Jump to content

MichalJ

ESET Staff
  • Content Count

    1,907
  • Joined

  • Days Won

    59

Kudos

  1. Upvote
    MichalJ received kudos from Rami in ESET NOD32 Google Chrome 79 crashes   
    @Kirill Licenses for ESET products are not sold for a specific product version. Meaning, that with your current license you will be eligible to use the new V7 as well. Linux Endpoint product is the last one running the old version of architecture / scanning core, and it will be updated to V7 soon. We are already running a beta program (available here), V7 should not have this issue at all.
  2. Upvote
    MichalJ received kudos from Kirill in ESET NOD32 Google Chrome 79 crashes   
    @Kirill Licenses for ESET products are not sold for a specific product version. Meaning, that with your current license you will be eligible to use the new V7 as well. Linux Endpoint product is the last one running the old version of architecture / scanning core, and it will be updated to V7 soon. We are already running a beta program (available here), V7 should not have this issue at all.
  3. Upvote
    MichalJ gave kudos to walleyeman in ESMC 7.1 sorting in GUI   
    I expanded column header and found 2 columns that were also configured cleared them and everything is working properlu
     
    Thank you
  4. Upvote
    MichalJ gave kudos to KGundermann in Invalid Report Template on Login after Update to 7.1.717.0   
    I restored c:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\era\ from Backup
    and now I can login again.
    Thank you for your help !
  5. Upvote
    MichalJ received kudos from Camilo Diaz in Mac client pointed at Mirror server now unable to connect to ESMC   
    Hello,
    What you have to do is to configure the proxy for both the agent, and the mac security product.
    In case the macs are showing not correct "last connected time" it would mean that they are not able to connect to the server at all, which is the thing you should troubleshoot. To confirm this, please check the status.html of one of the mac agents. 
    Also, what makes me confused is, that you mix topic of proxy and mirror. When you refer to mirror, do you mean actual offline generated mirror by mirror tool, or you utilize the proxy caching function. In this case, you just need to configure both agent / endpoint to communicate via proxy, and they should get the updates from there automatically. 
    Please note, that in ESMC 7.1 you can configure proxy details for the agent live installer, and also choose a policy that will be applied to the machine. 
    @Marcos can you please move this to "ERA" portion of the forum? 
  6. Upvote
    MichalJ received kudos from Mauricio in Automate updates   
    @TheMartin Thanks for the feedback / suggestion. I will contact our documentation team, and ask them to prepare the tutorial (video / documentation) with the topic "how to update my ESET environment on the latest version in the simplest way". I agree, it would be a helpful content, which should be more actively promoted in documentation and KB. 
  7. Upvote
    MichalJ received kudos from ILoveESET in Relationship between EEI and LiveGrid   
    Hello, EEI sends just the hashes, for verification. However ESET applications (in case Live Grid Feedback System is enabled) do send files for in-depth analysis / replication. However your assumption is incorrect - popularity is determined by how often the file is seen in LiveGrid, reputation is the result of the replication / file behavior. 
  8. Upvote
    MichalJ received kudos from mxp in dynamic group to filter clients that haven't been scanned in X days   
    Hello, @mxp, it´s currently not possible to setup such dynamic group. 
    We have internal improvement tracked for this (for internal reference): P_ESMC-12333 
  9. Upvote
    MichalJ received kudos from Campbell IT in Automate updates   
    @TheMartin Thanks for the feedback / suggestion. I will contact our documentation team, and ask them to prepare the tutorial (video / documentation) with the topic "how to update my ESET environment on the latest version in the simplest way". I agree, it would be a helpful content, which should be more actively promoted in documentation and KB. 
  10. Upvote
    MichalJ gave kudos to SysEPr in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Description: Color code failing tasks
    Detail:  The server used to color code the tasks that are failing. I'm running the latest ESMC, and now, that doesn't happen, and I have a hard time figuring out which tasks are failing. Is there a way to color code it again, or where can I see it? All I get is a generic email saying: "At least one client task has invalid configuration and therefore will fail."
  11. Upvote
    MichalJ received kudos from Peter Randziak in Security Management Center does not update license   
    What I would try as a last resort before raising a ticket would be to remove the licenses from your ESMC, and try to re-add them again, either manually, or via the business account credentials. Adding them in our test environment shows correct expiration dates, for December 2021.
     
  12. Upvote
    MichalJ gave kudos to MartinK in Mixed environment: which is the best way to manage?   
    My recommendation is to check ports usage documentation: https://help.eset.com/esmc_install/71/en-US/ports_used.html
    Technically ESMC + Webconsole (tomcat) are listening on following ports:
    2222 (can be changed, for example to 443 to reduce possible firewall issues): this port is used by ESMC Agents to connect to ESMC. This one has to be open for client devices. It could possibly be limited to specific IP addresses if possible, but that could possibly block roaming devices 2223: port is used for (my recommendation is to not open this port from outside of server) for Webconsole-to-ESMC communication. If webconsole will be installed on the same machine (= default scenario), there is no need to expose this port for console to work correctly second use is for ESMC Agent installers in case of "Server assisted installation". I would strongly recommend to omit this functionality, it is deprecated in favor of all-in-one installers which are much more suitable for MSP scenario. 443: standard port for access to ESMC Webconsole via browser. Port has to be opened for ESMC users to access console. My recommendation is to enable access to this port only for known IP addresses if possible. There is also possibility to perform additional hardening of Apache Tomcat configuration to enable only most secure TLS ciphers, you just have to be sure your browser will support it. Also make sure that when installing ESMC, so called "Advanced security mode" is enabled in it's configuration. It will prevent connections of older ERA Agents but should work for ESMC 7.1 Agents installed even on oldest supported systems (Windows XP).
  13. Upvote
    MichalJ received kudos from sdnian in Policy Setting - Exclusions   
    Hello,
    This is related to the new exclusions system. In case your policy has been converted from an old one, or you use older version of ESMC than 7.1, you will have the split of Performance & Detection Exclusions. If you create a new policy, you can only add performance exclusions to it, and detection exclusions would be handled via the new exclusions tab in the main menu. 
    So the one with detection exclusions is most probably a policy that included some detection exclsions (other than by path) before. The one which does not have them, is a policy which had not them defined before. 
  14. Upvote
    MichalJ received kudos from schuetzdentalCB in Future changes to ESET Endpoint programs   
    @schuetzdentalCB Thank you for your feedback. With regards to the automated network isolation, something like that (possibility to trigger network isolation from the console) is being added in ESMC 7.1 / Endpoint 7.2 for Windows. We plan to further expand this concept to allow autonomous response in the future. 
    With regards to the application whitelisting, this is a bit more tricky topic. However it is on our long term roadmap. I will link your comment to the already tracked internal IDEA. Internal tracking IDEA-1510
  15. Upvote
    MichalJ received kudos from Mirek S. in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @andy_s We will track this as an improvement request, towards the future versions. Issue is, that the "upgrade" itself is handled by Endpoint (in case you execute scan and select option "shutdown after scan"), and Endpoint does not initiate agent wakeup to report scan completion. It simply triggers shutdown, before the result is replicated.
    Maybe, if you are willing to, can you explain why are you shutting down the machines? Is it to save power over weekends, or? As there might be different way how to achieve that. One that will report "success" would be a run command, with a respective windows shutdown / with delay, as task would report "Success" not in the moment of task execution, but on the moment when it contacted WMI provider with the command the reboot. If system acknowledged, it will report success.  Also, out of curiosity, what is your replication interval?
  16. Upvote
    MichalJ received kudos from droezel in Future changes to ESET Endpoint programs   
    @Markwd Hello, there are two reasons. Anti-theft in consumer is focused on device retrieval, not on the data security (no possibility to wipe the disk on the device). Also, the implementation capable of tracking screenshots / photos of the users, might violate a lot of corporate laws / regulations. If Anti-theft is introduced into the business versions, it will have to behave differently. If I can ask you a question, what kind of a problem you would like to solve with it? Would it be intended for device recovery, or more a data removal / prevention of misuse ?
  17. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @Pinni3. To get to your points: 
    For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept.  We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 
  18. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @SysEPr Thank you for your feedback: 
    With regards to the first case, we will investigate this behavior. It looks to me more like a bug in the implementation. We will check this internally.  We are planning to introduce more advanced IFTTT (If this then that)  logic, into ESMC, however it will not happen in ESMC 7.1 for sure. But it´s on the roadmap for the future versions, that will allow you to achieve better automation, and such advanced conditions. 
  19. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 
  20. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad We are already tracking improvements to be able to generate reports based on the license usage (used license). I will extend it with your request.
  21. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @katycomputersystems Functionality to change the group in the computer details is coming back. It was accidentally removed during the redesign.
    @Zen11t We have a project/ feature tracked to globally control all of the interactive windows for the future. I will add your comment to there.
  22. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Thank you @Campbell IT Concerning the "logged users" - all is clear. We are already tracking an improvement for that, so I have added your feedback to it. With regards to the "Detection Engine", would the information about "last update attempt" (= when the application contacted ESET Servers, to check whether there is a newer version of any module) or "last successful update" (= when the application actually downloaded any of the newer modules from ESET Servers, which means it´s working with the latest modules), be sufficient to you?
    In the meantime, logic works, that machine changes its status from updated to non-updated after 7 days, and will report a protection status (red) with "modules out of date". If you are more strict with this, what you can do is to shorten the alert interval down to one day, by configuring a setting in a policy for security product as follows:
     

  23. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    We will take this into consideration, but still, due to the relatively low install base of Linux (outside of the VM appliance) it will still remain with a low priority, compared to other things we want to achieve.
  24. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @Rémi Primary reason was optimization of dev/QA costs, where MySQL is platform agnostic, so can run on both Windows & Linux systems. MariaDB is only for Linux. We have received few such questions, however it never went "too high" into the priorities list, in order to be done. We have however such item in the backlog for the future releases.
  25. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad Such functionality, for the "one click" update, is implemented in the upcoming version 7:
     


×
×
  • Create New...