MichalJ
-
Posts
2,377 -
Joined
-
Days Won
70
Posts posted by MichalJ
-
-
Hello,
I am bit confused by the situation you have described. As you should not see "unmanaged" device in ESET PROTECT Cloud. Only place where you can see it like that, is ESET Business Account, where you see the seat consuming a license.
Agent for "cloud" needs to be downloaded from the PROTECT Cloud instance.
If you want to install "server" from "ESET PROTECT Cloud", you should proceed the following:
- Open quick links and choose "protect - windows device"
- Click on "customize installer"
- Navigate to "product setup" and choose "Server security for Windows Server"
- Finish and Download installer
The package contains both the security product, and the management agent, which if having internet access will connect to ESET PROTECT Cloud.
Alternatively, you can just deselect the security product, and download the "agent only" installer. You simply deselect the "security product option".
-
Hello,
MDM needs to have an internet connectivity, in order to be activated. You can activate it using a "task" product activation. Any license that is able to activate endpoint solutions from ESET, should be able to activate Mobile Device Connector. Please note, that activation is required for MDMC to receive module updates.
Alternative scenario is to generate an offline file for product "MDM" in ESET Business Account, add it to protect and use it for activation.
-
Hello, Mobile Device Connector is the ESET PROTECT component, that basically handles the communication between the PROTECT server and the endpoint devices. So in order to manage mobile devices, you first need to install the "mobile device connector", as only afterwards, you will be able to enroll mobile devices.
Please note, that you can also manage mobile devices via ESET PROTECT Cloud, where this component is no longer required, as there is a cloud service maintained by ESET that handles the communication. Plus, also the enrollment / overall experience is a lot smoother / simpler.
-
-
I am adding @MartinK as he might be the best one to suggest relevant action steps.
-
Hello,
When you have ordered a license / added license to ELA Security Admin, you needed two things:
- License key (XXXX-XXXX-XXXX-XXXX-XXXX).
- ELA password (password e-mailed to you upon adding your license to ESET License Administrator). - this one is required also when you try to authenticate as "License Owner", by your license key. By default, your "ELA email" address is the same one, your license is registered to, upon purchase.
You can contact ESET, and we will resend you the relevant credentials / adjust the ELA email, so you can get the code by yourself.
-
Hello, yes. ESET Remote Administrator V5, and Endpoint Security / Antivirus V5 has reached their EOL, and also "cut-off" period, meaning the update servers for those legacy applications were disabled.
-
Hello @mars_ots
Ideally you should purchase "ESET PROTECT Mail Plus", for 6 units. Alternatively, if you have "on premises management" and you does not want to utilize "ESET Dynamic Threat Defense" extension of Mail Security, you can order standard "ESET Mail Security License" for 6 units.
Mail Plus: https://www.eset.com/us/business/mail-plus-protection-bundle/
-
-
Hello, I have briefly checked it. And the EI Agent is reported back to ESET PROTECT the way how it is installed - meaning just first three digits. I will check it with the EI team, as it seems that this might be related to the fact, how EI installer reports its version number to Windows. Thanks for reporting.
-
Computers can appear in "lost and found" either by:
- Installing the agent, and "connecting" for the first time
- Synchronizing against active directory (cloud/on premises) / manually adding a computer (valid to on premises version only).
-
Hello, @BrianMorris,
A bit of explanation to the reason why it is initially blank. The dynamic group membership is evaluated by Agent. So when you create a new "dynamic group template / dynamic group", it first needs to replicate down to agents, get evaluated, and once this is done, the confirmation = membership is reported back to the server.
Main reason for this is, that dynamic groups can be tight to "automation" tasks, or policy application, so for example if you have a computer that matches a desired condition, a task can be executed / policy applied regardless of the "connectivity status". So Even if the machine is "off the network" and the conditions "happen", whatever you decided in advanced will be applied, without the need to report back to the server.
Maybe we can do a better job on explaining this behavior directly in the dynamic group wizard, so users will be aware of this behavior "in advanced". I am adding @igi008 so he can take this improvement request from here.
Anyway, thank you for your feedback!
Michal
-
Hello @MrWrighty, thank you. Basically, as explained before, this is a completely correct / expected behavior.
"Windows computers" is a "dynamic group / filter" with a condition "OS = Windows", applied on a group "All".
"Lost and found" is a subgroup of "All" meaning all computers from Lost and found are also members of group all. And subsequently, as the conditions are met, also of the respective Dynamic Group. By default, when a new machine is installed / connected, it is always a member of "Lost and found". Purpose of this group is to identify newly enrolled / not properly attributed devices.
If you want to move them elsewhere, you can crate custom "static groups" and move (drag / drop) the machines there.
-
Hello @MrWrighty can you please share the screenshot of your "computers" screen.
My understanding is, that the only thing you have there is group ALL, then Lost and Found, and various "Dynamic Groups" underneath. Is this correct? Please note, that Dynamic Groups are "dynamically filled in" and are located under the group "all" (at least the predefined ones).
If you want to move the clients "permanently" out of "lost and found" you have to create some "static groups" and manually move the clients to the corresponding group.
Also, computer can´t be moved to a dynamic group if it does not have agent, as the "agent" is required to evaluate the dynamic group membership (evaluation happens on the computer, by the agent). So such dynamic group will not work.
-
Hello, If you have enabled 2FA for ESET Business Account, at the moment of activation you should have received set of "backup codes" to the e-mail address the business account is registered to. The email would look like this:
If you do not have such e-mail, you will have to contact the local ESET partner representative technical support, who will verify the ownership of the license / account and help with resetting the 2FA.
-
Hello @Kathleen Y
Can you please check, how are following two settings configured in your network?
One is in "Windows Server Product" policy, and one is in "Management Agent" policy.
Please also note, that the dashboard "ESET Applications" has nothing to do with operating system updates.
-
Hello, as of now, it seems that this functionality (checking on feature status, or applied policy) in dynamic group expressions is not possible. What I would suggest, is to organize them in either static groups, or tag them. Tags can be then used to filter out computers in "computers" screen.
-
Hello @slarkins
ESET PROTECT V9, looks very similar to "ESET PROTECT Cloud", whose live demo can be even found on the web: https://www.eset.com/int/business/demo/
It looks pretty similar to the V7, and V8, as it is more of a evolutionary approach.
Regards,
Michal
-
Hello,
It´s not possible to deploy / install a newer agent version, than is the actual version of the server. So first, you have to upgrade your server to V9, and then you will be able to deploy / generate installers with V9 agent.
-
Hello @j-gray
In case it is an upgrade - there is no impact. Any ESET application should keep its license data upon upgrade.
In case of fresh install, in case of Mac EEI Agent, there is none, as there is currently no "activation functionality" implemented in V6 Mac Endpoint for EEI agent. Meaning, it would work, even without supplying the license data. This will change once we release new version of Mac Endpoint.
-
Hello @j-gray. One idea - if the issue with failing task is related to the "activation issue" (that mac V6 Endpoint is not able to process the activation task for EI agent, and therefore fails). What would happen, if you just do the task "without the license", meaning just deploy / upgrade the package itself, without entering the license information.
Per my understanding, the last "task failed in security product" is related to the activation attempt. As it seems to me, that other things in the task (download / install of the EI agent) finishes OK, just the activation fails. But that is inherited to the "global status" of the task.
-
Hello @Ufoto
Tags are currently not available to be used in "dynamic group templates" as those are used for "agent side automation" and meaning the particular data, needs to exist on the "agent side". Tags are applied on server, agent is not aware of their existence.
If you want to do it for quicker filtering, you can easily create "filter preset" that will filter out only machines with particular tags. And over the selection, you can then execute tasks, however with the issue, that those won´t happen automatically.
-
Hello @Trooper Can you please share with me your license details via private message. I will get in touch with the Early Access Team, to check, whether we still have capacity to handle additional customers. As said, the GA release is some 10 weeks away at this moment.
Do you have any previous experience with running our EDR on-premises, or it will be your first "touch" with the product?
-
Thank you @Empty for your response.
ESET INSPECT Cloud (new name of Enterprise Inspector) should reach general availability by end of Q1. We are already running early access program with selected customers, to tweak the product in production before general release.
With regards to the datacenter location, you are right, we currently do not offer data center in Australia. How many clients do you have, that you would like to move? I will sync with the team hear, if we can´t put together a step-by-step guide. However, one warning upfront - your data (previous detections, policy assignments, etc) will be lost, during this transition.
ESET Endpoint Security 5 and ESET Smart Security 5 Beta diffirence
in ESET Endpoint Products
Posted · Edited by MichalJ
Yes, NOD32 Antivirus (basic level of protection for Consumers) still exist, but the current version is V15. V5 has been released more than 10 years ago, and is not sufficient to protect against modern threats. It lacks many important recent detection technologies, which were added to our modern endpoint products.