Jump to content


ESET Staff
  • Content Count

  • Joined

  • Days Won


Posts posted by MichalJ

  1. Hello, I am not completely sure I did understand your post, but what is the actual problem? 

    • Based on the status log, your agent is successfully connecting, it even replicates some matching dynamic groups. 
    • Also, the install log shows, that upgrade was performed successfully, meaning there was previously some other version of ESMC / ERA agent installed. 

    When you mention docker image, you talk about ESMC server? We do not provide docker image, just an OVA, that you can import inside your virutalized environments. 

    You are free to call our technical support, that should be able to asist you with your questions / problems.



  2. @SysEPr Hello, that is a bug in the latest version. Color coding disappeared as the view was reprogrammed using a different programming framework. For the next version it´s coming back. 

    @dschwenk Will will add your feedback to the IDEA for device control redesign, which already counts with those things. However, I can´t comment when it would be scheduled for implementation. But it definitely makes sense. 

  3. Hello,

    You can either expose your ESMC to the internet, so it is reachable by clients from remote locations, or you can setup an instance in cloud provider (however please note, that the Azure VA is still based on the older ERA 6.5, so before continuing further its essential to upgrade it to ESMC 7.1). 

    If you will manage them and do not need to give them site-specific access, also ESET Cloud Administrator might be a good option for you (however that has a size limit of up to 250 seats). 



  4. @TheMartin Thanks for the feedback / suggestion. I will contact our documentation team, and ask them to prepare the tutorial (video / documentation) with the topic "how to update my ESET environment on the latest version in the simplest way". I agree, it would be a helpful content, which should be more actively promoted in documentation and KB. 

  5. This is a good point for discussion. In general, the long term goal is to move towards fully automated architecture, with opt-out option to be able to keep software running on specific version. That´s what we are working on. 

    In general, keeping ESET software on the latest version do consist from two tasks, that should be executed: 

    1. Security Management Center Components Upgrade that upgrades components of the management server network (server, console, agents) 
    2. Software install task, that brings in the new version of the installed security product (like Endpoint Security). 

    The first one, as it touches various components is not recommended to be automated as a whole. Once the server is updated, you can automate update of agents by utilizing dynamic group templates, where you utilize condition of "installed software name" and "installed software version", where you utilize condition "not in". You however need to do this separately for Linux, Mac and Windows machines, as each and every one of them has a different build number (also possibly different release cycle). 

    Please note that we are planning to remove the need of manual agent upgrade for future versions.  In ESET Cloud Administrator, you can update agents using one click action from the dashboard (status overview tab, and installed applications tab) 

    Second one, is related to the upgrade of the security software. Security software upgrade requires reboot of the machine, meaning it´s not recommended to be randomly executed, rather being scheduled for specific time (off work hours, maintenance hours for servers).  You can automate it as well, using dynamic group templates https://help.eset.com/esmc_admin/71/en-US/?dg_example_3.html. Alternatively you can utilize simple actions from the dashboard (status overview & installed software tabs), where when you click on the outdated chart component it will show you list of all possible apps / versions to be updated. You can choose the one, where you want to execute the task momentarily. 

    We would eventually release (hopefully in next few months) the option to utilize micro PCU (automatic Endpoint updates) for Endpoint version 7.2. This would / should also streamline the upgrade procedures and will be announced in advance. 

    Hope that this helps.


  6. The policy works in the way, that only if the setting has "apply flag" it will be actually applied on the client. Meaning, if you have set just the setting for password protection, all of the other settings will remain as before, meaning if the 6.4 was configured somehow, the settings will retain as that is how the old configuration of client is interpreted. 

    I will ask our QA department to verify this behavior, as it´s meant to work in a way that when you remove the particular setting (change "apply" to "not apply") it will return the previous settings back to the state "before the policy was applied".

  7. New detection exclusions are actually only created from "threats" section, when you click on the "exclude" and there is a new wizard, that will allow you to specify the exclusions conditions. Once created, they are visible in the "exclusions" view. You can then configure assignments to existing exclusions, to assign / de-assign them from individual computers. 

  8. @PF4Public I have a suspicion that during the license renewal you / re-seller / partner actually changed the license product for one, that is unmanageable, meaning it can´t be added to either EBA or ESMC at all (business product was changed to consumer one). 

    Can you please send me the public license ID, so I can verify this assumption? I know that you send it to Marcos already, but as we work for different departments I do not have access to your private communication. 

  9. Hello,

    This is related to the new exclusions system. In case your policy has been converted from an old one, or you use older version of ESMC than 7.1, you will have the split of Performance & Detection Exclusions. If you create a new policy, you can only add performance exclusions to it, and detection exclusions would be handled via the new exclusions tab in the main menu. 

    1. So the one with detection exclusions is most probably a policy that included some detection exclsions (other than by path) before.
    2. The one which does not have them, is a policy which had not them defined before. 

  10. Also, once you migrate the license to EBA, you will see all of your activated seats in there. Secondly, what is the reason for you to use offline license?

    In your case, license file generation is restricted, as you have at least one seat activated with offline file that is reaching the internet, which is considered as license policy violation. You will have to reactivate the affected computer properly, before you will be allowed to create further offline license files. 

  11. Hello @PF4Public I assume, that this license was added previously? If yes, how?

    Was it added via ELA account? Was it added via License Key? In some cases, it might happen, that license is incorrectly remove, the license page seems "empty", however the license entry still stays in the database. We will need to see a trace log message from the time of license adding for proper troubleshooting, and I would recommend to contact ESET customer care and create a ticket as it might be needed to analyze it by developers.


  12. Hello @Marc K

    Are your Endpoints activated using license key / security admin credentials?  Or have you activated them using offline license file ? 

    In case the second one, you will have to reactivate with a new license file, in case the first one, can you verify that your endpoints can access https://edf.eset.com/edf?  When connectivity to our license servers is broken somehow, your endpoints are not able to get the updated license information. 

    Last option could be, that the license did not correctly export to our update servers, however for that we would need your public license ID, so we can check whether there are no sync issues with your license. 

  13. You have stated, that you have performed "module update" task. This task is however used only to update the protection modules on the protection software, not the software version itself.

    The task we are discussing, that you need to execute, is the Security Management Center Components Upgrade 

    You need to target it on the machines where you want the agent to be update, and you need to specify a referenced server version, which in this case needs to be set to your 7.1 build. 

  • Create New...