Mr.Gains received kudos from Kstainton in Unable to encrypt second drive on client computer
Turns out we had to manually clear the TPM on the device, which then we're able to start the encryption. Something I have to note next time I go through the process, but I thought EFDE clear the TPM when taking over?
Mr.Gains gave kudos to JPritchard in ESET Encryption policy
The behavior you describe is normal - Policies applied by the installer do not show in the console. However, where EFDE is concerned, you will see the encryption status information on the computer panel here:
If you want to update the Policy details in the ESET Protect console, then you can press the "REQUEST CONFIGURATION" button. Once processed, you will see the currently applied policies. Here's an example:
It might be possible to automate this process, however I don't know enough about ESET Protect to assist you further with this. You may want to ask for further help in the ESET Protect forum or contact support.
I hope this helps out!
Mr.Gains gave kudos to Rincewind in ESET Agent Live installer not working
The issue is with the server certificate being to strict/not matching the hostname used in the agent installer.
First check the server peer certificate which hostnames are allowed (listed in the column HOST).
If you want to allow additional hostnames/IPs you can create a new server certificate containing all allowed hostnames seperated by space, comma, or semicolon. Or you can leave the default (*) to allow all hostnames.
Afterwards you have to assign this new certificate in the server settings and restart the Virtual Appliance (or the eraserver-Service) for the change to take effect.
You can also perform a repair installation and change the hostname. Please be aware that the hostname has to match eaxctly.
Mr.Gains gave kudos to speakerbox in ESET File Security Version 8 Release?
We're currently reviewing our server protection, we have around 150 on a mix of ESET File Security 7.0 and 7.1 (Windows only) which according to the EOL page is in support (Limited for 7.0, Full for 7.1).
With ESET Endpoint AV V8 being released for clients is there any rough estimated date/quarter/year on when the next major version for File Security will be released?
I've noticed 7.3 released for ESET File Security last month (EOL page not updated to show that?) but we're reviewing whether we should upgrade all our 7.0/7.1 servers to 7.3 or wait for V8. It be months of work to go to 7.3 only for V8 be released and have to do it all again so be good to know!
Mr.Gains gave kudos to Rendekovic in EFDE Monitoring
you are right, reports are in the works currently.
we are panning to offer reporting (more or less) in this scope:
Computers not eligible for encryption Computers eligible for encryption EFDE not installed Computers eligible for encryption. EFDE installed AND disk not encrypted Computers with encryption in progress Computers encrypted Computers encrypted using TPM chip Computers encrypted using OPAL 2.0 Computers encrypted via FileVault2 (future) Computers with boot disk only encrypted Computers with all disks encrypted Computers recovered in past month... What exactly would you like to see in the reports? Except for "password uses left" you mentioned above...
Thank you for your inputs
PM for Encryption solutions
Mr.Gains received kudos from MichalJ in EFDE Policy
In the EFDE policy we have total recovery password uses, and the recovery password reset when it reaches a number of uses left. The issue I see with this is that the user can reuse the same recovery password until they reach the auto-generate new password in policy, could we have this to where it could generate a new password after a number of use? For example in policy there's 20 recovery password uses, and it'll auto-generate a new recovery after every 2 recovery password used, and it'll warn the user when there's 4 total recovery password uses available before recovery data needs to be done. Another thing in entering incorrect password at the EFDE login screen, sometimes I get more attempts than I'm allowed and/or system reboot after 3 times. I'm thinking there's a bug in the password attempts, but it would nice for users to see how many more attempts until the current password is disabled.