[ESET Remote Administrator]

Red 40 means count of computers with red alerts. If problems will be resolved, this number will decrease automatically and eventually go to none.

Red 108 means count of non resolved threats. You should manually set threats to 'resolved' state to decrease this number. https://help.eset.com/era_admin/65/en-US/threats.html?threats.html

[ERA 6 VA to ESMC VA howto/kb?]

2 hours ago, carmik said:

How is it possible to reach this step and have the new ESMC with the same ip address as the older server?

You can disable network interface for the new VA.

[Which process resets groups to defaults on ERAS 6?]

OK, task removed.

BTW, why this appeared only month ago?

[Which process resets groups to defaults on ERAS 6?]

There was failed RA Components Upgrade task, but it seems unrelated. Running on Sundays, not Saturdays, every time finished successfully, only last Sunday exited wit error. Error text is 'Upgrade infrastructure task failed: Failed to upgrade WebConsole with: GetFile: Error reading HTTP response data (0x4e2a)'

[Which process resets groups to defaults on ERAS 6?]

In ERAS 6 on every saturday around 23:00 computer group names changes back to default. I have 'Lost and found' renamed to '_Lost and found' to get it to top of group list, it reverts back. Group 'Problematic computers' is copied to new group 'Problematic computers_date-and-time' with the same template. Deleted group 'Computers with outdated operating system' also is back. First occurrence was October 6th if I remember correctly.

This is ERAS virtual appliance on CentOS, nothing more is added to it, except Zabbix monitoring agent. No server or client tasks are running at that time.

Question - how to find what process is making these changes? In CentOS logs nothing special in this time.

[Question about future of ESET products for Linux Servers?]

Good to hear. How about planned features for mail security? The same as for Exchange version?

[Question about future of ESET products for Linux Servers?]

17 hours ago, Marcos said:

A new version of Linux server products will be unveiled next year.

Is there more information available? If not publicly, perhaps in PM? We are beginning to plan next year's budget and want to know if it is worth to buy ESET for our mailservers.

[Question about future of ESET products for Linux Servers?]

One week ago I asked a question about SPF, DKIM and DMARC, if these features will be implemented in Mail Security for Linux, especially if they are already in ESET products for MS Exchange https://forum.eset.com/topic/17049-spf-dkim-and-dmarc-in-mail-security-for-linux/

No answer till now. There are many topics in that subforum without answers and it seems like products for Linux servers are somewhat abandoned. Exchange Mail Security version is 6.5, EMS for Linux version 4.5. Perhaps that's only numbers, but it was released back in December 2015 !!! It would be nice to hear from ESET staff, if products for Linux servers are in their future plans and will receive new features like products for Windows based servers. Sure, I can write to support and eventually receive the answer. But I think I'm not alone who wants to know.

[SPF, DKIM and DMARC in Mail Security for Linux]

SPF, DKIM and DMARC is already implemented in ESET Mail Security for Exchange. When it will be implemented in Linux version? We are using Amavis for this functionality, but there are problems with Amavis and ESET antispam integration.

Quote

From EST help - Lastly, AMaViS only scans files; it cannot use the ESETS antispam engine.

We couldn't use only ESET without Amavis if ESET is missing this.

[Who is using Endpoint v7 now, and what is your experience?]

1.

[Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)]

31 minutes ago, Kieran Barry said:

Description: The ability to turn off threat alerts regarding windows updates

It is already implemented. You can disable this in Agent policy

[[ESMC] Unsupported OS?]

 You have 2008 with SP2. This is 2008R2 Server

[Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)]

On 9/8/2018 at 11:54 AM, bbahes said:

I've noticed they have this task out of the box:

 

You should only assign this to appropriate groups, by default it is assigned to 'Lost & found' group.

[Secondary Ip address showing up in ERA 7]

No, remote host column shows correct IP address. Incorrect address shown is first from all configured IP addresses of the network adapter. Which is the only network adapter.

[Secondary Ip address showing up in ERA 7]

Ah, I see. Yes, the same here, sometimes very confusing.

[Secondary Ip address showing up in ERA 7]

You can remove this column by clicking on gear button on right end of headers and choosing Edit columns

[Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)]

For this I have server task running once a day. No problems at all.

[Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)]

47 minutes ago, bbahes said:

This is big flaw in design and you should revert back to old one. If some organizations have problems with endpoint control, internal organization it should not have been reason to fix these problems with product philosophy. If for some reason endpoint is gone from ERA, than this is mayor security incident inside organization, that should be addressed in other way with internal policies or procedures.

This design leads to many potential confusions in reports and management if situation would arise that endpoint was renamed and rename task fails.

I object. In our environment, where endpoint renaming was very frequent, new design never caused any problems for us, rename task never failed. Old design was painful, even when endpoints were identified by network card's id.

[ESMC (ERA7), EDTD, EEI, Endpoint v.7 Early access signup]

Yes, I,d like to participate too.

[Can install SAMBA on ERA Appliance?]

It's already here.

[root@eras ~]# smbd -V
Version 4.7.1

[ERA agent not connecting to ERA server]

Can you ping ERA server from these clients? Perhaps you have DNS name in installer's configuration and clients can't resolve it.

[Extremely New to ESET]

NOD32 is only name, it is nothing about software architecture. AFAIK, You can't install any ESET Antivirus 32bit version on 64bit Windows. So, I'm pretty sure, You have right product. ESET Support page is the best place to get information You need.

[ESET Upgrade from 5.x to 6]

We are almost migrated our ERA from 5 to 6, about 800 clients in more than 20 sites. Test before migration, all possible scenarios, and impossible too. In theory all seems to be quite easy, in reality it's easy only if all clients are very similar and in ideal condition. Also consider upgrade to new server, then You can go back if something fails. We deployed virtual appliance and now I can say, this was the right decision.

[Appliance Not Joining the Domain]

Hate these 'figured it out' and nothing more, and never returning users. Tech forums are for sharing knowledge.

[Presentation Mode Warning]

This warning triggers every time when Windows 8 and 10 (not sure about 7 and older) goes to lock screen. In our organization we have constantly about 1/6 of all computers with this warning. So, turn it off or live with it. In both cases it is useless, I suggest to turn it off by default.

Upd.: When presentation mode is enabled scheduled tasks are paused. It's good if actual presentation is running. But, as I said, in most cases computer is idle with lock screen 'presented'. The best time to run these scheduled tasks IMHO. If antivirus could detect, is this a real presentation/fullscreen application or Windows lock screen, there would be better use of resources and less unneeded warnings.