Timreck
-
Posts
13 -
Joined
-
Last visited
Posts posted by Timreck
-
-
Alright thank you very much for the Information.
-
Thanks for your response MartinK,
i sadly dont have too much information about it since i only was there for limited time and focused on the migration form ERA to ESMC.
Thank you for the link, i will try to figure out if they have a VDI supported environment and set it up properly.
-
So your saying the Proxy configured under the "Tools" is the referred "Global Proxy" under Update?
Meaning if i configure the "Tools" Proxy, i only need to set the Update one to "Global" and should be good.
But i also need to configure the Proxy under the Agent to be able to Update from the Repository, right?
Thanks for the Help!
-
Hi Marcos,
thanks for the quick reply.
50 minutes ago, Marcos said:For security products we recommend configuring the proxy server under Tools -> Proxy server (global settings)
You are not able to set "Global Proxy" under tools. That is what irritated me:
1 hour ago, Timreck said:If 3 uses the Global Proxy Setting form the Agent Policy then why are you not able to chose it under Tools / what does the Tools Proxy even do?
You are able to set an "Global Proxy" under the Agent Setting, but i seems a bit weird splitting them and making the Product Policy relay on a setting in the Agent Policy. There are no "Global Proxy Settings" under Tools.
54 minutes ago, Marcos said:Unlike the settings in the Updates section, the global settings are also used for activation, LiveGrid communication, etc.
You are referring to the Tools -> Proxy right ? That would make sense, since we had problem activating the product on a Windows-Client were this setting was not activated because the local-Admin was confused about what the setting even controls .
2 hours ago, Marcos said:The proxy settings in the Updates section are useful if a device connects to different networks with different proxy servers, however, they are not used for communicating with other than update servers and repository in case of program updates.
I don't quite get this. So your saying in a normal case, if the Global Proxy is configured i can leave this empty? What Proxy would i set here then, since i wouldn't know into what Networks the Laptops get into and how the other Proxys are configured. What would be a use case? Als, there is no way to grab the Windows Proxy?
2 hours ago, Marcos said:In case of agent, if you use "Different proxy per service" setting, you can configure a different proxy server for communication with the ESMC server and with other servers (repository, update servers).
Related to this i have the Question why the agent always runs to the Repository (Internet) to grab the quite large file. If i have a network with 2000 Clients and they are all installing the same version on the same Systemversion, wouldn't it be easier if the ESMC could download and distribute the file to the Agents?
There is not much difference to it as if i would download and configured Installer and distribute it over an Software tool. Just seems off to me that every Agent goes to your live Server, which creates more traffic for yourself.
Thanks for the Help!
-
Hi,
i have an question regarding the multiple possibility´s to set the Proxy server in ESET Policy´s.
First to clarify that i understand the Settings right:
- Do not use a proxy server - pretty clear, doesn't use a Proxy
- Connection through a proxy server - uses the Settings you provide him below
- Use global proxy setting - here is the Question does this use: Windows Settings; Proxy set under Tools, or Proxy set under Agent/Global Proxy Setting
If 3 uses the Global Proxy Setting form the Agent Policy then why are you not able to chose it under Tools / what does the Tools Proxy even do?
Now to the possible spots where you can configure a Proxy:
- [Client or Server Policy] Update -> Profiles -> Updates -> Connection Options
- [Client or Server Policy] Tools -> Proxy Server
- [Agent Policy] Advanced Settings -> HTTP Proxy -> Global Proxy
- [Agent Policy] Advanced Settings -> HTTP Proxy -> Replication / ESET Services
After my understanding the settings are for following use:
- 1 -> For Updating the Moduls and Signature. Internet access required / Strongly recommended, right? If this Proxy brings him in the same net as the ESMC, and only the ESMC has the Internet Proxy set, it wont work right?
- 2 -> ?
- 3 -> For updating the Product itself ? 7.0.X -> 7.1.X for example.
- 4 -> If you are using Server Replication etc.
Thanks for The Help!
-
Hi,
one of our Clients has following case:
He has a locked boot-file (citrix) with ESET Endpoint Security installed, and then boots multiple Computer´s out of it.
Now every time he boots a "new" Computer up it creates a new database entry, which is good in terms of licensing because it creates an accurate view. The problem now was that his Computer count (for that section) doubled every day, so I designed him an Dynamic Group + 'Server' Task concept that deletes the entries, and releases the license from Computers booted out of that image after a certain time.
His question was if this is best practice or if there is an better way to solve this situation.
I wasn't able to find any Articles regarding this, so i thought id just ask here before opening a support ticket.
-
We would like to keep track of computers that keep getting deleted and re-register them self afterwords, so we can create more accurate groups for the deleting Task.
We also are deleting a lot of AD imports which re-register themselves because of our AD SYNC task. There is no way to keep these out of deleting Task, right?
Thanks for the fast Response.
-
Hi,
i would like to generate a report of the deleted Computers, that the Server Task cleaned because they where offline for x days.
Is there any way to get the information, which Computer got deleted?
Thanks!
-
I am aware of the Server Component Upgrade Task, as stated in my first message.
What i do not understand is why i need to manually trigger an update for something that doesn't even have a change log.
I would expect a option for those kind of updates, to just automatically download in the Background without my doing, cause there seems to be no downside.
And yes i do know that i could just CRON schedule an Component Upgrade Task, but i do not want to upgrade my Systems into versions i didn't approve of, when major updates releases.
Im assuming you could build some strange concept with dynamic groups, that only filters for 7.0.X Versions but at that point it might be easier to just manually update, since i dont think there is a value for future updates under dynamic Groups.
-
The first Agent after the 7.0 Update was 7.0.553.0. Now we are able to update to 7.0.577.0. Is there no way to find out what changed?
Its hard for me to understand why you push a Update, that you need to manually install, but then do not provided a Change log.
After my knowledge its not possible to enable an "Autoupdate" for small Version Changes like this, right?
-
Hey,
im having a hard time finding release notes in general. They seem to be hidden, and even if you find something they mostly just contain minimal Information like here:
Starting an whole Upgrade Task, that then requires an reboot afterwards, and has the possibility to cause Errors just because of an Change log that size seems weird to me.
I understand that you can just skip the Update and ignore it, but that doesn't really make managing the Server easier when everything gets shown as outdated.
It would be awesome if you could difference between "relevant Updates" that include new features and important fixes, and "un-relevant Updates" that include minor fixes.
My current issue is that i can not find the Patch notes for ESET Management Agent 7.0.577.0, even though i need to start an Server Component Upgrade Task to update them.
Has anyone found them, and could link them to me?
Thanks in advance.
-
DESlock SSO "Sync" breaks after every cumulative windows 10 update since Windows doesn't properly re-register the .dll
hxxp://support.deslock.com/KB396
You can write an Powershell scrip, or repair it manually:
if
(!(get-item -Path registry::hklm\SYSTEM\CurrentControlSet\Services\dlpwpflt\NetworkProvider -ea SilentlyContinue))
{write-host -fore red "Not exists";Start-Process -FilePath "regsvr32.exe" -ArgumentList '/S "C:\Program Files\DESlock+\dlpwpflt.dll"'}
else
{Write-Host -fore green "exists"}
Setting of Proxy Server - which setting has what result
in ESET Endpoint Products
Posted
I don't think so. After my understanding the Product does direct communication for:
Or the other way around, the only thing the Agent does is Policy´s and Information gathering for Dynamic Group requests.
Activation of the License over the ESMC got disabled after my knowledge, and even though you could set up a way where Signature and Modul Updates go over the Server, by default it doesn't.
Please correct me if im wrong.