Jump to content

igi008

ESET Staff
  • Posts

    35
  • Joined

  • Last visited

1 Follower

About igi008

  • Rank
    Newbie
    Newbie

Profile Information

  • Gender
    Male
  • Location
    Slovakia

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Many thanks for your suggestion. I absolutely agree that this would be useful, and we have discussed adding it many times to the cloud version as well. The main difference is that in the on-premises version, the customer configures their own SMTP server and they are responsible for their reputation. In the cloud version, ESET is responsible for the messaging service and servers. There can be some issues when customers have set up object URIs for phishing attempts. In this case, the email actually contains a phishing link and our messaging service can be placed on blacklists by specific email hosting providers, which can cause problems for many other customers. However, there is always a solution, but it might be more complex than it seems at first glance. We will try to address this improvement and find a solution to make messages more usable with this information.
  2. Thank you very much for your valuable feedback. I absolutely agree with you. It is our goal to improve this situation and have all necessary components and tools in one installer/agent, with components enabled based on your license. Currently, we are making efforts to introduce more improvements that enhance the experience of easily enabling additional protection layers. We are striving to achieve this through an installer that installs all components based on your license across all platforms. By expanding ESET Solutions, we allow for the easy enablement of additional protection layers via a context menu over a single computer or groups of computers. The license is preselected automatically, and everything necessary is enabled or installed on the endpoint. We also aim to expand a dedicated section in the menu titled "ESET Solutions" where we are adding support for more and more protection layers. In this section, it is easy to distinguish where a protection layer is enabled and where it is missing. If a customer does not have a sufficient license, they can request a trial and try an additional protection layer like LiveGuard directly from this section.
  3. Hello, thank you very much for this feedback, we plan to improve it, and every table should be sortable in the future.
  4. Hello, many thanks for this idea. Actually we have something like you mentioned in our EDR layer (ESET Inspect), which provides better visibility in your network and helps you identify suspicious behavior. For example, these rules related to this MITRE ATT&CK Technique: https://attack.mitre.org/techniques/T1219/ can be helpful. However, including other conditions in such rules is a quite interesting idea.
  5. Hello, many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution.
  6. Thank you very much for your suggestion. We also have a negative filter in your backlog. We plan to pilot it on the computer screen with a new Filter Advisor (planned in H1/2022). Please stay tuned
  7. Hello, Manny, thanks for your suggestion. We have in the backlog the reworking dynamic groups or, better say, enriching them to be possible to consider also data on the server (console). For now, you can try a workaround (but not ideal) to filter servers based on OS name and exclude domain controllers by the "Not equal" condition for specific machines. In the future, we will try to extend Dynamic groups / Dynamic group Templates to better-fitting this kind of need.
  8. Hello @EMEtech, it would be great if you can describe your use case in detail. I mean are you receiving notification as MSP and then solving issues or do you configuring each for a specific company and they need some extra info? If you receiving notification and want to better identify company where the computer belongs you can theoretically use variables like "Computer parent static group" or "Computer static group hierarchy".
  9. Hello, many thanks for your request. It makes sense. We are currently analyzing technical feasibility and difficulty (from a time investment perspective). I hope that everything will go well, and we will be able to also work on this feature alongside other priorities. Stay tuned
  10. Hello, thank you very much for reminding those things. Yes, we are also tracking these various smaller improvements. Unfortunately, capacity is limited, and we need to solve a lot of things with higher priority with broader business impact. However, do not worry. We have it in the backlog, and I hope that some of them will be able to address in the upcoming release. # 1 Uptime There was a tricky part how often to synchronize. We are considering adding it, but not sure if directly to the main computer table, maybe under details and sync it in some time intervals. # 2 Service pack / OS version It is problematic because it is impossible to guarantee that MS won't bring some ServicePack for Win 10. Now is possible to parse this information from the "OS version" in ESET PROTECT (that is technically the OS build). However, is good to consider creating a new field "OS build" and report version (e.g., 20H2) to "OS version", but it needs to be analyzed cross-platform. # 3 Network adapters Now we are reporting more physical adapters also wireless. Yes, the problem with duplicity (IPv4 and IPv6) is not fixed yet, but it is planned. Many thanks for your patience, I hope you have found other interesting improvements in ESET PROTECT 9.0. And of course, we will also try to move forward the smaller improvements suggested in this forum thread, but in some cases, we need more time due to other priorities.
  11. Thank you very much for your message. We are very sorry about that. We would like to improve our product to fit your needs. Yes, it is true, but our console is aimed at managing security not for allowing or installing services on OS. However, in some cases, it could be interesting. We have a very powerful task in our console - RUN Command (https://help.eset.com/protect_admin/90/en-US/client_tasks_run_command.html). Theoretically, it may be helpful to enable anything, that is possible through the command line. Do you use on-prem management console or cloud? In both cases is a bug, because it should work. If you use ESET PROTECT Cloud please could you send us instance ID (you can find it in ESET Business Account - Help on upper-right corner - About) In general, we support Syslog, events, and structure are described here: https://help.eset.com/protect_cloud/en-US/events-exported-to-json-format.html. Do you prefer specific integration with specific SIEM/SOAR tool? In the case of specific ESET products like Mail security we have also certified integrations, for example: https://marketplace.microfocus.com/arcsight/content/eset If something specific for the console is required, we can consider it. As my colleague already mentioned, there is some limit, but it should be sufficient for almost all cases. Is the size of the log reason for failing? Which log are you trying to collect? Sysinspector, Lgcollector, or Diagnostic Logs? Many thanks for your help and feedback, we appreciate it
  12. Hello, many thanks for your reply. It is preliminarily planned in ESET PROTECT Cloud 3.1, which is planned for January 2022. EDIT: Planned for version 3.2 (February 2022) EDIT2: We have analyzed it. Unfortunately, there is a risk when we are sending suspicious objects like phishing links in URI. It may cause our mailing service to be evaluated as suspicious or spam (it may also impact other customers who use a spam filter, e.g., from Google, etc.). For that reason, we have decided not to allow to sending of URI in notifications.
  13. Hello, Many thanks for your suggestion. We will add it also to ESET PROTECT Cloud. We have it already in the on-prem version. I apologize. It was forgotten in the cloud version.
  14. Hi Rdc, Thank you very much for your feedback, we really appreciate it. Yes, sorting this table could be useful. We try to add it here. Could you explain your use case deeply, why you need filters here? When you click on "Assign" you can find and sort here devices or groups. Do you prefer to search only through targets that were already assigned? Maybe one recommendation related to this topic. We strictly recommend assigning Policies to groups, not to single devices. Assigning to numerous computers (not groups) may harm the performance of your server. If you need to assign some policy to specific devices, we recommend creating a group, placing computers here, and assigning the policy to this group.
  15. Hello, thank you very much for your suggestion. We apology for that. Now we are working on a comprehensive IDEA that should solve unexpected reboots (not only agents but after product upgrade, OS upgrade, etc.).
×
×
  • Create New...