Jump to content

MichalJ

ESET Staff
  • Content Count

    1,756
  • Joined

  • Days Won

    55

MichalJ last won the day on August 12

MichalJ had the most liked content!

Profile Information

  • Gender
    Male
  • Location
    Slovakia
  • Interests
    customer problems, but besides that cycling, architecture, and everything that rides, flies or floats (transportation industry)

Recent Profile Visitors

5,076 profile views
  1. @eset_user Just to double check - you want us to prevent / block phone from being switched off by a power button? Also, protect such action by a pin code? Correct?
  2. Trace log won´t help. Basically this notification is generated in case when either a referenced repository package in software install task is not available anymore, or referenced license does not exist. You can navigate to "status overview" section which should tell you at least the number of invalid tasks. We are tracking improvement for the future, to be able to filter out such objects easily in the respective view.
  3. I have requested some advice from our documentation/support team, as I do not have any recommendations by myself. In general, common practice would be to simply limit the ports to the ones needed for ESET. List is available in the KB article - https://support.eset.com/kb332/. If the webconsole is accessible from the outside, for sure use the 2FA, and refrain from using default Administrator account, for which set exceptionally strong password.
  4. I have to say, that I am now confused. If you have ESMC, and your clients are managed, that would mean that the agent is installed already on the target systems. So then you do not have to do anything, just enable the policy. There are co applications needed on the client computer for managed ESET to work properly: ESET Management Agent (responsible for maintaining the communication with ESET Security Management Center) ESET Endpoint Security / Antivirus / File security, which is delivering the factual protection on the target system If you do not have ESET Management Agent (Or Remote Administrator agent, in version 6.5 & older) installed, you can deploy it either via the batch script, or deploy the MSI installer using GPO / SCCM, or use the remote deployment tool (to give you better advice, we will need to know your network topology).
  5. 6.5.2107.1 is not a valid agent version number. Agent released within the version 6.5 was 6.5.522.0. And this agent should be able to install the latest Endpoint. If you have encountered any issues, please contact ESET customer care. However, if you have already upgraded the agents to version 7 you did the right thing.
  6. Deploy agent Configure the password protection policy for it (for agent) Configure the password protection policy for all of the security products deployed
  7. The best things to do is to: Password protect the install of Endpoint Password protect the install of Agent Make sure the self-defense of Endpoint is enabled (it protects also the process of the agent)
  8. If you want to prevent local users from modifying settings and uninstalling ESET, the simplest way is to set this via policy. You can configure password in policy per individual application (Endpoint for Windows, and others). So just setup your ESMC, deploy agents, and configure the password protection policies.
  9. You can download the standalone mac endpoint installer at eset.com (download section). Specifically here: https://www.eset.com/int/business/endpoint-antivirus-mac/download/ Installation works in the way, that when you choose a product you want to install, agent will connect to ESET Repository (cloud download server), and will download and installed the respective product. You can cache installers by a proxy server placed in between, to optimize a network traffic. With regards to the appliance upgrade, instructions are available in the documentation: https://help.eset.com/esmc_deploy_va/70/en-US/va_upgrade_migrate.html
  10. What Marcos said is correct. You should update your agents, if you keep the old agent installed on the system, it might reduce your user experience (not all of the data will be reported, for example Hardware Inventory). I would recommend to upgrade your agents, via "component upgrade task". With regards to the question - it should be possible to install latest Endpoint 7.x also using ERA 6.5 agent. Repository error should be further troubleshooted, as there might be multiple issues that might occur. Are you also sure your proxy is working correctly? AFAIK the old 6.5 agent was having issues to "bypass" (connect directly) when Proxy was offline.
  11. Thank you for your response @Voyager3 With regards to how to get the data (at least portion of it), I would recommend to duplicate a report template "high severity scans in last 30 days", and remove the severity entry from the filters (edit report template, navigate to "filters" and remove the severity filter set to "red" only). Then you will see all of the details, from all of the scans, regardless whether they have been triggered by task, or something else (including a context-menu scans, or ones triggered by scheduler). You can easily place it on the dashboard if you want to have this directly available. Concerning your last questions, turning it on is not currently possible. I will investigate with the development team, whether this could be theoretically achieved, but even if yes, it would take some time to get it implemented.
  12. @display3958023 The reason is simple. All in one installer is available only for Windows. Information is available in the help of ESET Remote Administrator: https://help.eset.com/era_admin/65/en-US/deployment_scenarios.html?fs_local_deployment_aio_create.html In case of a mac product, you can either generate an agent live installer script, or deploy the agent installer manually. Installation of the security software product can be then performed using a software install task. PS: I would strongly recommend to upgrade your server to ESET Security Management Center V7, which was released more than a year ago.
  13. Hello, I will get in touch with our team, to get you the information. Based on our Product Management research, it would be a merge of 2 & 3 (so ESMC running in a MSP datacenter / collocation, accessible from the internet, either via proxy, or some other solution). Details are in our documentation: https://help.eset.com/esmc_install/70/en-US/?arch_proxy.html Of course, you can use any 3rd party proxy you have, you just need to configure it in a way, that it will allow communication of ESMC Agents with the server (inbound) and ESMC access to various ESET services.
  14. In general, for the MSP / MSSP use-cases there are three options: Host it in a public cloud, where agents will be able to see the server over public internet (we have for example Azure image available, however after deployment this should be upgraded to ESMC 7.0). Make your private cloud instance accessible from the internet (the port on which ESMC server is listening to agents). Use HTTP Proxy, for forwarding the connections from the outside, if the server is not directly visible from the internet.
  15. Yes, it´s purposefully a "less comprehensive product" in some ways (but more comprehensive in others) as in general ERA 5 was just collecting all of the logs, that prevented it´s scaling and achieving some more advanced use-cases, full drill down report assembly, etc. What might be interesting is, what you do with the data you get? If you get the "full log", what are your follow up actions? In ESMC you can have a report "scans in last 30 days" (that you can edit for your configuration, or create a custom report template), place it on a dashboard, and then drill down into the details. It won´t give you all of the details, but you will see when, what, and what was actually detected. We can always extend the information is proven doable and there is a rationale use-case behind it. If you want, can you give me more details about your organization, like the amount of computers and your particular role? It´s sequential to the question about "checking scan-logs for files that have not been scanned". I am trying to understand your motivation for what you are doing. Thank you, Michal
×
×
  • Create New...