Jump to content

MichalJ

ESET Staff
  • Posts

    2,215
  • Joined

  • Days Won

    65

Everything posted by MichalJ

  1. Hello. There is no "vulnerability protection scanning" functionality in neither ESET Endpoint Solutions, or ESET PROTECT.
  2. Hello @Joshi - I will be interested in hearing more about the particular deployments of this product in your / your customers environment. For what they were using it? What kind of mail servers they have been using? We are discussing internally a potential successor, but no decision has been made yet. Your insights might be very helpful. You can message me directly over here, if you do not want to disclose details publicly.
  3. Hello, manually altering task execution results is currently not possible. You can rerun the task on the "failed clients", and if the correct version will be there, it should end up in "finished state".
  4. Hello, you should follow the steps in this help article: https://help.eset.com/protect_install/81/en-US/migration_same_version.html
  5. Hello, you mean that you want to point the ESET Management Agent to communicate with a different ESET Protect Server? Correct?
  6. However, this functionality is not enabled by default. You have to apply a policy for ESET Management Agent, targeted to group "all", and in the "Advanced settings" enable the setting called Report non-ESET-installed applications
  7. You can do it by simply removing the policy, or unassigning it. I assume, that what you did, is you enable the HTTP Proxy during the setup of the appliance. As a result, the policy was automatically created and assigned. You can remove the assignment. Just click on the policy, click "change assignments" and then select a target and click unassign.
  8. Hello, if you were looking for them in "applied policies" tab, you won´t find them there. What installer does, is it configures the endpoint according to those policies upon install, but not applies the policy. Policy can be applied only by the means of assigning it to a specific group / client.
  9. Hello @j-gray, I will try to help. Our EDR works in a way, that it requires a separate server with a separate console, however the "EDR console" is inteded only for incident investigation. Management / deployment / activation still happens in ESET PROTECT. So given the fact that you have already deployed ESET PROTECT environment, those are the steps needed: Install ESET Enterprise Inspector on a dedicated machine. You will have to connect it to your ESET PROTECT, as it uses single sign on between those two, and ESET PROTECT is the one that is also managing user access rights. On this machine, also install ESET PROTECT Agent (you will need it, for future updates). EEI server needs to be installed manually, you can´t do it from EP Server (not the first time). Once your EEI Server is installed and running, you can proceed with installation of a component called "EEI Agent". Even though it is named "agent" it is a very small binary, that just sends the detection metadata gathered by our Endpoints (Endpoint is the "AGENT" per se) to the EEI Server, where the detection logic resides. You will have to specify the EEI server connection details into the policy for EEI agent, that you can assign to group all (they will connect). Also, you will have to activate EEI Agent (If you have the latest version of ESET PROTECT, there is a context menu option called "deploy EEI Agent", that will do the trick for you). Once you have your environment setup, EEI detections will appear also in ESET PROTECT. From there, you can easily navigate to details of each detection. You can also access the EEI UI directly, if you are interested in just the EDR functionality. Hope that this helps. Michal
  10. Also, as of ESET PROTECT 8.1, you can click on the group name, in which you want to update the security products to the latest version and click "update".
  11. @Martin Sabo - technically, it will support them by the means of having older (still compatible version) of ESET Management Agent installed on the affected systems. They will still communicate, but won´t be upgradable to the latest 8.x agent version. But statuses, and control will be possible, at least until any breaking change in communication protocols.
  12. Hello, what is the reason for which you would like to disable the automatic updates of the management agent? It is possible to disable it via policy, by setting the "automatic update" toggle to "off" (but we do not recommend this).
  13. Hello, EDTD is only included in ESET PROTECT Advanced, Complete, Enterprise + is available as a standalone product for purchase. In order to enable EDTD, you have to activate it using a product activation task (EDTD license should work for EFSW the same way as it works for Endpoint) and enable it via policy (which you indeed did, as otherwise you won´t be getting that error).
  14. Hello, you can target a task to a single computer, static group (even group all), dynamic group, or multiselect all available computers in a view. One option how to filter "only connected" computers, is to navigate to dashboard "computers" and select the ones that have "relative time interval" value "today", and then click on any "computer name" and click "open in computers page". That would filter you out only the active / connected computers, however is limited to 100 rows only. I have talked with the devs, and they have told me, that it will be possible to add such filter also in the main "computers" view (most likely in some future releases). What you can also do, is to create a new report template, with symbols "computer name", "last connected" and filter it out by "last connected - relative time interval" set to "last day". That will filter out only the machines, that have recently connected. Template for import is attached. Report Templates export 2021-07-08 09-54-22.dat
  15. Hello, currently it is not possible to set a "baseline / target version". The report template you show is not editable, and it simply compares the installed version vs. the latest available version in repository. So if 8.1 was released, anything below (including 8.0) is considered as not latest = outdated. We plan to adjust this, to reflect the "support state" of the application, meaning latest / fully supported / limited support / EOL, however I can´t currently provide an exact timeline. I have reported this to our UX / PM teams.
  16. Hello, Protect Server V8 is able to manage agents on version 8.1. However, when you have executed "upgrade" via the help menu popup, it should have updated also the server, so I would check the task execution, for possible errors.
  17. Hello, what you mean by IBM SOAR? As of now, we do export data to IBM SIEM - QRadar, however there is no purpose build connector to IBM SOAR product.
  18. Hello, server is restarted during the upgrade process, however as soon as the upgrade is finished, all machines should start connecting again.
  19. Hello @Amafito It seems to me, that the MSP has incorrectly setup the certificate, which is untrusted by the device. I have forwarded it to the respective colleagues, which might suggest what needs to be done on the MSP side, so you will not get any errors. Regards, Michal
  20. What do you mean that EDTD needs to be enabled manually? EDTD enablement consists of two things: Policy setup - you can create a policy for EDTD and assign it to a group all. It will enable it on all devices. Activation task - you can target it as well to all of the computers. Also, you can do it this way: Select your computers In the footer click "actions" and choose "activate EDTD" NOTE: If you mean, that the "computer details" screen does show you option to "enable EDTD" even when EDTD is enabled - this is a bit of a design glitch, that will be addressed in the future versions.
  21. Just a note, @Cruz I have contacted our documentation / MKT teams, to include the information about the fact that EFDE is not just a management of Bitlocker, but it uses our own encryption engine into our documentation. Therefore, you can install it on any compatible operating system, regardless whether it includes Bitlocker or not.
  22. Hello @endpointandcats You do not have to select the configuration during the installer creation. You can simply assign all of the relevant "policy templates" (or custom made policies) to group all (or any group or even an individual computer), which means that the resulting configuration would be created as a merge of those policies. Alternatively, you can create your own custom template, where you configure the product as you want, and then you choose this template during the installer creation process. Please note, that there is a difference between a configuration and policy. Configuration sets the values to the desired state, but does not lock them on the client (if the local user has admin rights, he can change the settings). Policy on the other hand, if setting has "apply/force" flags set, would lock the setting, and prevent it from being edited. Hope that this helps. Michal
  23. You can run a report "scans executed in last 30 days", where you will see the high level data + in case something was detected, you can filter out detections from a particular scan.
  24. Hello, @Alexander Lai Basically what EBA tells you, is that you can´t setup the "ESET PROTECT CLOUD" (cloud based management console) with your existing license. If you want to use it, you will have to purchase some eligible license. If you have no intention to manage your devices, then you can simply ignore that message. If you want to upgrade, you can ask for upgrade of the existing license.
×
×
  • Create New...