Jump to content

tmuster2k

Members
  • Posts

    372
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by tmuster2k

  1. Trying to setup policy to where ESET's Secure browser will be initiated outside of 2 websites. I was doing test and also was able to reproduce by turning on "Enable Secure Browser" and under "WEBSITES REDIRECTION" and included www.eset.com and eset.com for "Normal Browser" so that when going to eset.com it should not bring up secure browser. The normal browser never is initiated however when going to eset.com even though local settings were confirmed based on the policy. I did notice that the only way to Edit the section "WEBSITES REDIRECTION" was to slide off "Secure All Browsers" so I was assuming with this slider off it still retained the items in "WEBSITES REDIRECTION" or am I wrong or is there something else I am missing in implementing this correctly? 

    secure_brows2.PNG

  2. Is there explanation as to what "Subunits" references in EBA for ESET server security. There is no mail security, terminal server connections or Sharepoint at all in play here. These are physical servers that some show 1 or 2 subunits. The glossary in EBA only references ESET Mail Security which is not part of this license. Also these servers do not have multiple NIC's (single NIC only). 

    image.png.a6e9e3c1fc79117495c3a547c2041028.png

     

  3. in my testing, it appears that if you are already on the latest version of the agent that you cannot do install over the top and the task will fail if deploying. If you run locally with agent .exe file locally it will give error "Latest version is already installed". I don't remember this with previous versions like with 8.x but maybe something has changed. The only option appears to run script to remove orphaned agents and then do fresh deploy. 

    agent_latest_version_installed_mes.PNG

  4. I was wondering if there is any report that can be created that can send report of failed installs. Fox example, if doing a install task to push a newer version of ESET ENDPOINT Security over the top and then the installation rolls back. I tested a report using Client Tasks, Failed and then Filter by Client tasks, Task type = Software install but this task will report success by just getting to the machine before windows installer even initializes so it doesn't recognize installation rollback as "Failed" but "Finished". 

  5. if this is an ESET ON Premise server then you will go through creation using agent live installer per >>

     

    https://support.eset.com/en/kb7750-deploy-the-eset-management-agent-to-a-macos-client-using-agent-live-installer

    If you are using ESET Protect cloud you can do all in one installer for agent and ENDPOINT  per >>

     

    https://support.eset.com/en/kb6958-install-eset-product-for-macos-using-eset-cloud-administrator-live-installer

     

  6. Getting this message "Cannot read from socket: Network is down" in LOG FILES >> Events. Was wondering if anyone had explanation of this error. I looked through previous posts and one suggestion per >> 

     was to disabled "Increased network volumes compatibility' but confirmed on this MAC machine that its not checked. Running Monterrey with all updates and ESET ENDPOINT Security 6.11.1.0 

  7. I have noticed a trend with the version 9.x agent and running the client install task for Windows Update. Before upgrading to Version 9.x agent, when running the "Operating System Update" client task and having all boxes checked for "Automatically accept EULA, Install optional updates and Allow Reboot"  the system would restart after updates were done. With version 9, its almost a 4 hour delay until reboot is performed which is causing havoc for customers production servers. For one of the affected servers in the event log for SYSTEM it shows >> image.png.05ae4c5506afc0b4ef05c4c2bce114c5.png

    The task started at 10:12am and this is not showing until 1:42 PM. I even tested a 6.5 agent and the reboot was done right after all windows updates were done. This is happening on Windows Server OS 2009-2019. Issue can be easily reproduced in any environment. Is issue currently being worked on? 

  8. @BrianMorris  You can create a dynamic group template called for example "EDTD Activated machines". I put it as a subgroup under the dynamic group "Windows Computers" 

    image.png.a7d287464f4d7f743553cb648b5298b5.png

     

    Then you can create another dynamic group called EDTD is not activated or license is invalid and also nest under Windows Computers. 

     

    image.png.6e0e428ba6806eead853ced8bd7ab642.png

    This will house all machines that do not have EDTD Activated yet. if you want to ensure that these machines stay activated with the EDTD license you can create an activation task that will trigger if any machines fall into this group >>

     

    image.png.b2cccdc743eabe019170cd5472fd59af.png

  9. never enable Interactive mode in policy per Marcos. If app is getting blocked, then enable override mode on affected machine (child policy for override mode) then manually set to Interactive mode locally on machine. Create rules and then if app is now working correctly switch from interactive mode to automatic mode.  request config and convert to policy. then edit your policy and turn off override option. If you have global policy that already already has firewall rules you can set this child policy to append along with your global policy. 

  10. @Nikos Antonopoulos 

    This is what I would recommend when upgrading from 6.4. 

    1. download the 6.5 server msi >>https://download.eset.com/com/eset/apps/business/era/server/windows/v6/latest/server_x64.msi

    2. Run the MSI to do upgrade over the top by using the defaults. If you get some kind of access denied then you will need to enter database user name. usually era_user and password is located in >> C:\ProgramData\ESET\RemoteAdministrator\Server\EraServerApplicationData\Configuration

    3. If you are running SQL Server express 2008 then you will need to upgrade that to 2014 at minimum. The all in one may do it. upgrades of SQL usually require reboot. 

    4. After reboot download the EP 8.x installer >> https://download.eset.com/com/eset/apps/business/era/allinone/latest/x64.zip

    5. run the setup.exe and try the upgrade all components option now. 

    If any of them fail just uninstall and then do install from all in one. Tomcat may need full re-install. 

    Also if you are running Java 32 bit you will need to uninstall and install Java 64 bit >> 

     

    https://support.eset.com/en/kb7088-install-esmc-web-console-using-jdk

     

  11. in the Policy only "Choose automatically" is the one that appears greyed out. This doesn't have anything to do with the application of policy. Is there an answer though still to >> 

    What is the difference between choosing "Choose automatically" and "AUTOSELECT" in the POLICY >>

     

    image.png.f6d2e263b182513a74eac4d643b59a61.png

     

    Issue2: the KB article is not correct as the instructions are not accurate. 

  12. OK. I guess I can wait some more to see if it hits that 3month mark. I know that these builds have been on Version 8.0 since it first launched. 

    Marcos. When did the very first version of 8.x come out for Endpoint Antivirus? 

     in the article >>  https://support.eset.com/en/kb7780-enable-or-disable-micro-program-component-update-in-eset-protect-8x 

    it shows after "Auto-update" the "choose automatically" in greyed out format. There is also option for "Autoselect". What is the difference between these two and should I be choosing one over the other?  

     

     I wanted to test stand alone machine that is not connected to ESET Protect. This article >>https://support.eset.com/en/kb7773-enable-or-disable-micro-program-component-update-in-eset-endpoint-products-8x  but the end of article titled "Enable Micro Program Component Update in ESET endpoint Windows products" is very confusing as the options for "Ask before update or Auto update" are not even present in the drop down menu's.   I did try implementing same settings in stand alone as I did the policy but stand alone system still did not update to 8.1. 

  13. i was informed that starting with Version 8.x we could now do automatic updates of the eset versions using program component update via policy in ESET protect 8.x. I followed the article accordingly >> https://support.eset.com/en/kb7780-enable-or-disable-micro-program-component-update-in-eset-protect-8x   choosing to "enable micro program component update" steps. I confirmed via request configuration from ESET protect and looked locally at settings on endpoint to confirm this was correct. The policy has been applied since ENDPOINT Antivirus 8.0 was initially installed in the network. 

    1. Since its been almost 30+days since policy was implemented shouldn't it have updated all my Windows 10 machines to EEA 8.1 by now? 

    2. in the article it shows after "Auto-update" the "choose automatically" in greyed out format. There is also option for "Autoselect". What is the difference between these two and should I be choosing one over the other?  I have tried both in separate policies but still no upgrade. 

    3. I wanted to test stand alone machine that is not connected to ESET Protect. This article >>https://support.eset.com/en/kb7773-enable-or-disable-micro-program-component-update-in-eset-endpoint-products-8x  but the end of article titled "Enable Micro Program Component Update in ESET endpoint Windows products" is very confusing as the options for "Ask before update or Auto update" are not even present in the drop down menu's.   I did try implementing same settings in stand alone as I did the policy but stand alone system still did not update to 8.1. 

     

     

×
×
  • Create New...