Jump to content

Mr.Gains

Members
  • Posts

    27
  • Joined

  • Last visited

Everything posted by Mr.Gains

  1. I can give examples in what I'm looking to achieve in cleaning up our policy. We have URLs with protocols and just the domain names, in which I think I can just delete the ones with protocols since it's just repeating the same domain? Let's say outlook.com is within the policy whitelist and I delete it. After the policy is updated on the client computer, they are still able to access outlook.com. This example is where I'm trying to speed up by using virus total instead of testing on my own machine. Also, we have the same URLs in both whitelist and blacklist in which the whitelist will take priority because the URL group is sitting on top of blacklist? I'm just a little confuse on this one because why put it in the blacklist if it's already allowed in the whitelist. Are there any consequences if I delete the repeating URLs found in the blacklist that the whitelist already has?
  2. Web control filtering in the policy which is found inside the console.
  3. Good afternoon, I apologize in advance if this is in the wrong topic. I'm looking to clean up our web filter as I think we have too many URLs in our whitelist that aren't necessarily blocked by default. Could I input the URLs into virus total or another source to see if it's flagged? I'm trying to find another way around instead of manually removing the URL in the whitelist to test if it allowed or not by our ESET policy. Thanks,
  4. Turns out we had to manually clear the TPM on the device, which then we're able to start the encryption. Something I have to note next time I go through the process, but I thought EFDE clear the TPM when taking over?
  5. We're experiencing an issue where a client installed another drive on their machine, and it's not recognizing the disk for encryption. If we disable this disk we can do the encryption. I made sure it was unencrypted, and it's empty and tested with a test file (to have some sort of size to recognize it's unencrypted). Disk with issue: SHGP31-1000GM-2 ESET products: ESET Management Agent 8.0.1238.0 ESET Endpoint Security 8.0.2028.0 ESET Full Disk Encryption 1.2.4.12 Errors: When turning back on the Disk after installing EFDE : "Unable to start the system due to a problem accessing vital encryption data. Reason Code: 2 Meta Data is incorrect" When enable all drives then install EFDE, the system just sits there "not encrypted, data is not protected" after the first restart (before setting password which is where we're trying to get to). Only error I see is the recovery data is not in sync with server in the status, which I uninstall/install EFDE and the error shows up after (I waited for alerts to clear before the first restart). Logs show that it retrieve the license and that all disks are supported. Did I miss something or is the new disk not compatible with EFDE? Thanks,
  6. Thank you Marcos for trying to reproduce the problem, we think it's something on IIS install end now. We resolved the issue by creating a sub-directory manually, for some reason the path wasn't created initially. We'll check on this again on the next machine that we install ESET on.
  7. We're experiencing an issue where trying to install IIS after ESET Endpoint Security v8.0.2028.0 on new clients. The only way around is to uninstall ESET then install IIS, but we're not experiencing this issue on our servers ( File Security v7.3). Is this a known issue? It has recently start occurring where we have to uninstall ESET, Install IIS then re-install ESET.
  8. We're using an installer that include both Endpoint Security (v8.0.2028.0) and Full Disk Encryption (v1.2.4.12). After the successful install of both products, we cannot see any EFDE policy set under "applied policy". I was able to find out that our custom EFDE policy was applied by requesting configuration and verify the details that match our custom EFDE policy. Is there a fix coming? We can request configuration, but if a machine is offline then obvious we can't see what policy is applied at that given moment.
  9. Cheers, it doesn't tell me the policy name but it does give me some relief to see the configuration (same custom policy I applied in the installer). Learned something new today, thank you JPritchard
  10. Sorry for the confusion, basically I was trying to say that I set a policy in the installer but it doesn't show in computer details (configuration-applied policies) in ESET PROTECT. We have encrypted multiple computers in last couple of days, and none of them are showing any EFDE policy after installing/encrypting with our Endpoint+FDE package. Is there a way to force the computer to show it's EFDE policy in ESET PROTECT, just a bit confuse on why it wouldn't show the policy in the first place?
  11. We're using an installer that include both Endpoint Security (v8.0.2028.0) and Full Disk Encryption (v1.2.4.12). I included our custom EFDE policy in the installer but it's not applying to the machines, therefore I had to manually apply the policies after the machines get encrypted. Is there any issues in applying our encryption policy after the system gets encrypted? My thoughts is that the default policy will override my policy that I applied after the system gets encrypted, or will the policy change as long the system checks in? Thanks,
  12. I appreciate the response. I ended up calling support, and we figured out the hostname in the certificate was the issue. The issue was for some reason is the hostname had to be change to work (hostname was correct initially), but we just opt to use the IP address instead for simplicity. There's too many variables to say what caused the issue since our environment has drastically changed within the last few months.
  13. Console: CentOS7 ESET Management Agent 8.0.2216.0 ESET PROTECT Server 8.0.2216.0 ESET Rogue Detection Sensor 1.0.1079.0 Client: Windows 2016 ESET File Security 7.3.12002.0, ESET Management Agent 8.0.2216.0 Errors: Error: VerifyDnsSubjectAltName: Hostname does not match any supported record in certificate SubjectAltName extension Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details: The client data isn't showing in the console, so I tried the Agent live installer with no results. We've tried creating a new certificate, re-installing the all-in-one installer, and tried local, remote, and website deployment with no results. Both the client and the console can ping each other. What are the other possibilities or areas do I need to look at in resolving my issue? It seems this issue occurred after upgrading to ESET Protect from ESMC. Thanks,
  14. Hello I have a client computer that's running the current updated version products below. I removed the EFDE policy, then applied a decryption policy (disable encryption). The client is showing the decryption policy as actual, and encryption is active. I had the client reboot to just be sure, and still no changes. Only thing I can think of doing using registry editor for 'ESET FDE AIS Service'. Reason for this change is because we're migrating to a new console, so we have to decrypt the systems then encrypt them again on the new console. ESET Endpoint Security 7.3.2044.0 ESET Full Disk Encryption 1.2.1.6 ESET Management Agent 7.2.1266.0
  15. Awesome, I think those reports would actually cover what we need. If something comes up in what we need to see in reports, I'll come back and let you know. Thank you
  16. Are there ways I could have more visibility of these machines with EFDE in the console?
  17. In the EFDE policy we have total recovery password uses, and the recovery password reset when it reaches a number of uses left. The issue I see with this is that the user can reuse the same recovery password until they reach the auto-generate new password in policy, could we have this to where it could generate a new password after a number of use? For example in policy there's 20 recovery password uses, and it'll auto-generate a new recovery after every 2 recovery password used, and it'll warn the user when there's 4 total recovery password uses available before recovery data needs to be done. Another thing in entering incorrect password at the EFDE login screen, sometimes I get more attempts than I'm allowed and/or system reboot after 3 times. I'm thinking there's a bug in the password attempts, but it would nice for users to see how many more attempts until the current password is disabled. Thanks,
  18. I'm not sure if these things are in the works, but there's not really any visibility on EFDE in ESMC. Could we have some way of monitoring these clients with EFDE in the dashboard/reports such as password uses left on each machine, general information to show during audit? Thanks,
  19. I'm looking to perform a server migration using same IP (https://help.eset.com/era_install/65/en-US/migrated_database_same_ip.html) while upgrading the server OS and ESMC version from 7.1 to the latest 7.2 . The current ESMC is on CentOS 7, and I was wondering if there's any issues if I go CentOS 8? Keep the ODBC driver v5.3.10 and MySQL v5.7, and is there any other recommendations? This is my first time performing this task.
  20. We only have one EFDE policy currently applied to the clients, and "apply" flag is set to all fields in the policy.
  21. I made changes to the FD Encryption policy almost a week ago, then test the password recovery on a client machine and it still has the old settings. I double checked the client machine is assign to the policy. The policy is "actual" on the client machine, but it acting like there's no changes made. I've made multiple changes to the password policy, and I've tested all the changes made with all resulted under old settings. ESET Full Disk Encryption version 1.1.0.0
  22. Looking back in the trace logs, it looks like "No detected log filter or realm change" started to occur a couple months ago after we Update Product ESMC to v7.1.503.0 . I'm noticing these same trace logs in multiple machines when trying to upgrade the agents/applications even the ones that were successful and currently connected. On some machines, I tried to push out the tasks but it fails and that's when I checked the trace logs to find out I'm having the same errors across multiple machines. I saw error 14 and connection fail in one of the trace logs right before it was getting the "No detected log filter or realm change" logs. I searched in the forums and someone said rebooting the appliance resolved their issue. I rebooted the appliance yesterday and I'm still receiving these errors.
  23. I double checked for duplicate and tasks on the client, and there's none. The status log was last updated over 24 hours ago, so that would mean the ESMC Agent isn't running correctly.
  24. I tried running as admin on ecmd at the following %programfiles%\eset\$ESET product name , but that's where it would pop up then close immediately or not pop up at all.
  25. Authorization method: Advanced setup password. I'm having an issue with a client machine generating "Registration to Windows Security Center was not successful", so I'm trying to use the eCMD for /registerav command since I tried other methods that didn't work.
×
×
  • Create New...