Jump to content

MichalJ

ESET Staff
  • Posts

    2,377
  • Joined

  • Days Won

    70

Everything posted by MichalJ

  1. Hello. The licensing is the same for cloud and on prem. So when you have upgraded your license, it has upgraded it on all active endpoints, regardless if they are connected to the cloud version or on premises version. Even if you uninstall ERA from the on-prem server, but do not remove ESET from those other 11 machines, they will continue being counted. The best thing would be to login to EBA, deactivate all devices, and reactivate only the ones connected to ESET PROTECT Cloud, using the console activation task. Unless you have some more machines to migrate.
  2. Hello, there will be soon a new version of the virtual appliance, that will be based on the Rocky Linux 9.
  3. It´s actually pretty simple. ESET PROTECT Is built with concept of "task reusability" in mind. So you can create a task, for "disabling protection" (type run command, use the command from the example from Marcos). Then the only thing to do, is that you click on the device in ESET PROTECT, and choose option "run task". Find the one pre-created (you can name it as you wish) and execute it. However, as Marcos stated, this is not something that users / admins should be doing, as disabled protection is disabled protection. Therefore, it´s not as straight forward, but could be done that way.
  4. For such behavior, you need to create two different dynamic groups. One for the Endpoint, one for the Inspect Connector. For ESET Inspect the below example should work, for standard Endpoint just change the "source" to "security product". Hope that this helps.
  5. Hello @Glitch absence of this functionality is due to a bug. It will be fixed in next hotfix of EP 10.
  6. Hello @PMIadmin can you please share details about as what kind of detection the CW Control is flagged with? I would expect, it would be some kind of Potentially Unsafe Application, as despite being a legitimate software, RMM / remote connection tools are many times misused by attackers to gain control over the victim´s computer. We will need to investigate the reasoning further, but based on my experience if specific application was misused like this in the past, we keep flagging it as unsafe. https://blog.morphisec.com/connectwise-control-abused-again-to-deliver-zeppelin-ransomware
  7. Hello, transition of an endpoint to a specific group / company, does not change the license automatically. You can schedule a regular recurring "activation" task, that would reactivate the endpoints with the correct license. Or you can do it in a way, that you will create a dynamic group, that will be checking if Endpoint does not have a correct license (new dynamic group template, condition for "Activation / License public ID" is not one of and specify a license. It would require some manual work, but since then, you can easily automate the license deployment. I will check with product managers, whether this could not be automated, so license is changed, depending on company / group membership, in case of MSP automation.
  8. Hello, maybe @Kstainton will be able to provide some advice. However, if you plan to use "EFDE", the boot password is the only way of working (comparable to BitLocker, where the encryption pre-boot password is tight to the device, not the user). Also, as the encryption is a system demanding process, it should be acknowledged by the local end-user.
  9. Hello @eclipse79 - the connection in ESET PROTECT Cloud is based on when the ESET Management Agent last connected to the management console. - the connection in ESET Business Account, is based on when the ESET Endpoint 6.11. last connected to our licensing servers. Reason why this might be not matching is that the client could have been updated, or underlying hardware fingerprint has changed, and that computer entry was duplicated on EBA (this tends to happen when a different network adapter is being used). You should be able to make those "matched" by retriggering the product activation task which would force the licensing servers sync issue. Also look for the duplicate entry. Regards, Michal
  10. Hello @David Fletcher Each of the notifications could be configured, and you can set different recipients for each / or multiple recipients. Just navigate to "notifications" tab, edit the particular notification, and in the panel "distribution" add the e-mail addresses of your colleagues.
  11. Hello @Eleia ESET PROTECT Advanced allows you to use following functionalities: - ESET Endpoint Security instead of ESET Endpoint Antivirus. To get the added functionality (Firewall, WebControl, etc) you will have to upgrade existing installations of EEA to EES. - ESET LIveGuard Advanced. This can be activated for both EEA / EES. Activation is quite simple, you can do it "per device" or via "ESET Solutions Tab". - ESET FullDisk Encryption. This can be as well activated regardless of product used, either per machine, or via "ESET Solutions Tab". Regards, Michal
  12. Hello. this might be related to a fact, that "shutdown" actually not shutting down the computer, but putting it into some state of hibernation (when the "fast startup" is enabled"). I would expect, that when you disable it, then the particular entry will be correctly updated.
  13. Hello, I would follow instructions in the documentation: https://help.eset.com/protect_install/91/en-US/?migration_same_version.html
  14. There was a temporary glitch in EMA, which allowed setup of ESET Inspect Cloud instance with the "on premises license". Which will however not be shown inside the cloud platform. If you would have "ESET PROTECT Enterprise", there should not be any issue like this.
  15. Hello @Informatics as far as I know, there is not "condition" that would identify client as outdated, besides specifying a version being lower than a particular number. Of course, DG like this would be come obsolete quickly. Just to double confirm - you want to identify machines, which are outdated, by the means of dynamic group. Question I have is - what should happen next? Automatic software install task, or something else? As there might be a different solution to the problem you are trying to solve.
  16. Hello, @christian brauncan you please be more specific. What exactly you want to send? The overview of all the events, or more like a "screenshot-like" snapshot of the "security overview dashboard"? Or you want to send the granular list of everything that was detected by our security products? I will be happily to discuss it with our product managers, I just need to have a bit more understanding. Thank you, Michal
  17. Hello, are you referring to the "increase license quantity functionality" in ESET MSP Administrator? Do you initiate the change over the EMA interface? Is this error prevailing for all products, or just few of them? I have tested it, and successfully expanded the "size" of a license from 10 to 999 seats, without any issue.
  18. Hello. In case you are the owner of the license, what you can do is to add your license to ESET Business Account (if it was added already, just login) and force the deactivation of all the seats, that you feel should not be using the license. You can also contact ESET seller (partner who sold you the license) and request license credentials. Such over usage is not standard, and might indicate a leaked license. There are certain prevention mechanisms in place (depending on how long it is in such state).
  19. Hi @Marc Trottier As relatively high % of task execution attempts are failing, we might need some more details. How are the machines connected to both ESET PROTECT and also the internet? Is proxy for caching in place, or will the machine try to download the endpoint directly from our repositories? . What is the configuration of the software install task (endpoint version / license in it). I would recommend to check an agent trace log on one of the failing machine, and try to find "error" related to the installation. But the best would be to open a support ticket, so this issue can be investigated further.
  20. Hello @LesRMed I have opened this up with our QA department and this is what they came up with: In case you enable the setting that allows appending the globally set exclusions to the local list, it will enable you to add the local ones. However, what you need to do first on the endpoint side, is to adjust the "combo box" to "show local exclusions". Once this is done, the add button will enable, and allow you to enter the exclusion locally. I have filed an improvement request, to change this behavior, as it is considered as not intuitive.
  21. Hello. No, ARM64 product is currently only available for Windows.
  22. What I would do, is to uninstall the agent. Delete (remove) the "machine" from ESET PROTECT. And attempt a reinstall of just the agent itself. If that would not help / solve the issue, then I would open the support ticket.
  23. Hello @LesRMed The behavior with regards to policies is like this: when a setting is "set by policy" (by set means, the blue dot / red flash are shown) the setting is NOT editable on the client. If setting is not "set by policy" if the user locally has admin rights / knows the password to settings, he can change the local configuration freely. only way how to temporarily override the policy settings which are set by ESET PROTECT is by enabling the override mode. Override mode set to "on" and set by policy. On your screenshot, the override mode is neither enabled, neither configured to be reflecting the policy settings. However, once the override mode ends, the settings will revert to the previous state. In order to allow "local exclusions", you need to follow the recommendation from Marcos above. If you allow them being "appended", endpoint will take into consideration exclusions set centrally, and also the ones that are set locally.
  24. Hello, You should contact ESET Support. After we verify your identity, our support team should be temporarily able to disable the 2FA so you can reset your password / login. Btw, backup codes have been sent to the address to which you have registered the ESET Business Account. Just search for "backup codes", and you should be able to find them, as they are sent automatically when 2FA is enabled.
  25. Hello, when you navigate to "installers" and attempt to generate a new installer, you need to click on "customize installer" and in "product setup" click on the blue line under "security product" and in the popup choose the "ESET Server Security for Microsoft Windows Server" as seen on the screenshot below.
×
×
  • Create New...