MichalJ
-
Posts
2,377 -
Joined
-
Days Won
70
Posts posted by MichalJ
-
-
Hello @j-gray
You are mistaken. Computer status is not changed when a newer version is updated (with the exception of endpoints that are using "auto-update via uPCU") and the update is already ready to be installed. In this case, it triggers to "yellow".
I would recommend to use the dashboard element, when you can easily see how many of your clients are outdated and how many are not, and drill down to the details.
I mean this one:
-
Hello @j-gray. Reasoning is, that the current (old) version of the EEA / EES for Mac does not have the licensing callback implemented. Meaning, the EEI agent tries to contact EEA / EES, to verify it´s license, but the product can´t respond. This will be implemented in the Endpoint for Mac V7, which is currently in early access program.
This does not have any impact on the product functionality.
-
Hello @j-gray.
This seems to be more a problem of ESET PROTECT so I am adding @MartinK here, who might be able to identify the source of the problem. Do you know, what is the "trace message" for the "failed installations"? If you say, that the correct version is actually installed / working / reporting events, only the task status is a problem, that´s clearly EP issue.
-
Hello,
Our MSP system works in the way, that you are billed for the QTY ordered in the ESET MSP Administrator Portal. Not for the QTY of the actually activated / used devices.
So for example, if you order 100 seats of a license on the 1st day of a month and you gradually deploy them, you will still be billed for 100 * 31 * daily price. = 3100 seat days * daily seat price.
-
Ideally contact ESET Technical Support, ship them with your license information, and we can check to which e-mail is license registered in your system. You will need access to the e-mail, in order to reset the license password. Otherwise, we will have to remove the license from the account, so you can add it to another one (after license ownership has been verified).
Also, I would check license history, as you should have received activation e-mail, when ESET business account has been registered.
-
Hello, just to check, have you tried to use the "push install" (from the server) or the "remote deployment tool" (the standalone utility, that just pushes the package over local area network). The first option is in general very sensitive for network configuration, and there is a lot of prerequisites for it to work. We in general do not recommend this option, in case other options are available (GPO, SCCM, or other viable alternative).
Also, ESMC (7.x) has been replaced with ESET PROTECT (8.x / 9.x). It might be possible, that deployment of V7 agents, which are in limited support only no longer works properly.
But I assume, that is just a mistake in product name.
-
Maybe in this case @MartinK might have some idea, as this should not be the behavior, and it seems there is some problem with the installer creation / download.
-
@CraigG It seems to me, that you are using ESET PROTECT Cloud (per the design of the installers screen).
The error that you show on your screenshot is displayed in case, when a compatible package for the used operating system in use is not found in the repository. What is the version of the OS, and what is the version of the product?
Also, you can download the MSI for the ESET Server Security here: https://www.eset.com/int/business/download/file-security-windows/
-
Hello,
Unfortunately, the "auto update" setting does not work for Endpoints V8, and only for V9+.
In order to enable "auto updates" for V8, please configure this setting accordingly:
Also, it is important to remember, that even when the "auto update" is enabled, it does not mean that you will get the newer version immediately after its release. Versions are rolled out over time, starting approx. 1-2 month after the formal release into the repository.
You can read more info about it here: https://help.eset.com/protect_cloud/en-US/auto_updates.html
-
Hello,
Only case when the installer link expires, is when the particular software version that is "referenced" in the particular installer is no longer available in the repository. We have recently published a security hotfix for our Endpoint, and also removed all previous installers from the repo, so that might be reason for the installer no longer working.
It´s not possible to configure this via the interface.
-
-
Hello, Tomcat and Apache HTTP Proxy are not updated by the means of "components upgrade task", as those are 3rd party components. In order to update them (in most cases due to important security patches) it´s recommend to do this by running the server all in one installer on the machine.
-
No, you can upgrade straight away. The only issue is in our internal reporting mechanism, when it shows different "latest" version for applications previously upgraded / installed via "software install task" and different versions for applications upgraded via "micro PCU / Auto Updates" functionality.
-
Hello, the "version status" of Endpoint Security and Management Agent never influenced the color of a particular line in the computer status table (neither on Windows, neither on Linux). Color coding is only visible inside computer details.
However, there are many other ways, how to identify the machines which are running outdated version:
STATUS OVERVIEW dashboard, where you can click on the particular application type and via drilldown get to a list, and even open them in the computers view. Or, you can initiate the update from there.
ESET APPLICATIONS dashboard, where similar functionality is available.
-
Hello, you can install the MDM connector using the "all in one installer" for ESET PROTECT Server.
-
Hello,
I would need more details, about your MSP account to check whether the product is available for you.
It might be hidden, as we have adjusted the ordering. Also, if your customer already has ESET Endpoint Security (trial / full) you can´t order it anymore.
However, the right item for you to order would be "ESET PROTECT Entry On-Prem", which is priced on the same level as ESET Endpoint Security. Also, for the future, we will most likely remove all the standalone product SKUs / orderable items, as ordering the appropriate PROTECT tier should be the way to go.
It´s listed here:
-
@Marcos This seems to me like a feature request for ESET PROTECT, meaning inside the notification generated by PROTECT, it would also offer another variable - computer description / TAG (that would for example include the company name / postal address). I assume, this is a request from MSP, but I believe @EMEtech will be able to confirm / deny.
-
Also, is there any "muted" device in ESET PROTECT? Devices that are "muted" via the context menu are not counted to the total in the ESET PROTECT Console.
-
Hello @mars_ots just one clarification.
You mention that there are issues with "V9". Please note, that those (as mentioned by Marcos) are related to Endpoint V9, not to ESET PROTECT Itself. You can easily upgrade ESET PROTECT (Server + Agents) to V9 and keep your Endpoints on version 8.1. And just a note, it also works the other way around, you can have ESET PROTECT (Server + Agents) on V8, and upgrade Endpoints to V9, they are cross compatible.
-
Hello. Automatic updates will work in a way, that first we release a particular version in the repository, so it can be updated using "standard" ways (software install task, local installation / download of the installer from the web), and after a reasonable time (at least a month, and reasonable amount of installed devices).
-
Hello @Cousin Vinny
One important thing to mention is, that the "automatic update" channel is using MicroPCU mechanism, meaning it´s not a complete "install over" (like in case of software installation task triggered from ESET PROTECT), but instead the "program component update", which is changing the product internals, and only launches the new version after restart (which can happen at your convenience).
This change (auto updates being enabled (of course with the possibility to opt out)) comes as a reaction to ever changing / increasing pace of operating system releases, when Microsoft (but the same applies to Apple, and other OS vendors) rolls updates quickly and automatically, and for such critical system as Endpoint Security product, we need to keep up to prevent cross-compatibility issues (and of course, ensure the highest level of protection).
Also, per our conducted customer research, this is becoming a new standard (the same way, like in case of iOS, or apps on your mobile phone, which silently update overnight). Of course, we are aware of the potential risks, and Marcos explained that auto-updates will always be rolled out after a relevant time passes since the production release, to react to any possible issues. And of course, there are customers that would rather wait, and validate, and update manually, so the option will be kept for them (and you) as well.
Thank you for your feedback, it´s appreciated.
Michal
-
My suggestion to the improvement on our side, would be to list the sub-versions of critical components within the release post. Meaning, for us internally it is 9.0.10, however that one consists of Server XXX and Console YYY. Would that be sufficient?
Showing the "package version" might be tricky, as from time to time, we update just one of the component of the package, like HTTP Proxy, or others, without adjusting another components, so those are not updated. Keeping the package version listed in the webconsole would required also unnecessary update of the webconsole itself.
-
Concerning this issue, you have a response in the dedicated thread by my colleague from EEI team. Here is the link: https://support.eset.com/en/kb7683-change-the-hostname-redirect-to-eset-enterprise-inspector-server-from-eset-security-management-center
-
Hello @avielc
For the time being, ESET will work to support the compatibility between ESET PROTECT and MSSQL Express that came bundled with the instance. However, this is only recommended for customers with a certain size, due to SQL Express size limitations. Also, we might need to revise the sizing recommendations for customers that do run EEI in parallel, as EEI generates higher volume of detections that have some impact on the SQL Express sizing recommendations.
With regards to your second question, of merging the DBs. In general, ESET PROTECT has been optimized for MSSQL, and EEI (although working with MSSQL as well) for MySQL. Final recommendation would most likely be affected by your current / planned size of the environment, meaning how many machines you manage from PROTECT ,and how many have the EDR functionality deployed on them (EEI).
Concerning the "single UI", what we will be working on, is to make the UX more unified, and eventually eliminate "duplicities" (Computers / Detections) towards the "singular UI". However this is a long term plan. Currently, it is more about better interlinking and cross-navigation between the two consoles, as they have different target user personas. PROTECT is more for IT / Operations, and Enterprise Inspector more for the Security Team / SOC kind of entities. I assume that you are the one, using both consoles, right?
Failing OS X agent installs
in ESET Inspect On-prem (Detection and Response)
Posted
Hello,
You can find it in task execution details and click on "history" for a particular failed client: