MichalJ

ESET Staff
  • Content count

    791
  • Joined

  • Last visited

  • Days Won

    31

MichalJ last won the day on May 24

MichalJ had the most liked content!

2 Followers

About MichalJ

  • Rank
    N/A

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

898 profile views
  1. I would recommend to contact your local ESET office with a customer care request. Specific Linux questions might need to be handled by developers as they are out of reach of the forum staff.
  2. I would suggest upgrading to 6.5 (both server & agents). Also, please let us know on which OS (Windows / Linux / Appliance) you have deployed your ERA Server).
  3. Hello. ESET Security for SharePoint is not included within any bundle. We have two licensing options (per user / per server). Detailed pricelist should be obtained from your local ESET distributor.
  4. Hello, You can use report "detailed quarantined objects" to display data per computer (basically one line, per one threat, including computer name). In here you can add filters by computer / computer name, static group, or even a mask (endpoint / server). Also define "time of occurrence conditions", from - to. So it provides extensive filtering. You can find this report in reports section of ERA UI, or add it as a custom dashboard element when needed. We will track improvements to filter also by "threat type", for both quarantine reports. Exclusion is configured on the machine, written by Endpoint locally to the list of exclusions. This however does not work, when there any other exclusions set via policies (as the exclusions becomes read-only on the local client). Change is planned for V7 (Q4/2017), where also option to exclude from "threats view" is coming, that will map the exclusion directly into the selected policy. Maybe last question. Which ERA version are you using? (you can locate the precise version in "About" section of ERA webconsole".
  5. Hello, you can add such address to the whitelist (sender) or exception list via ESET Remote Administrator policy (basically you have to enable global lists, and apply to the clients, where those are flagged as SPAM). Details here: http://help.eset.com/ees/6/en-US/index.html?idh_panel_smon_edit_wlbl.htm http://help.eset.com/ees/6/en-US/index.html?idh_config_smon_addrlists.htm
  6. Hello, In ERA 6.5 a new column in computers table is added, which is called "remote host", which should include the public IP of the computer. This is disabled by default ( Column contains reverse DNS lookup or remote IP.). NOTE: The logic behind is similar as in case of ERA V5. Regards, Michal
  7. If EFSW (as you mention servers) is still installed, it also uses the license. You can either deinstall EFSW, to remove the license, or if the machines are no longer existing, just deactivate the entries for them via ESET License Administrator, after logging with your License ley and ELA password provided by e-mail from ESET.
  8. If you access your ELA as "security admin" and your endpoints were activated by key (directly / from ERA) you are not able to do this. We will change this behavior in ELA replacement later this year. As of now, login to ELA using the License KEY and ELA password provided in the e-mail from ESET and it should work as expected.
  9. @Alexandyr can you please provide more details abut your use-case? Why you want to have Policies 1 on the Group1, and not on the Grpup2, which is a member of the Group1 (basically a sub-group of Group1). The concept of ERA V6 policies is architectures on the concept of sub-ordinance and inheritance, that you configure the ones on top, which are always overwritten by the ones lower in the hierarchy. Eventually solution would be, to create a Policies2 applied on Group2, that will overwrite the Policies1 settings, to the ones, that you want to have on Group2 (for example enforce defaults, or opposite settings to the Policies1 settings). This would work only in case, when the Policies1 uses the "apply" and not "force" flag, which prevents the policy hierarchy rules to take place.
  10. Hi Jim, Does this combination of report symbols work for you?
  11. Hello, this is one of the confusions in the current ERA that needs a bit of an explanation. "Active threat" does not equal "unresolved threat" (in the user interface of ERA). "Active threat" = is evaluated on ERA agent, as soon as reported by Endpoint (threat handled = no) and the only way how to remove it, is by running in-depth scan with cleaning enabled. If such scan does not confirm the infection still present on the computer, the "count" is cleared. "Unresolved threat" = is reported to ERA server (shown by ERA UI). Every new threat reported, is marked as "unresolved" when it arrives to ERA. Only way how to resolve it, is to do it manually by user-action. Resolving the "Unresolved thereat" does not remove "active threat". For the next version of ERA (towards the end of the year) we are planning changes of the behavior, that handled threat, would be automatically marked as resolved. Hope that this makes a bit more clear.
  12. In general, you can create a dynamic group for computers with unresolved infections. "computers with active threats (choose corresponding conditions, active threat, threat handned = no) On top of such group, you can assign a firewall policy, that would block all network traffic, with the exception of the ERA agent, so in fact the computer is isolated from the network, and would prevent the infection from spreading.
  13. When performing an upgrade from V 5 to V6, previous settings are kept. If you assign a policy, only the settings with "apply" flag are applied (you would notice policy enforced setting on the local client by seeing a tiny "lock" next to the setting. Final configuration of the Endpoint, could be requested by a corresponding task. It is a result, of all applied policies, respecting policy inheritance / application order + settings applied locally on the client (not set by any policy, but still in local configuration). I would recommend checking documentation related to this topic: http://help.eset.com/era_admin/65/en-US/index.html?admin_pol.htm Related to your feedback abou lack of explanation for various settings, I will send them to our documentation team.
  14. It depends on the form of licensing. For terminal server, ESET Licensing policy tells, to buy a one seat per one terminal session. In your case, if you are using a standard license for ESET File Security (or a bundle license), you are paying by conversion where one "seat" (unit) = one physical server instance (one protected OS instance). You are not behaving according to ESET license recommendations, however you are not overusing the issued license, as that one is "per server". Details are listed here: http://support.eset.com/kb2667/#q5
  15. For the first use-case = no ESET, it willl not work, as DG confitions are evaluated by agent, on the local computer. You can also use filters in the "Computers" section, to filter "unmanaged" clients. For Endpoints, the example above should work for example. Some are also in the documentation.