Jump to content

igi008

ESET Staff
  • Posts

    33
  • Joined

  • Last visited

1 Follower

About igi008

  • Rank
    Newbie
    Newbie

Profile Information

  • Gender
    Male
  • Location
    Slovakia

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hello, thank you very much for this feedback, we plan to improve it, and every table should be sortable in the future.
  2. Hello, many thanks for this idea. Actually we have something like you mentioned in our EDR layer (ESET Inspect), which provides better visibility in your network and helps you identify suspicious behavior. For example, these rules related to this MITRE ATT&CK Technique: https://attack.mitre.org/techniques/T1219/ can be helpful. However, including other conditions in such rules is a quite interesting idea.
  3. Hello, many thanks for your post. It is a bit tricky because URI can also be a phishing link (in the case of web protection). ESET may be put on the list of phishers when we will send such notifications. However, we will try to open this topic internally again, and we will try to find an appropriate solution.
  4. Thank you very much for your suggestion. We also have a negative filter in your backlog. We plan to pilot it on the computer screen with a new Filter Advisor (planned in H1/2022). Please stay tuned
  5. Hello, Manny, thanks for your suggestion. We have in the backlog the reworking dynamic groups or, better say, enriching them to be possible to consider also data on the server (console). For now, you can try a workaround (but not ideal) to filter servers based on OS name and exclude domain controllers by the "Not equal" condition for specific machines. In the future, we will try to extend Dynamic groups / Dynamic group Templates to better-fitting this kind of need.
  6. Hello @EMEtech, it would be great if you can describe your use case in detail. I mean are you receiving notification as MSP and then solving issues or do you configuring each for a specific company and they need some extra info? If you receiving notification and want to better identify company where the computer belongs you can theoretically use variables like "Computer parent static group" or "Computer static group hierarchy".
  7. Hello, many thanks for your request. It makes sense. We are currently analyzing technical feasibility and difficulty (from a time investment perspective). I hope that everything will go well, and we will be able to also work on this feature alongside other priorities. Stay tuned
  8. Hello, thank you very much for reminding those things. Yes, we are also tracking these various smaller improvements. Unfortunately, capacity is limited, and we need to solve a lot of things with higher priority with broader business impact. However, do not worry. We have it in the backlog, and I hope that some of them will be able to address in the upcoming release. # 1 Uptime There was a tricky part how often to synchronize. We are considering adding it, but not sure if directly to the main computer table, maybe under details and sync it in some time intervals. # 2 Service pack / OS version It is problematic because it is impossible to guarantee that MS won't bring some ServicePack for Win 10. Now is possible to parse this information from the "OS version" in ESET PROTECT (that is technically the OS build). However, is good to consider creating a new field "OS build" and report version (e.g., 20H2) to "OS version", but it needs to be analyzed cross-platform. # 3 Network adapters Now we are reporting more physical adapters also wireless. Yes, the problem with duplicity (IPv4 and IPv6) is not fixed yet, but it is planned. Many thanks for your patience, I hope you have found other interesting improvements in ESET PROTECT 9.0. And of course, we will also try to move forward the smaller improvements suggested in this forum thread, but in some cases, we need more time due to other priorities.
  9. Thank you very much for your message. We are very sorry about that. We would like to improve our product to fit your needs. Yes, it is true, but our console is aimed at managing security not for allowing or installing services on OS. However, in some cases, it could be interesting. We have a very powerful task in our console - RUN Command (https://help.eset.com/protect_admin/90/en-US/client_tasks_run_command.html). Theoretically, it may be helpful to enable anything, that is possible through the command line. Do you use on-prem management console or cloud? In both cases is a bug, because it should work. If you use ESET PROTECT Cloud please could you send us instance ID (you can find it in ESET Business Account - Help on upper-right corner - About) In general, we support Syslog, events, and structure are described here: https://help.eset.com/protect_cloud/en-US/events-exported-to-json-format.html. Do you prefer specific integration with specific SIEM/SOAR tool? In the case of specific ESET products like Mail security we have also certified integrations, for example: https://marketplace.microfocus.com/arcsight/content/eset If something specific for the console is required, we can consider it. As my colleague already mentioned, there is some limit, but it should be sufficient for almost all cases. Is the size of the log reason for failing? Which log are you trying to collect? Sysinspector, Lgcollector, or Diagnostic Logs? Many thanks for your help and feedback, we appreciate it
  10. Hello, many thanks for your reply. It is preliminarily planned in ESET PROTECT Cloud 3.1, which is planned for January 2022. EDIT: Planned for version 3.2 (February 2022) EDIT2: We have analyzed it. Unfortunately, there is a risk when we are sending suspicious objects like phishing links in URI. It may cause our mailing service to be evaluated as suspicious or spam (it may also impact other customers who use a spam filter, e.g., from Google, etc.). For that reason, we have decided not to allow to sending of URI in notifications.
  11. Hello, Many thanks for your suggestion. We will add it also to ESET PROTECT Cloud. We have it already in the on-prem version. I apologize. It was forgotten in the cloud version.
  12. Hi Rdc, Thank you very much for your feedback, we really appreciate it. Yes, sorting this table could be useful. We try to add it here. Could you explain your use case deeply, why you need filters here? When you click on "Assign" you can find and sort here devices or groups. Do you prefer to search only through targets that were already assigned? Maybe one recommendation related to this topic. We strictly recommend assigning Policies to groups, not to single devices. Assigning to numerous computers (not groups) may harm the performance of your server. If you need to assign some policy to specific devices, we recommend creating a group, placing computers here, and assigning the policy to this group.
  13. Hello, thank you very much for your suggestion. We apology for that. Now we are working on a comprehensive IDEA that should solve unexpected reboots (not only agents but after product upgrade, OS upgrade, etc.).
  14. Many thanks for explanation. For streamlining endpoint product upgrade could be useful also this: Dashboard -> Status Overview -> Product version status -> Click on the "red" part of bar chart -> Update installed ESET products In the invoked wizard, you can select specific target/targets. It is not necessary to upgrade all endpoints. However, we recommend upgrading them all. Thank you very much for your feedback now. We are working on a comprehensive project that should help administrators with upgrading endpoints and all necessary components.
  15. Many thanks karsayor, We are currently working on a large project / comprehensive mechanism that will help the administrator keep the products in the network on the latest version automatically. We hope that this feature will help you and other customers. The good news is that we already upgrade all ESET Management Agents for ESET PROTECT Cloud (formerly known as ECA) automatically.
×
×
  • Create New...