Ufoto

Hi Marcos,
I understand that this is the first time you are pushing updates this way, however I wanted to ask whether there will be a more official channel where we can track when a new version will be rolled out. Additionally, having the option to change that time frame would be ideal as in my opinion using an outdated version for nearly two months is too much. A month should be more than sufficient for any critical issues to surface. 

Hello, we were considering this when renaming products and somehow concluded, that "File server" in this scope is still more suitable - it is not a role of the server itself, but it somehow presumes that former ESET file Security / ESET Server Security is used on such servers. But we will most probably rethink this...

What you can do, is that you can pull the configuration from a selected client, where the learning mode was running (via computer details / configuration / request configuration) and once that is done, you can convert it into policy, and apply just the particular FW rules, that you want to apply to the rest of your network. 

Thank you, I now understand what and how I need to apply the policies.
Have a great day!

Back in this post, I asked how I could figure out which computers didn't have EDTD activated:
 
None of the tips did what I needed, but I just figured it out. I have a Static group of clients that have EDTD licenses, but I couldn't figure out a way to quickly figure out which had EDTD and which didn't. If I add a new computer, it doesn't throw errors about EDTD not be activated, so I can't do a group based on that. 
 
Here is what worked:

Hello @Ufoto
Tags are currently not available to be used in "dynamic group templates" as those are used for "agent side automation" and meaning the particular data, needs to exist on the "agent side". Tags are applied on server, agent is not aware of their existence. 
If you want to do it for quicker filtering, you can easily create "filter preset" that will filter out only machines with particular tags. And over the selection, you can then execute tasks, however with the issue, that those won´t happen automatically. 

I know it is an old topic, but since there is no resolution yet, I decided to share the workaround I found.
Although you can't create Report or Dynamic Group template based on missing EDTD license, you can do the opposite - create such for systems having it activated. 
So what I did was to create a Dynamic Group which collects all systems with applied EDTD license and then I tagged all devices inside this group with a specific tag. I did this over the course of few days in order to make sure all active systems have the tag. Then you can identify systems which don't have the tag (thus don't have EDTD activated or offline for a while) by simply ordering the systems in the 'Computers' view by Tags.
I hope this helps some other struggling souls out there

If you are seeing fewer systems in your Protect console compared to your total licenses in use, it usually means that you either licensed some devices which are not managed, or you deleted managed devices without revoking their license.
In such cases you can login to your ESET Business Account and see which devices are using each license. I tend to sort them by last communication as often the ones offline for longer are some decommissioned devices we totally forgot about, but this occupy a license. In the same portal you can revoke the licenses from such devices which reduces your used license count.

No, you can upgrade straight away. The only issue is in our internal reporting mechanism, when it shows different "latest" version for applications previously upgraded / installed via "software install task" and different versions for applications upgraded via "micro PCU / Auto Updates" functionality. 

I'm seeing the same thing and have the same question, though I'm seeing more mixed results.
Versions 8.0.x also show 8.1.2037.2 as the latest application. However, we have some random old 7.x versions that pop up online and they show version 9.0.232.2 as the latest available application version.

Hello,
I am preparing few environments for upgrade to Endpoint Security 9 and I noticed something strange. Clients running the previous version of the product (8.1.2031.0) list only 8.1.2037.2 as Latest Application Version when you click on installed applications. While clients on 8.1.2037.2 display version 9 as latest version.
This makes me wonder - is there any compatibility issue I might not be aware of? Can we safely upgrade 8.1.2031 clients to version 9 directly, or do we have to upgrade them to 8.1.2037.2 first? I guess this is just a visualization problem, however I wanted to be sure before I start upgrading production environments. 

Hello, it´s possible that your instance has not yet been upgraded to the latest version (upgrades are pending now as we speak). In that case, you can find this "ESET Solutions" tab within "preview features", which is located in the "quick links" menu in the top bar of ESET PROTECT Cloud Instance. 

Hello. Currently, it is a bit difficult, to determine, which computer has EDTD activated and working. Your are right, that in the past, it worked in the following way: 
You enabled EDTD via policy If the EDTD was "not activated" on a particular machine, it reported an error  Based on this error, you can group such machines in a dynamic group  You can have set "activated EDTD" task on top of such dynamic group that will enable it Currently, the "error" state was removed, and EDTD does not report that type of error it is not activated. Per my knowledge, this was due to some architectural changes, and moving towards "more proper" reporting of feature states. Last update I got from the developers was, that we are working on a better way, that will be most likely implemented in next releases. 
One IDEA is use "ESET Solutions" tab, and over there you will see, how many have EDTD active, and how many does not have it active. You can click "Deploy", which should do both the enabling, and activation in one step. 
Sorry for the inconvenience, and stay tuned for the updates, when the proper solution gets implemented. 
 

Currently we are working on a new version 7 for Mac, support for EDTD will be most likely added in 2022.

The "Enable" button currently doesn't change state. Since it's confusing now for users, we plan to change it in future versions.
To find out if files are submitted to EDTD for analysis, open the "Submitted files" window and check the information in the "Sent to" column. Undetected files that might potentially carry malware are submitted to EDTD while already detected files are sent to LiveGrid:


You can also find this information on clients:

Hello @Ufoto
As of now, this is indeed not possible. I assume, that you are a reseller, and you have more than one customer, that has their own EPC instances. As of now, you will have to have a different aliases for every such instance, as one "EBA USER" can be linked only to one EBA instance, and one EPC Instance. 
We are working on a new reseller focus portal, which will allow you to have a "service level login" to all your customers EPC instances. So yes, there is plan to add multi instance access, however I can´t confirm exact timeline at this moment. But our target experience is similar to the one you are referring to. 
Regards,
Michal 

Hi Kostadin,
If you set policy via Protect, you can't change that locally. 

Password protected settings are meant in case you're not managed or some settings are not managed... If you set every setting like that (even defaults) from Protect, user can't change that.
On Mac, ESET Agent password protection is not present. To limit/protect against uninstallation ensure, that users are not administrators (root access) of a machine. In UNIX world, root can do everything. 

Component upgrade task upgrades only ESMC/EP components, as is ESET Management Agent, ESMC Server and ESMC WebConsole, but it does not upgrade other, especially third-party components as is Apache Tomcat, Apache HTTP Proxy or MS SQL Server.

Thus benefit of performing manual upgrade using all-ine-one installer for Windows, or performing upgrade ot EP/ESMC Appliance using "migration" to new version, is that also third-party and and possibly other support tools are upgraded. Also note that manual upgrade is less prone to failures caused by environment issues, as are those network related, but also those caused by missing dependencies (for example minimal supported version of OS or database itself).

My recommendation would be to perform manual upgrade, as it is fairly simple from users perspective, and it offers more control. Also I would recommend to perform database backup before doing so, but hat should be case also for automatic upgrade.

Hello @Kostadin_k,
EFDE for mac utilizes FileVault because there is no other way to FDE macOS. Apple prevents its system to use FDE from 3rd party vendors.
EFDE for win is a different story. Microsoft allows for vendor´s proprietary encryption and we have this covered.
So we are pretty much covered on both macOS and Windows. But yes, adding Bitlocker management to ESET Protect (Cloud) is an option, but even if we go this direction in the future, it will not work as seamlessly as you described. Taking over management of an already encrypted machine is more than complicated because of recovery password that belongs to a particular encrypted system. Migration of these recovery passwords from Active Directory (where Bitlocker stores them)  to our console followed by a seamless "takeover" of the machines by the console is very complicated (if even possible).
At this moment, adding management of Bitlocker to our EFDE/EP(C) solution is not on our roadmap.
Ervin Rendek
PM for Encryption solutions

Hello guys,
thank you for your reports, I checked it with the QA and Dev, they are aware of this issue.
Once the upgrade fails, can you please collect the logs as described at https://support.eset.com/en/kb3404-use-eset-logcollector-on-macos-and-send-the-logs-to-eset-technical-support?ref=esf 
upload them to a safe location and send me a private message with the download details and reference to this forum topic? 
 
Once you do, the work-around is to disable the Web access protection to apply the upgrade.
 
We apologize for the inconvenience caused,
Peter

Hello, in case you mean "ESET Full Disk Encryption", then the answer is yes, as this is managed via ESET Protect / Security Management Center Server / agents, which use HTTP Proxy. If you want to use ESET Endpoint Encryption, with a dedicated server, then this solution uses a separate Cloud Proxy component. 

Good afternoon,
I am a technical support engineer for ESET's Encryption product family.
You have mentioned a few things that I feel need clarifying, some of which may require in-depth explanations in order for you to come to your own conclusion on how best to deploy ESET Endpoint Encryption in your own environment.
First I feel I need to address an important concept regarding ESET Endpoint Encryption. EEE uses a "cloud proxy", which is our patented technology which simply acts as a pigeonhole (or middleman) for communicating commands/client updates between the EEE server and EEE client workstations.
If your environment has an Internet proxy to control traffic, then you will need to add your proxy details to your EEE Server.  For complete details on this, please read our article here: KB7607 - Add internet proxy server settings to ESET Endpoint Encryption Server
Providing everything is configured correctly, your EEE client workstations will be able to communicate with your EEES (through the cloud proxy) as normal.
Regarding your questions about deployment, I am not familiar with deploying EEE from ESMC itself, but I know there isn't a repository for EEE, so it cannot be installed that way. However, the EEE Server has a "Push Install" feature which allows you to install the EEE client (MSI) on clients across the network.
Sadly this may not be suitable, as you said your users never connect to your internal network. In which case I would ask, how do you currently manage software deployments for users off your network?
Regardless, EEE's installer is an MSI file, which can be easily deployed through 3rd party tools. Just ensure your Workstation Policy is configured correctly before generating the MSI for the endpoints, as the Workstation Policy is bundled into the MSI itself. Additionally, depending on your requirements you may need to create a separate Merged Installer for each Workstation Team you have set-up in your EEES. 
I hope this sheds some light on your situation and what you can do to deploy EEE in your environment.

For Endpoint v8 you can find a changelog on the download page or here: https://forum.eset.com/topic/26629-eset-endpoint-products-for-windows-version-802028-have-been-released/
ESET PROTECT and ESET PROTECT Cloud are to be officially released later today. At that time a changelog will be available on the standard channels (ESET's website, forum, etc.).