing ESET also makes the slowness go away. Seems like there's some incompatibility here. Is anyone else running these two products and are experiencing the same issue?
-
Clients losing connection to ERA on Mac OS
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
According to this post, another user has had the same issue since May 2017. Is anyone else experiencing this on macOS? -
Same exact response I got. They provided me with a "beta" version that was created to address this issue, but I am still experiencing it with the beta version. How are you handling this now? Our Infosec is not okay with having machines "unmanaged." We've had to uninstall and reinstall the ESET agent periodically on all machines as we have no accurate way of telling which machines are connected.
-
@michalJ @marcos I've opened a forum post here. It is case #103515 Machines missing from ESET Remote Administrator console" -- Web control case is # 33848. This case stemmed back from early 2017, we worked on this for months with no resolution. Support came on-site and was able to replicate both onsite and on ESET provided machines; however, no resolution was ever found. The machines missing and losing connection from the remote administrator is extremely urgent in our environment as we have no way of actively telling which machines are missing from the console. We've had to uninstall/reinstall the agent on all machines numerous times to ensure we're able to manage 100% of our Macs. The automatic task that wasn't working was for removing stale machine entries. Support told me there was an issue with checking the "remove license" option. After unchecking the option, removing stale machines began working.
-
Clients losing connection to ERA on Mac OS
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
Still an issue. I was provided with a Beta version of the remote administrator app, version 6.5.376.30 that supposedly provided a fix for this issue. (was told it was a database issue) . Attaching screenshots of the endpoint being online and able to reach the ESET remote administrator server, but has not shown checked in in over 10 days. -
It's issues like this that make me feel like ESET was not Enterprise Ready -- especially on the Mac side. We've seen issues from machines mysteriously losing connection or being completely removed from the ERA, to auto-run tasks that just do not work, to tremendous slowdown issues with the Web Control feature on Macs. It's extremely tiring having to contact support, send countless number of logs and to hear no resolution for months.
-
Clients losing connection to ERA on Mac OS
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
The part I redacted was the IP, not the hostname. But yes, it can reach both short name, fqdn, and IP. Just for clarification, this is what it looks like. (I changed the IP). Is was pointing to an IP, not a hostname.) Scope Time Text Last replication 2017-Dec-21 18:45:46 Error: CReplicationManager: Replication (network) connection to 'host: "10.12.190.32" port: 2222' failed with: Network is unreachable -
Clients losing connection to ERA on Mac OS
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
As I mentioned in the above post, we are able to contact the IP on port 2222. -
Clients losing connection to ERA on Mac OS
brandobot replied to brandobot's topic in ESET PROTECT On-prem (Remote Management)
Yeah, I had originally uploaded the status, which you removed. I'm re-attaching it now. Note that we've connected to this machine, and was able to communicate to our IP on port 2222 successfully. On machines that had the same error, we've uninstalled the agent and re-installed and it'll reconnect successfully. Obviously, this is not a feasible task for us to do every time a machine disconnects. Status log Scope Time Text Last replication 2017-Dec-21 18:45:46 Error: CReplicationManager: Replication (network) connection to 'host: "REDACTED" port: 2222' failed with: Network is unreachable Peer certificate 2017-Dec-21 18:45:11 OK Agent peer certificate with subject 'CN=Agent at *' issued by 'CN=Server Certification Authority' with serial number '011ab7527957a342d5867130df08e51ebd01' is and will be valid in 30 days Performance Indicator Value Up time 00:00:44 Kernel time 0 sec., 0.0 % of up time User time 2 sec., 4.5 % of up time Memory private usage 44 MB Memory working set 722 MB Memory peak working set 722 MB Available physical memory 1166 MB Total I/O reads 0 KB Total I/O writes 0 KB Total I/O others 0 KB Generated at 2017-Dec-21 18:45:46 (2017-Dec-21 10:45:46 local time) -
We're currently experiencing client endpoints losing connection to our ERA. Below is the last error log. I removed the host IP for security reasons. On the endpoint itself, I can do a "nc -z <IP> 2222 and it'll connect successfully. We've experienced this on 38 machines since June 2016. Our workaround has been to uninstall the ERA Agent and Reinstall the Agent. Has anyone experienced this issue before? macOS 10.12.6 trace.log