Jump to content

MichalJ

ESET Staff
  • Content Count

    1,866
  • Joined

  • Days Won

    58

Kudos

  1. Upvote
    MichalJ received kudos from Peter Randziak in Security Management Center does not update license   
    What I would try as a last resort before raising a ticket would be to remove the licenses from your ESMC, and try to re-add them again, either manually, or via the business account credentials. Adding them in our test environment shows correct expiration dates, for December 2021.
     
  2. Upvote
    MichalJ gave kudos to MartinK in Mixed environment: which is the best way to manage?   
    My recommendation is to check ports usage documentation: https://help.eset.com/esmc_install/71/en-US/ports_used.html
    Technically ESMC + Webconsole (tomcat) are listening on following ports:
    2222 (can be changed, for example to 443 to reduce possible firewall issues): this port is used by ESMC Agents to connect to ESMC. This one has to be open for client devices. It could possibly be limited to specific IP addresses if possible, but that could possibly block roaming devices 2223: port is used for (my recommendation is to not open this port from outside of server) for Webconsole-to-ESMC communication. If webconsole will be installed on the same machine (= default scenario), there is no need to expose this port for console to work correctly second use is for ESMC Agent installers in case of "Server assisted installation". I would strongly recommend to omit this functionality, it is deprecated in favor of all-in-one installers which are much more suitable for MSP scenario. 443: standard port for access to ESMC Webconsole via browser. Port has to be opened for ESMC users to access console. My recommendation is to enable access to this port only for known IP addresses if possible. There is also possibility to perform additional hardening of Apache Tomcat configuration to enable only most secure TLS ciphers, you just have to be sure your browser will support it. Also make sure that when installing ESMC, so called "Advanced security mode" is enabled in it's configuration. It will prevent connections of older ERA Agents but should work for ESMC 7.1 Agents installed even on oldest supported systems (Windows XP).
  3. Upvote
    MichalJ received kudos from sdnian in Policy Setting - Exclusions   
    Hello,
    This is related to the new exclusions system. In case your policy has been converted from an old one, or you use older version of ESMC than 7.1, you will have the split of Performance & Detection Exclusions. If you create a new policy, you can only add performance exclusions to it, and detection exclusions would be handled via the new exclusions tab in the main menu. 
    So the one with detection exclusions is most probably a policy that included some detection exclsions (other than by path) before. The one which does not have them, is a policy which had not them defined before. 
  4. Upvote
    MichalJ received kudos from Peter Randziak in Clients reporting license expiring soon   
    Hello @Marc K
    Are your Endpoints activated using license key / security admin credentials?  Or have you activated them using offline license file ? 
    In case the second one, you will have to reactivate with a new license file, in case the first one, can you verify that your endpoints can access https://edf.eset.com/edf?  When connectivity to our license servers is broken somehow, your endpoints are not able to get the updated license information. 
    Last option could be, that the license did not correctly export to our update servers, however for that we would need your public license ID, so we can check whether there are no sync issues with your license. 
  5. Upvote
    MichalJ gave kudos to MartinK in Unable to upgrade ESET agent to Version   
    Actually you have to use different tasks to upgrade applications:
    Components upgrade task is required to upgrade ESMC Agents Software installation task is required for upgrade of other ESET applications
  6. Upvote
    MichalJ gave kudos to Martin25B93 in Not able to install ESET Security Management Center Server Installer   
    Solved. I had OBDC version 5.3.13 After downgrade to 5.2.7. I was to able install Era ESET Agent Thank you very much
  7. Upvote
    MichalJ gave kudos to MartinK in Not able to install ESET Security Management Center Server Installer   
    Please provide list of installer parameters you are using to deploy AGENT (only parameter names, no need for passwords or other sensitive details). From log it seems you are performing so called server-assisted installation, but probably with wrong hostname:port configuration, resulting in communication failure.
    Also once ESMC is installed, you might use also live installer created in console to deploy AGENT, it has no parameters so it would be much simpler.
  8. Upvote
    MichalJ gave kudos to T3chGuy007 in ESMC Upgrade   
    For those of you in the same situation, I first had to install SP3 for SQL Server 2008 R2 Express because you can't directly upgrade to SQL Server 2017 Express unless you are running SP3.  I was running SP2.  Once this was done, I upgraded to SQL Server 2017 Express by using the custom install option.  I then opened ESMC and went to Help->About.  The DB version is now showing Microsoft SQL Server 2017 (RTM) Express Edition (64-bit) 14.0.1000.169.  I then went to Help->Upgrade Product and a new client task was created.  After a few minutes, I was kicked out of ESMC and I could not log back in.  A few minutes later, the login page wouldn't even come up, but after some more time, it finally came up and I was able to log back in.  ESMC is now showing it is v7.1717.0 and the Web Console is at v7.1.393.0.  The last thing I did was install SQL Server Management Studio (SSMS) on my server so I could manage the DB a little easier.
    https://docs.microsoft.com/en-us/sql/database-engine/install-windows/supported-version-and-edition-upgrades-2017?view=sql-server-ver15
    https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms?view=sql-server-ver15
  9. Upvote
    MichalJ received kudos from Peter Randziak in problem with ESMC upgrade 7.1.503.0   
    Hello, you are using unsupported MySQL version (5.5) which is no longer supported in ESMC 7.1. The only option is to upgrade your database to the one supported by ESMC 7.1 or downgrade ESMC back to 7.0 till you are able to process the upgrade. 
  10. Upvote
    MichalJ received kudos from schuetzdentalCB in Future changes to ESET Endpoint programs   
    @schuetzdentalCB Thank you for your feedback. With regards to the automated network isolation, something like that (possibility to trigger network isolation from the console) is being added in ESMC 7.1 / Endpoint 7.2 for Windows. We plan to further expand this concept to allow autonomous response in the future. 
    With regards to the application whitelisting, this is a bit more tricky topic. However it is on our long term roadmap. I will link your comment to the already tracked internal IDEA. Internal tracking IDEA-1510
  11. Upvote
    MichalJ gave kudos to MartinK in Unknow status - new agent   
    Just for clarification for others in case they encounter this issue: unknown state indicates that for specific application version ESMC is not yet aware of it's state. This normally happens when new version of application is seen for the first time and it should be resolved automatically in no more than 1 hour.
  12. Upvote
    MichalJ received kudos from Rendekovic in Multiple licenses for MDC.   
    MDM Core is activated (although it does not consume license seat, activation is done only for the purpose of getting the valid update credentials for receiving module updates). Each mobile device needs to be activated separately, using the "product activation task" targeted towards the particular mobile device entry. 
  13. Upvote
    MichalJ received kudos from Peter Randziak in Multiple licenses for MDC.   
    MDM Core is activated (although it does not consume license seat, activation is done only for the purpose of getting the valid update credentials for receiving module updates). Each mobile device needs to be activated separately, using the "product activation task" targeted towards the particular mobile device entry. 
  14. Upvote
    MichalJ received kudos from Mirek S. in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @andy_s We will track this as an improvement request, towards the future versions. Issue is, that the "upgrade" itself is handled by Endpoint (in case you execute scan and select option "shutdown after scan"), and Endpoint does not initiate agent wakeup to report scan completion. It simply triggers shutdown, before the result is replicated.
    Maybe, if you are willing to, can you explain why are you shutting down the machines? Is it to save power over weekends, or? As there might be different way how to achieve that. One that will report "success" would be a run command, with a respective windows shutdown / with delay, as task would report "Success" not in the moment of task execution, but on the moment when it contacted WMI provider with the command the reboot. If system acknowledged, it will report success.  Also, out of curiosity, what is your replication interval?
  15. Upvote
    MichalJ received kudos from droezel in Future changes to ESET Endpoint programs   
    @Markwd Hello, there are two reasons. Anti-theft in consumer is focused on device retrieval, not on the data security (no possibility to wipe the disk on the device). Also, the implementation capable of tracking screenshots / photos of the users, might violate a lot of corporate laws / regulations. If Anti-theft is introduced into the business versions, it will have to behave differently. If I can ask you a question, what kind of a problem you would like to solve with it? Would it be intended for device recovery, or more a data removal / prevention of misuse ?
  16. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Hello @Pinni3. To get to your points: 
    For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept.  We are already tracking improvement for that (Internal reference - IDEA-1100) We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371 I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 
  17. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @SysEPr Thank you for your feedback: 
    With regards to the first case, we will investigate this behavior. It looks to me more like a bug in the implementation. We will check this internally.  We are planning to introduce more advanced IFTTT (If this then that)  logic, into ESMC, however it will not happen in ESMC 7.1 for sure. But it´s on the roadmap for the future versions, that will allow you to achieve better automation, and such advanced conditions. 
  18. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 
  19. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad We are already tracking improvements to be able to generate reports based on the license usage (used license). I will extend it with your request.
  20. Upvote
    MichalJ received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @katycomputersystems Functionality to change the group in the computer details is coming back. It was accidentally removed during the redesign.
    @Zen11t We have a project/ feature tracked to globally control all of the interactive windows for the future. I will add your comment to there.
  21. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Thank you @Campbell IT Concerning the "logged users" - all is clear. We are already tracking an improvement for that, so I have added your feedback to it. With regards to the "Detection Engine", would the information about "last update attempt" (= when the application contacted ESET Servers, to check whether there is a newer version of any module) or "last successful update" (= when the application actually downloaded any of the newer modules from ESET Servers, which means it´s working with the latest modules), be sufficient to you?
    In the meantime, logic works, that machine changes its status from updated to non-updated after 7 days, and will report a protection status (red) with "modules out of date". If you are more strict with this, what you can do is to shorten the alert interval down to one day, by configuring a setting in a policy for security product as follows:
     

  22. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    We will take this into consideration, but still, due to the relatively low install base of Linux (outside of the VM appliance) it will still remain with a low priority, compared to other things we want to achieve.
  23. Upvote
    MichalJ received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @Rémi Primary reason was optimization of dev/QA costs, where MySQL is platform agnostic, so can run on both Windows & Linux systems. MariaDB is only for Linux. We have received few such questions, however it never went "too high" into the priorities list, in order to be done. We have however such item in the backlog for the future releases.
  24. Upvote
    MichalJ received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    @sindbad Such functionality, for the "one click" update, is implemented in the upcoming version 7:
     


  25. Upvote
    MichalJ gave kudos to Marcos in Future changes to ESET Security Management Center / ESET Remote Administrator   
    That's how it works in ESMC (ERA v7) which is currently in the phase of beta testing and will be released soon.
×
×
  • Create New...