Camilo Diaz

You should definitely apply the work around...

Hi Marcos, what's the signature ID / Engine version?

It seems like the client is not pickup up the policy correctly and it keeps displaying the Eset icon in the Dock. I have confirmed the the policy is configured correctly and applied to the device... See attached screenshots. I am also getting reports that the Client is displaying the OS updates notification, but we have it configured it to NOT display those... See screenshots.. MacOS Monterey 12.3.1 EEA 6.11.202.0

Keen to try the beta version. Can u send the info please. Thanks, Camilo.

Policies -> Settings -> (Web and email) Web access protection -> web protocols -> Ports used by HTTP protocol

Hey Marcos, as mentioned by other members, as soon as an user logs in, Real-Time protection start working again, so I don't think it will be feasible to get the logs from a device experiencing the issue...

My Bad. Have sent you a link with the full logs.Thanks

Hi Marcos, we are experiencing exactly the same issue in about ~1000 workstations. all upgraded via Installation Task from ESMC . I have enabled FULL dump for logs and attached the results here. btw. it's only affecting EEA 7.3.2041.0 eea_logs.zip

Hey Marcos, I do see some resolved but other ones remain not resolved. Some of them running EEA 7.3.2041.0.

Can your clients telnet to your new ESMC server on port 2222? If not then there's highly likely a firewall stopping the connection. (assuming the new server is working as expected). What about new clients? Can they connect to the new server?

ESET Security Management Center (Server), Version 7.2 (7.2.1278.0) ESET Security Management Center (Web Console), Version 7.2 (7.2.230.0) We are currently managing the Antivirus detection by adding the endpoints to a Dynamic Group and running a Scan Task which if successful it resolves the detection. My understating is that for the 'Firewall' Module detection, this has to be manually resolved. (Is there any insight of improvements on this?) For the 'Web protection Module' we have a fair amount of blocked detection 'attempt to connect to URL - Blocked by PUA blacklist/Blocked by Internal blacklist'. We'd like to auto-resolve/close this if the status is 'blocked'. Is this possible? Thanks, Camilo.

Hi Marcos, I was experiencing the same with a few clients and after a reboot the warning is gone for good . Cheers

We have experienced the same issue again, eset_proxy process consuming 100% CPU and blocking somehow the network on the affected devices. Running Eset Endpoint Security 6.90.0. All affected devices are running macOS 10.14 (Mojave). Have reported it to ESET so hopefully we'll get an answer soon. Thinking to upgrade to 6.90.3 but not sure if it will make any difference at this stage.

Ok problem solved. I had missed that notification which explains it will attempt to upgrade as much as it can (in my case, the agent). I can also select a dynamic group. Thanks!

Thanks @MichalJ. I've had a look at the 'security management center components upgrade' but if I choose 'Server Task', again I can't select a dynamic group and If I select 'Client Task', is not clear what the task is doing... Upgrading the client? upgrading the agent?

Is there a way to select a Dynamic group as the 'Target' group for an Agent Deployment Task? As you can see in the screenshot, Dynamic groups are greyed out. I have +8000 devices so ideally I want target the task only to those that are not in the latest version. ESET Security Management Center (Server), Version 7.1 (7.1.717.0) ESET Security Management Center (Web Console), Version 7.1 (7.1.393.0) edit: This is the official KB from Eset which is not clear on my particular questions. https://support.eset.com/en/kb6741-remotely-install-or-reinstall-the-eset-management-agent-using-eset-security-management-center-7x Thanks, Camilo

seeing the same pop up (URL/Urlik.AAO) when installing other applications: ESET Endpoint Antivirus 7.2.2055.0 ie: Adobe DC

That one is already resolved, that's why you can't resolve it. Have a closer look at the status and you'll see the 'i' from Informational... 1st and 2nd screenshot

you mean 6.8.400.0 ?

I have opened a case with our local customer care and provided the requested logs, but they didn't find the root cause of the problem. I was provided with the beta version 6.8.400.0 and issue still occurred there. Edit: Provided logs esets_proxy log level has been set to verbosity level = 8 Sample of esets_proxy.txt customer_info.zip

Hi Marcos, yes, ESMC is behind a proxy (configured) and behind a firewall with open outbound connections to 80/443. . Traffic is allowed to all of those update servers and I can’t see anything being blocked on my proxies.

ESET Security Management Center (Server), Version 7.0 (7.0.577.0) ESET Security Management Center (Web Console), Version 7.0 (7.0.429.0) ESCM is complaining under Status Overview, that cannot reach 'Server module updates'. "Server module update is failing. See audit log for more details." Outbound traffic for the ESCM server is allowed on ports 80/443. Current config is to check every few hours. SERVER: AUTOSELECT (Regular Update) I've had a look at the logs on the servers but can't find any trace of what's wrong. Connection to the repositories is working fine. Any ideas? Cheers ,Camilo.

Thanks Marcos. When you said "it's possible to disable protected service", do you mean to disable 'Automatic exclusions to generate" for Microsoft SQL Server?

We had the same issue and have downgraded EFS to 6.5.12010.0. Will stay in that version until the problem is fixed.