Jump to content

MichalJ

ESET Staff
  • Content Count

    1,664
  • Joined

  • Days Won

    52

Kudos

  1. Upvote
    MichalJ gave kudos to Matus in System's Accessibility Features in Security and Privacy are blocked   
    Hi Paul,
    Have you tried also with the latest version - 6.7.876.0 ?
    There have been a couple of changes regarding MacOS compatibility. 
    Thanks
  2. Upvote
    MichalJ gave kudos to MartinK in Eset Endpoint Cloned Agents   
    There has been support for cloning implemented in ESMC, which means this scenario should be handled automatically if properly configured, without executing mentioned task.
    Once machine was cloned, new Cloning Question for ESMC administrator should have been created -> until it will be resolved, cloned devices won't be able to communicate with ESMC and thus not able to reset itself. There is possibility to resolve it in a way that every other clone of specific device will automatically results in creation of new devices, as if reset cloned task was executed. I would recommend to check whether there are any cloning questions available -> they should be accessible through client details of "master image" or in status overview in ESMC console.
  3. Upvote
    MichalJ received kudos from droezel in Future changes to ESET Endpoint programs   
    @Markwd Hello, there are two reasons. Anti-theft in consumer is focused on device retrieval, not on the data security (no possibility to wipe the disk on the device). Also, the implementation capable of tracking screenshots / photos of the users, might violate a lot of corporate laws / regulations. If Anti-theft is introduced into the business versions, it will have to behave differently. If I can ask you a question, what kind of a problem you would like to solve with it? Would it be intended for device recovery, or more a data removal / prevention of misuse ?
  4. Upvote
    MichalJ received kudos from Peter Randziak in How to create dynamic group "Not updated Agent"?   
    There are multiple methods: 
    You can click on the "red" part, and drill down to see the list of machines with outdated agent You can navigate to the dashboard "ESET Applications" check table "outdated applications", locate agent, and drill down to get the list of all machines You can alternatively create a DG for not having a specific version of Agent installed (all others will be outdated). I would recommend to use the first / second option. 


  5. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @Pinni3. To get to your points: 
    For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept.  We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 
  6. Upvote
    MichalJ gave kudos to Silver in ESET Agent&Endpoint remote deploy to MacOS? ECA only.   
    An FYI for anyone else searching - ESET ECA currently can't do this directly, but ESET UK support helpfully provided a sh script which can install the ESET remote agent silently, connecting endpoints directly to the correct ECA instance.
    This worked for me - Meraki can deploy the script by wrapping it into a DMG package and deploying as a custom app.
    ESET ECA can then install ESET sofware/licences etc, with everything being 100% remote.
     
  7. Upvote
    MichalJ gave kudos to Marcos in ESMC 7.0.72.2 Policy inheritance   
    Select a particular client in a group and then select "Manage policies" from the context menu. It will show all inherited policies as well.
  8. Upvote
    MichalJ received kudos from Peter Randziak in ESET UPDATE   
    Hello Maneet, version 7.1 is newer compared to 7.0. Under normal conditions you can find the “latest available version” in the “installed applications” dashboard, in table “outdated applications”.
    You can setup notification or follow the ESET news RSS feed when release news are published. 
  9. Upvote
    MichalJ received kudos from Peter Randziak in ESET Dynamic Threat Defense really necessary?   
    With regards to what Marcos said, let me add that we are currently discussing an option to block new files before the result from EDTD is obtained.
    Main advantage of EDTD is the additional sensitivity threshold and the quicker speed. Via LG we block 100% confirmed malware, via EDTD you can block also highly suspicious / suspicious files, based on the sandbox result automatically without waiting for the LG / detection engine update. 
  10. Upvote
    MichalJ received kudos from Peter Randziak in Server Task: Delete Not Connecting Computers Failed   
    My first recommendation (just to allow the deletion) would be to uncheck the option to "automatically deactivate such seats". What you can do, is to deactivate them manually via ESET License Administrator or shorten the removal interval there. 
    What might also help for us to check is to try manual removal of such computers from ELA. If that works, then it might be caused by network connectivity issues on your / our side. It might help us to actually see the PLID, so we can check whether ESMC server was able to contact our licensing infrastructure, to perform deactivation. 
  11. Upvote
    MichalJ received kudos from Camilo Diaz in Server Task: Delete Not Connecting Computers Failed   
    My first recommendation (just to allow the deletion) would be to uncheck the option to "automatically deactivate such seats". What you can do, is to deactivate them manually via ESET License Administrator or shorten the removal interval there. 
    What might also help for us to check is to try manual removal of such computers from ELA. If that works, then it might be caused by network connectivity issues on your / our side. It might help us to actually see the PLID, so we can check whether ESMC server was able to contact our licensing infrastructure, to perform deactivation. 
  12. Upvote
    MichalJ gave kudos to igi008 in Using EMS 7 Rules in smaller company with exchange 2016/2013   
    Hello Joe,
    thank you very much for your question. Yes, you are right. If there is a chance, that end user will request blocked email, it will be better to quarantine item. You can quarantine the whole email or only specific attachment.
    Example: 
    Other recommendations:
    If is possible try to use the newest version (7.0.10025), which provides the newest features and improvements Useful could be also online help page related to the "Rules", which is localized to many languages Thank you very much for using our products
    Best Regards
  13. Upvote
    MichalJ received kudos from Peter Randziak in Will Client auto update on new release?   
    Yes, this mean that clients starting with latest version of 7.0 will be automatically updated to 7.1 once the micro PCU is enabled on our servers and in the Endpoint settings.  Previously the functionality was ready, but was not enabled due to it´s behavior, where the "reported version" was not changed in ESMC, even when the client was updated over micro PCU. This is now changed and we will be enabling it soon. 
  14. Upvote
    MichalJ received kudos from karlisi in HW Cloning - Activation & Hostname   
    In general, my recommendation would be as following: 
    Create a base image computer, with ESMC agent and not activated Endpoint Let it connect at least once to ESMC, and in the ESMC interface mark the machine as "master for cloning" (navigate to computer details, click on the button "hardware" in the footer, select option "mark as master for cloning" and choose option "create new computers") By doing this, every new computer cloned from the image will be automatically created as a new system in ESMC  By default, there is a dynamic group "not activated security product". What you should do is to create a "product activation task", using your license, and setting it with two triggers on this dynamic group (click on the dynamic group, select "new task", choose "product activation" and them set a trigger:  First would be "joined dynamic group trigger" - anytime a new machine is connected, it would be activated Second would be "hourly" (you can specify this by CRON expression, guidance is in the product documentation). Therefore, if a client fails to activate on the first attempt it will repeat again every hour. If the client is activated, task won´t be executed..  Set a server task "rename computers" for the group, where the VDI machines will be created. Therefore, once the machine is renamed, correct name will be updated in ESMC automatically. Please note, that you can specify target group directly in the installer of the agent, each cloned instance would then respect this setting. 
  15. Upvote
    MichalJ gave kudos to Marcos in Sending notifications to end users   
    Msg.exe is run to display the message:

    Display message task uses native API of the operating system. On the Windows OS, it will trigger a native Microsoft Windows dialog box. On Linux and macOS, it will write the notification only into terminal.
  16. Upvote
    MichalJ gave kudos to Oliver in iOS device lock   
    Hello, 

    for this, you should use Client task -> Mobile -> Anti-Theft Actions -> Platform: iOS DEP -> Command: Find (Turn on Lost Mode). 

    The device can be unlocked afterward only from ESMC Web Console with "Turn off Lost Mode " task.  
  17. Upvote
    MichalJ received kudos from Peter Randziak in ECA login problems and firewall policy settings cleared   
    @Roger Nock You are indeed right. If you disable firewall "permanently" it would switch the feature to "OFF state" which does not generate any error on the management console side. If you pause it, protection state is switched to red, and warning is displayed. This behavior is non consistent with other functionalities, and If I do recall correctly we are tracking already a change request to make it more consistent and also report the state of the features more clearly inside the management console. Thank you for pointing this out. 
    Internal reference for ESET staff: IDEA-1256, P_ESMC-16751
  18. Upvote
    MichalJ received kudos from TomasP in ECA login problems and firewall policy settings cleared   
    Hello @ofer1954 & @Roger Nock
    We have experienced unexpected difficulties during upgrade of ESET Cloud Administrator backend to the newest version. As a result some instances were temporarily started with "empty DB" meaning that previous configurations and state was temporarily lost. We have re-setup the instances from the DB backup, meaning all should be back to normal and policies were restored to the original state.
    We are sorry for the inconvenience and issues caused. We are working with the teams involved to further optimize our internal processes to prevent such issues from happening in the future. 
    @ofer1954 You have said that it was not a first time that problems occurred. Can you please tell us more details about the specific issues you have experienced? 
    Thank you both for understanding.
    Michal 
  19. Upvote
    MichalJ received kudos from Peter Randziak in ECA login problems and firewall policy settings cleared   
    Hello @ofer1954 & @Roger Nock
    We have experienced unexpected difficulties during upgrade of ESET Cloud Administrator backend to the newest version. As a result some instances were temporarily started with "empty DB" meaning that previous configurations and state was temporarily lost. We have re-setup the instances from the DB backup, meaning all should be back to normal and policies were restored to the original state.
    We are sorry for the inconvenience and issues caused. We are working with the teams involved to further optimize our internal processes to prevent such issues from happening in the future. 
    @ofer1954 You have said that it was not a first time that problems occurred. Can you please tell us more details about the specific issues you have experienced? 
    Thank you both for understanding.
    Michal 
  20. Upvote
    MichalJ received kudos from strivoli in Apply ESMC Client Task to ALL but ONE.   
    Hello, as of now this is not possible. You will either have to map the task to 59 targets out of the OU, or move the client out of the OU. 
  21. Upvote
    MichalJ gave kudos to MartinK in Errors after moving from ESMC to ECA   
    This is the most probable reason. ECA does not enable user to create policy with connection hostname, but policy imported from ESMC will retain this setting. So in case you imported policy that had some connection host specified, ECA agents will start to us it instead of their original ECA hostname. If this is the case, only solution is to unassigned/remove such policy (unfortunately you won't be able to see which one it is as this setting are hidden in ECA console) and repair AGENT by re-deployment of installer.
    Regarding proxy, I am not sure whether I do understand scenario, but in case you used HTTP proxy for ESMC, and you do not with to use this proxy for ECA, you have to create new policy in ECA, where you explicitly disable use of HTTP proxy. In case you do not do that, AGENTs will be still using previous settings, i.e. they won't revert to settings used before policy was applied. This can be fore example done by creating policy:

    where crutial parts are highlighted. Not visible "Proxy configuration type" should be set to Global proxy.
  22. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @SysEPr Thank you for your feedback: 
    With regards to the first case, we will investigate this behavior. It looks to me more like a bug in the implementation. We will check this internally.  We are planning to introduce more advanced IFTTT (If this then that)  logic, into ESMC, however it will not happen in ESMC 7.1 for sure. But it´s on the roadmap for the future versions, that will allow you to achieve better automation, and such advanced conditions. 
  23. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 
  24. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad We are already tracking improvements to be able to generate reports based on the license usage (used license). I will extend it with your request.
  25. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @katycomputersystems Functionality to change the group in the computer details is coming back. It was accidentally removed during the redesign.
    @Zen11t We have a project/ feature tracked to globally control all of the interactive windows for the future. I will add your comment to there.
×
×
  • Create New...