Jump to content

MichalJ

ESET Staff
  • Content Count

    1,844
  • Joined

  • Days Won

    57

Kudos

  1. Upvote
    MichalJ received kudos from schuetzdentalCB in Future changes to ESET Endpoint programs   
    @schuetzdentalCB Thank you for your feedback. With regards to the automated network isolation, something like that (possibility to trigger network isolation from the console) is being added in ESMC 7.1 / Endpoint 7.2 for Windows. We plan to further expand this concept to allow autonomous response in the future. 
    With regards to the application whitelisting, this is a bit more tricky topic. However it is on our long term roadmap. I will link your comment to the already tracked internal IDEA. Internal tracking IDEA-1510
  2. Upvote
    MichalJ gave kudos to MartinK in Unknow status - new agent   
    Just for clarification for others in case they encounter this issue: unknown state indicates that for specific application version ESMC is not yet aware of it's state. This normally happens when new version of application is seen for the first time and it should be resolved automatically in no more than 1 hour.
  3. Upvote
    MichalJ received kudos from Rendekovic in Multiple licenses for MDC.   
    MDM Core is activated (although it does not consume license seat, activation is done only for the purpose of getting the valid update credentials for receiving module updates). Each mobile device needs to be activated separately, using the "product activation task" targeted towards the particular mobile device entry. 
  4. Upvote
    MichalJ received kudos from Peter Randziak in Multiple licenses for MDC.   
    MDM Core is activated (although it does not consume license seat, activation is done only for the purpose of getting the valid update credentials for receiving module updates). Each mobile device needs to be activated separately, using the "product activation task" targeted towards the particular mobile device entry. 
  5. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    @m.gospodinov That was exactly the recommendation I wanted to give. Please note that you can also play a bit with the dashboards, make the "table view" displayed as default, and also when you edit the report template you can edit the "top 10" setting, so if you have more than 10 different problems you can list them all (that depends on size of your network mostly). 
  6. Upvote
    MichalJ gave kudos to m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    10. Dashboard > Computers > Security risk > Detailed information - I get a list with computers that have a problem. Most just require restart but others have different problems. Is there a way to separate them or at least add a field with the problem? Right now I have to click on each of these computers to see details and then go to alerts, which is extremely time consuming.
    p.s. I found it - Dashboard > Top computer problems > Expand the field > Table view.
  7. Upvote
    MichalJ received kudos from mxp in License will soon be overused   
    Thank you for the feedback. I will check on our side, whether there is anything to be done to change it. I agree, that impossibility to turn it off when anything is wrong is an inconvenience. I will try to give you update here next week. 
  8. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    When you remove the "offline computers", is the checkbox "deactivate license" checked? As licensing is evaluated on the cloud licensing servers, you need to make sure, that checkbox for license removal is set. Also, you will have to click "synchronize licenses" in the license screen, to update the listing, as by default it refreshes every 24 hours. 
  9. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    Hello, I will try to give you some advice:
    Your fist case, should be done in a way that you use "nested dynamic groups". First one will do "Machine is not Windows XP" where I would recommend solution when you first filter out Windows XP machines:  Then you will filter out the ones that do not have the right version:  You can run a task on a list of computers differently: Select them in the computers table, choose each entry, and then click in the footer button "actions" and run task  From the task wizard, when you specify a trigger, you can inside specify either "add groups" or "add computers". When you click "add computers" you can choose whatever computer you like.  When you are in the "client tasks" section, and you expand the entry of the task, grey lines are for triggers. If you click on the "trigger entry" it shows you "delete". Afterwards the console asks you whether you want to delete a trigger.  In client tasks section.  It will install over, perform the upgrade of the computer. However, if you have already Agent installed, the most convenient way is to use software install task.   
     


  10. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    For number 1, maybe @MartinK might be able to shed some light. I can confirm that the "is one of" and "is not one of" is working for me OK. 
    Point in 6 is related to the fact, that the underlying data is not correlated with computer information. However I do agree, it would be a good idea to have it somehow interconnected, so I will report an improvement request for that.  However, you can apply a filter on "dynamic group" so if you have a DG set on particular criteria, you can also filter the report (for example windows XP DG). 
  11. Upvote
    MichalJ received kudos from m.gospodinov in dynamic groups expressions, update antivirus on list of computers, delete a trigger   
    With regards to the number 7, this functionality will be available in the next release. You will have an option to download the generated report output directly from the dashboard.
    What is also possible in current version is, that when you drill down, apply filters, you can click "generate and download", to get the data exported in CSV format. 
     


  12. Upvote
    MichalJ received kudos from Mirek S. in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @andy_s We will track this as an improvement request, towards the future versions. Issue is, that the "upgrade" itself is handled by Endpoint (in case you execute scan and select option "shutdown after scan"), and Endpoint does not initiate agent wakeup to report scan completion. It simply triggers shutdown, before the result is replicated.
    Maybe, if you are willing to, can you explain why are you shutting down the machines? Is it to save power over weekends, or? As there might be different way how to achieve that. One that will report "success" would be a run command, with a respective windows shutdown / with delay, as task would report "Success" not in the moment of task execution, but on the moment when it contacted WMI provider with the command the reboot. If system acknowledged, it will report success.  Also, out of curiosity, what is your replication interval?
  13. Upvote
    MichalJ received kudos from droezel in Future changes to ESET Endpoint programs   
    @Markwd Hello, there are two reasons. Anti-theft in consumer is focused on device retrieval, not on the data security (no possibility to wipe the disk on the device). Also, the implementation capable of tracking screenshots / photos of the users, might violate a lot of corporate laws / regulations. If Anti-theft is introduced into the business versions, it will have to behave differently. If I can ask you a question, what kind of a problem you would like to solve with it? Would it be intended for device recovery, or more a data removal / prevention of misuse ?
  14. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @Pinni3. To get to your points: 
    For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept.  We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 
  15. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @SysEPr Thank you for your feedback: 
    With regards to the first case, we will investigate this behavior. It looks to me more like a bug in the implementation. We will check this internally.  We are planning to introduce more advanced IFTTT (If this then that)  logic, into ESMC, however it will not happen in ESMC 7.1 for sure. But it´s on the roadmap for the future versions, that will allow you to achieve better automation, and such advanced conditions. 
  16. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 
  17. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad We are already tracking improvements to be able to generate reports based on the license usage (used license). I will extend it with your request.
  18. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @katycomputersystems Functionality to change the group in the computer details is coming back. It was accidentally removed during the redesign.
    @Zen11t We have a project/ feature tracked to globally control all of the interactive windows for the future. I will add your comment to there.
  19. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Thank you @Campbell IT Concerning the "logged users" - all is clear. We are already tracking an improvement for that, so I have added your feedback to it. With regards to the "Detection Engine", would the information about "last update attempt" (= when the application contacted ESET Servers, to check whether there is a newer version of any module) or "last successful update" (= when the application actually downloaded any of the newer modules from ESET Servers, which means it´s working with the latest modules), be sufficient to you?
    In the meantime, logic works, that machine changes its status from updated to non-updated after 7 days, and will report a protection status (red) with "modules out of date". If you are more strict with this, what you can do is to shorten the alert interval down to one day, by configuring a setting in a policy for security product as follows:
     

  20. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    We will take this into consideration, but still, due to the relatively low install base of Linux (outside of the VM appliance) it will still remain with a low priority, compared to other things we want to achieve.
  21. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @Rémi Primary reason was optimization of dev/QA costs, where MySQL is platform agnostic, so can run on both Windows & Linux systems. MariaDB is only for Linux. We have received few such questions, however it never went "too high" into the priorities list, in order to be done. We have however such item in the backlog for the future releases.
  22. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad Such functionality, for the "one click" update, is implemented in the upcoming version 7:
     


  23. Upvote
    MichalJ gave kudos to Marcos in Future changes to ESET Security Management Center / ESET Remote Administrator   
    That's how it works in ESMC (ERA v7) which is currently in the phase of beta testing and will be released soon.
  24. Upvote
    MichalJ received kudos from AStevens.SHG in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @AStevens.SHG I do agree with the need for nested conditions. We have it tracked as a backlog request, but as it requires a bit bigger changes it was not put "high enough". But it was evaluated in the past, so I will link your request to that post, and increase the priority a bit. 
  25. Upvote
    MichalJ received kudos from AStevens.SHG in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @AStevens.SHG Understood. You can currently use "is one of" instead of multiple "AND" conditions in the upcoming ESMC. We anticipate the release next month (although, it might be a subject of a change eventually). 
    @pps  I have understood your request in the way, that you want to be able to better see who paused which protection after authenticating using the username / password. Having multiple passwords is a workaround, proper solution would be to track the user, who paused / disables the protection. Is this assumption correct? 
×
×
  • Create New...