Jump to content


ESET Staff
  • Content Count

  • Joined

  • Days Won


Everything posted by MichalJ

  1. Hello @Haresh2015 Thank you for reporting. We have such request already in our backlog, however it was not yet planned for future releases due to other priorities. But it has been requested already in the past.
  2. Hello @Pinni3. To get to your points: For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept. We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this.
  3. Hello @pps You get IP addresses only from computers that have agents deployed, as it’s the agent who is responsible. What you can do, is to install rogue detection sensor, which could help you to add machines which are alive. Also, to double-check, can you please provide details about how you added that machines in Lost And Found group?
  4. @noorigin Hello, we are tracking it as an improvement request. Thank you for your feedback.
  5. Hello @dmartos - Lloged in user is available in the computer details. We are also tracking an improvement to populate / show the entry in the computers table.
  6. @bbahes Upon renewal (if the renewal was done within the expiration period), it should update the license status automatically. Do you change also the license key during renewal, or just extend the expiration of the same license (did the license key change)? If not, it indicates a problem in either your setup / our licensing functionality, and should be looked at from the technical support perspective. @SysEPr With regards to the live installer - noted, our devs confirms that, but it might happen that this won´t be done (as it´s really a niche scenario). With regards to the focus on 2FA, I will let it report to our devs, so it´s reported. I do agree and fully support it.
  7. @SysEPr Thank you for your feedback: With regards to the first case, we will investigate this behavior. It looks to me more like a bug in the implementation. We will check this internally. We are planning to introduce more advanced IFTTT (If this then that) logic, into ESMC, however it will not happen in ESMC 7.1 for sure. But it´s on the roadmap for the future versions, that will allow you to achieve better automation, and such advanced conditions.
  8. @Sam Fonteno Thank you for reporting. This is already in our backlog. However the task itself is quite expensive, due to the current logic of how policies are merged and how the resulting configuration is applied. However, we are aiming to get it resolved eventually, however I can´t as of comment on a time-frame for it.
  9. AFAIK it should be, as the RMM interface is untouched. You might not be able to configure all of the settings via your current plugin, but the same functionality should work OK.
  10. @SysEPr Thank you for pointing this out. I have created a development task for both adding this one specific problem, but also having those problems in an update-able fashion, meaning we would be able to dynamically update those capabilities when a new client with a new error is being released.
  11. Hello @Justin No, it does not have application control features. Whoever gave you the information, was not correct. Although, it´s one of the topics we have in mind for the future versions, no specific plans have been made as of now.
  12. @tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC
  13. @ludolf I have reported those requirements to the EP development team, as they are EP related. ESMC just visualizes policy controls, made for Endpoint. But it´s OK, that you have reported it here, as ESMC s the primary interface for controlling Endpoints.
  14. @bbahes We are working on redesigning server tasks a bit, so I have expanded the request to include also the "last execution" column in the corresponding window.
  15. @sindbad We are already tracking improvements to be able to generate reports based on the license usage (used license). I will extend it with your request.
  16. @ewong With regards to the task progress. This is a tricky thing to make, as the communication is asynchronous. Meaning that agent only checks in on set intervals. Tasks usually do not last that long. For the Component Upgrade task, we have an improvement tracked, to be able to show some progress, until the server / webconsole is updated (it´s tricky, as the webconsole is not running during the upgrade). With regards to the debug log information, it would be a nice improvement. It´s possible to enable diagnostics / request log collector, but it´s not automatic, as the logs are quite large, and might influence DB performance if not used carefully. I will note your feedback to the improvement with regards to better error reporting.
  17. @katycomputersystems Functionality to change the group in the computer details is coming back. It was accidentally removed during the redesign. @Zen11t We have a project/ feature tracked to globally control all of the interactive windows for the future. I will add your comment to there.
  18. @andy_s What´s the reason for you to run weekly scans? Are users able to temper protection settings (pause protection)? As in case a computer has been properly scanned after installation, having just the real time protection enabled should be sufficient. (first scan verifies, whether there is no persistent malware present after install. As even in case when definitions are update that cover something not covered before, it will be detected on execution by the resident protection. If you run the scans only for the sake of shutting down the computers, you can easily replace it with the run command to initiate a delayed shutdown, so you get the result. Maybe, are you seeing any detection reported by those weekly scans? Besides potentially unwanted / unsafe applications? With regards to your last question, I am not sure, but AFAIK this might not be possible by default (will ask respective colleagues).
  19. @andy_s We will track this as an improvement request, towards the future versions. Issue is, that the "upgrade" itself is handled by Endpoint (in case you execute scan and select option "shutdown after scan"), and Endpoint does not initiate agent wakeup to report scan completion. It simply triggers shutdown, before the result is replicated. Maybe, if you are willing to, can you explain why are you shutting down the machines? Is it to save power over weekends, or? As there might be different way how to achieve that. One that will report "success" would be a run command, with a respective windows shutdown / with delay, as task would report "Success" not in the moment of task execution, but on the moment when it contacted WMI provider with the command the reboot. If system acknowledged, it will report success. Also, out of curiosity, what is your replication interval?
  20. @segFault As ESET Business Account is used as "identity provider" and "authentication service" you can enable 2FA within business account settings. Back-end architecture of ESET Cloud Administrator is designed in a way, that it´s fully backed-up and redundant. Meaning that despite you set a location you belong to, unless the entire data-center goes down, service will be available). I will check, whether a cross-data-center backup is planned.
  21. Thank you @Campbell IT Concerning the "logged users" - all is clear. We are already tracking an improvement for that, so I have added your feedback to it. With regards to the "Detection Engine", would the information about "last update attempt" (= when the application contacted ESET Servers, to check whether there is a newer version of any module) or "last successful update" (= when the application actually downloaded any of the newer modules from ESET Servers, which means it´s working with the latest modules), be sufficient to you? In the meantime, logic works, that machine changes its status from updated to non-updated after 7 days, and will report a protection status (red) with "modules out of date". If you are more strict with this, what you can do is to shorten the alert interval down to one day, by configuring a setting in a policy for security product as follows:
  22. @Campbell IT Concerning your feedback. Issue with "logged in users" is, that there could be more than one user logged in on the machine, so choosing just one, might not be valid. However we are tracking improvement request to have this (adding the information in computer details was the first step). We are working on a redesigned computer table element, that would be more robust from the point of view of displaying the desired information. Detection engine (previously VSDB) is not coming back, as it´s just one of many modules in the product, and the information does not really indicate whether the product is updated or not. We are instead working on adding information about "last update attempt" and "last successful update". Out of curiosity, for what purpose you would use the Detection Engine version info for? We are also working on "tagging functionality" that would allow specification of tag manually (in the first phase) and later automatically, that would replace the "custom fields" functionality in the old ERA V5.
  23. @Sam Fonteno Thanks for the response. Just to double-confirm - you are seeking an option, that would be able to wake up the device, if it´s asleep / switched off, the same way as the WOL works. Correct?
  24. @bbahes Thanks for your feedback. We are tracking several improvements (some of them targeting 7.1) that should make accessibility / readability of the agent logs simpler.
  25. @Sam Fonteno If you configure your tasks in advance, those are actually run by ESMC / ERA agent, Connection to server is not needed. And success is reported during next replication window. Also, secondly, in case something serious happen (status of product is changed, or high severity detection has occurred) agent automatically initiates our of order replication, and reports the status back to the centralized server. I do not see a reason how a "Scheduled WOL" would help in this matter. But maybe I am not understanding you correctly, so please provide more details. Also, server tasks are done on the server, by the server.
  • Create New...