Jump to content

Ufoto

Members
  • Posts

    44
  • Joined

  • Last visited

Posts posted by Ufoto

  1. Thank you for your response. I am looking forward to this new reporting feature. 

    I am having difficulties finding this 'ESET Solutions' tab. I couldn't find it in the dashboards or reports. The only place where I can see a number of EDTD seats is the ESET Business account 'Activated Devices' and then I can export a CSV with all EDTD activated devices, however it is really hard to compare it with the total list of managed systems in order to spot the differences. 

  2. Hello,

    We have a ESET Protect Cloud which is synchronized with AD using AD connector. Initially the connector imported all computer objects as unmanaged devices which is what we expected. However now that we started to deploy the ESET Agent we noticed that the unmanaged entries are not disappearing when a computer becomes managed. Instead there are two entries for such devices - managed and unmanaged one. 

    Could you let me know if this is the expected outcome? Should we manually delete the unmanaged entries once systems are provisioned? I expected the entry to be merged as it shares the same hostname and LDAP location. 

    Thank you in advance!

  3. Hello, 

    We have a ESET Protect Cloud tenant where I initially set the EDTD to be activated in the following way: A dynamic group with criteria 'Functionality/Protection problems . Problem is one of {ESET Dynamic Threat Defense is not activated or license is invalid.}' was supposed to capture any devices where EDTD is not activated as we have it enabled in all relevant policies. This was working during our tests so I left it to do its job. However, upon checking now, only 1/3 of the devices are activated. And going through some of the unlicensed ones, I no longer see this error code on any of them. 

    Were these error codes removed? If not, do they have any other prerequisite apart from applied policy with EDTD enabled and installed Endpoint Security?

    Another question I am struggling with is how to identify systems missing EDTD now? In the reports builder I can easily create a report with systems which have EDTD license applied, however I can't find a way to get as a result only the systems which don't have this license applied.

    Apologies for the long post, many thanks.

  4. Hello,

    Apologies if this question was already answered, but I couldn't find any solid explanation. 

    Is the Mobile Device connector available for all business bundles? Is is safe to assume that if you have a ESET Protect Server managing business product you are automatically eligible for Mobile Device Management, or does it require a specific license? According to the documentation the Mobile Device Connector should be licensed with a licensing task, but there is no mention for the license type.

    Additionally, how does licensing for the mobile devices work? Are they sharing the same license count as other products? For example under license management I can see separate licenses for ESET Endpoint Security + File Security and ESET Full Disk Encryption, but I don't see any for mobile devices.

    Thank you in advance!

  5. Hello Martin,

    Thank you for your prompt response. If the functionality is not affected I would prefer staying with the current version as we have a lot of users which can't connect to the ESET Protect server directly and I don't want to risk messing up the HTTP proxy and losing visibility over them.

    What I find really difficult is to check whether my proxy is up to date. With the old ERA proxy you were able to see it as installed product and you can see what's the version of your proxy and what's the latest one available. But with the HTTP proxy, I can't find anywhere in the documentation which proxy version should be used with ESMC/ESET Protect and how I can check it.

  6. Hello,

    We have an ESMC Server in our internal network and public facing HTTP proxy for roaming clients. I just finished the upgrade of the ESMC server to ESET PROTECT using the all-in-one installer. I wanted to do the same for the HTTP Proxy following this guide: https://help.eset.com/esmc_install/70/en-US/apache_http_proxy_upgrade.html?upgrade_apache_http_proxy_windows_instructions_allinone.html

    However, when I run the installer it does not detect that there is a HTTP Proxy installed therefore I can't proceed. I am aware that there is manual upgrade process, but I just wanted to check with you guys whether an upgrade is necessary at all. I can see that roaming clients already started to communicate through the proxy. Looking at the Apache service details, the version is 2.4.43, is this version supported with ESET PROTECT? Would you expect any issues if I leave it as it is?

    Your advice will be much appreciated.

     

  7. Hello,

    We recently added ESET EDTD and I am not sure how to verify whether it is working, or not from the ESET Protect console. 

    The EDTD license is visible in the list of activated products for the systems, and the policy is set to have ESET Live Grid Feedback system and EDTD to be enabled. However, when I go to the endpoints details, the attached screen is not changing. 

    Should this screen change to something else? How can I verify that EDTD is actually working on endpoints?

    Thank you in advance!

    Captureedtd.PNG

  8. 2 hours ago, MichalJ said:

    Hello @Ufoto

    As of now, this is indeed not possible. I assume, that you are a reseller, and you have more than one customer, that has their own EPC instances. As of now, you will have to have a different aliases for every such instance, as one "EBA USER" can be linked only to one EBA instance, and one EPC Instance. 

    We are working on a new reseller focus portal, which will allow you to have a "service level login" to all your customers EPC instances. So yes, there is plan to add multi instance access, however I can´t confirm exact timeline at this moment. But our target experience is similar to the one you are referring to. 

    Regards,

    Michal 

    That sounds great! I hope you implement this soon, it will make managing different instances much easier. 

  9. Hello,

    We have two customers who want to grant me access to their ESET Protect Cloud instances. We created a new account with my email address for the first one and I was able to access their instance, however when the second customer tries to grant me access it says that the email address is already in use. 

    Is there any way around this apart from creating dummy emails for each new login? Are there any plans to add multi-instance access? For example another vendor we work with allows you to log in with your account at their cloud portal, and then if you have access to multiple customers you simply have a drop-down menu with all tenants you have access to (even for non-MSP customers). 

  10. 22 minutes ago, Matus said:

    Hi Kostadin,

    If you set policy via Protect, you can't change that locally. 

    image.png

    Password protected settings are meant in case you're not managed or some settings are not managed... If you set every setting like that (even defaults) from Protect, user can't change that.

    On Mac, ESET Agent password protection is not present. To limit/protect against uninstallation ensure, that users are not administrators (root access) of a machine. In UNIX world, root can do everything. 

    Thank you, indeed locking the settings is something I didn't think of. We can implement it like this, the only downside I see is that when you have the password protected setup, if an administrator needs to change something locally, he can provide the password and do it, while locking the setting makes changes possible only through ESET Protect. Still this is much better than leaving the settings editable.

  11. Hello,

    We have a number of macOS devices managed by ESET Protect and I was wondering if there is a way to prevent users from changing settings (similar to the password protection in Endpoint Security for Windows) as I don't see similar option in the macOS client policy? Is there any other way to prevent users from simply stopping all product functionalities? 

    Additionally, could you confirm whether the ESET Agent password protection against uninstall work on macOS?

    Thank you in advance!

  12. Hello, 

    We are currently running ESMC 7.2 server with a HTTP Proxy in DMZ serving external clients. I would like to upgrade to ESET Protect 8.0 and according to the documentation there are two ways - manual, and via component upgrade task (https://support.eset.com/en/kb7701-upgrade-eset-security-management-center-72-to-the-latest-eset-protect-8-via-web-console and https://support.eset.com/en/kb7702-manually).

    I just wanted your expert opinion whether there are any benefits in doing the manual upgrade over the automatic one? The server was initially installed using the all-in-one installer. Are there any additional post upgrade steps in order to ensure everything is up to date?

    Additionally, regarding the HTTP Proxy, I suppose it should be upgraded manually as I don't see it as installed application from the console?

    Thank you in advance!

  13. Hello,

    Since Full Disk encryption for Mac utilizes the built-in encryption provider FileVault, I was wondering if there is similar option for Windows.

    If we have a number of systems already managed by BitLocker, is there a way to take over the management using Full Disk Encryption, instead of decrypting all devices and then encrypting them with FDE? 

    I am posting here because I was not able to find information about such option online.

    Thank you in advance!

  14. 16 minutes ago, Marcos said:

    To troubleshoot firewall related issues when pausing the firewall helps, use the firewall troubleshooting wizard (available only on Windows).

    On Mac you can try switching to interactive mode and creating rules when asked about network communication.

    Thank you, just one last question - Are Macs supposed to report blocked connections in the 'detection and quarantine' section like Windows devices do? 

    Yes, interactive mode is an option, but I can't really rely on users to understand what they are allowing. I guess they will just allow everything.

  15. 38 minutes ago, Marcos said:

    The dat files are intended for analysis by ESET staff. The only way how to view the dat files is by replacing the original dat files, e.g. in a virtual machine.

    Thank you for the prompt reply. 

    I understand. In your opinion, what would be the best way to troubleshoot firewall related issues on my own then? Is there a way for me to look at the firewall activity for a specific system using the ESMC

    We are just starting the deployment and I believe that this issue with MS Teams is just the beginning so I am looking for a way to quickly identify what exactly was blocked on an endpoint in order to start building firewall rules. 

  16. Hello,

    I am troubleshooting Mac users who reported that some Office functionalities are not working when the ES personal firewall is enabled. Since there is no events under 'Detections and quarantine' (although 'Log all blocked connections' is enabled), I ran the Log collector remotely through the ESMC interface. 

    I tried to review the 'Firewalllog' found in the 'esets_logs' folder, however the log file seems to be a binary file. Is there a tool I need to have installed in order to open the .dat file and check the firewall activity? 

    Thank you in advance!

×
×
  • Create New...