Jump to content

sk3y0n3

Members
  • Posts

    24
  • Joined

  • Last visited

1 Follower

About sk3y0n3

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Marcos, Thanks for replying. THat sounds like it was the probable senario. Im glad to hear is not a problem with functionality, however it is causing confustion between other techs. How can we force the endpoint to do a recheck and report in the correct version? Is a reinstall required?
  2. Hello, We are seeing a reporting issue in our Protect server. Recently we pushed out a update task to upgrade from 9.1 to 10. The updates completed successfully. On the endpoint there is no issues, however from the global computers view some are still showing as the old versions. If you go into the computers details its showing the endpoint is up to date. Rebooted server thinking this was a scheduled service that updates this table view. Still not showing correct. Anyone have any advice? ESET PROTECT (Server), Version 10.0 (10.0.1128.0) ESET PROTECT (Web Console), Version 10.0 (10.0.132.0) Microsoft Windows Server 2022 Datacenter (64-bit), Version 10.0.20348.1487 21H2
  3. ok, so we need to wait untill we recieve a new detection to turn it into a detection exclusion? Is there a better way to add exclusions for on-Demand scans?
  4. How do you move or re-create detection exclusions from one ESET protect server to another. I see an import option but not an export.
  5. Hi all, We are in the process of migrating from using an internal FQDN to a public (hostname@company.local to hostname@company.com). We have about 1000 clients alreay out there using the .local servername. As we push the change out with policy is there a way to report on what clients have recieved the change vs the ones that we need to work on?
  6. Hi, We have been sending our syslog from our AV server to a SEIM and things are working well so far. Recently we are piloting a few user moving from ESET Endpoint Antivirus to ESET endpoint security. We want to start sending the managed firewall logs up through the Syslog. From our investigation is does not seem the local FW logs are being sent even up to the AV server. Is this by design or do we have a configuration issue.
  7. Hi all, We are looking to integrate ESET on some classroom computers that have Faronics Deep Freeze on them. After reviewing their documentation they recommend that you schedule re-occurring "thaws" in which the computer reboots into a "thawed" state and the AV can can update and be "frozen" back to an immutable state. Their recommendation is that when you thaw to kick off a script that pulls the latest definitions from your AV server. Does anyone have any recommendations on how they have gotten this to work? I have looked at the help KB on ECMD and it does not look like this functionality is possible through that tool. The other option I have through of is a custom policy to schedule the updates via the ESET Scheduler. I see that this might not be best because the timing of the update and the thaw must be in perfect sync to get the timing right. Anyone else use these two products together? Any advice from ESET on how to programmatically kick off a Modules update on demand?
  8. How should i provide the logs. Even 1 day of logs is over 200mb
  9. We are running into some issues with Exclusions and are hoping to gain some more information on the expected behaviors. We have some directories set as exclusions under Detection Engine > Exclusions. This seems to correctly exclude these paths from the Real Time Scanner. The issue we run into is that the other scanners, On-Demand, Idle, Startup often alert on objects inside these folders. Could someone explain if this is expected behavior? If so how do we exclude directories from ALL scanners?
  10. I understand the AntiSpam is a plugin for the desktop client. In the Web Protection settings it indicates that it also scans e-mail. Does it use a different scanner or detection engine then the e-mail plugin?
  11. Today we had an phishing incident and the e-mail module for the Outlook Client caught a ton of threats. We were happy with the performance in that area. We were asked about those users that use the Outlook web client and not the desktop client. We didn't notice any alerts from that category of users. My question is there any way within the ESET product to protect against a similar threat in webmail? We do have SSL inspection enabled but were not sure if ESET would detect the same attachment if opened through webmail. Any thoughts ?
  12. @Marcos Its been a few weeks and i have not seen any component updates. I have verified the settings but non of the clients in my test group have been updated yet. Any advice on what might be missing?
  13. We are struggling to get Auto-Update working via policy in or environment. I confirmed the policy is distributed to the group we are testing on. We are on 8.0.2028.0 and version 8.1.2031.0 shows as available in the Protect console. I don't see anywhere where we can accept the EULA. I was unable to find any info in the documentation on this. Does anyone have any greater information on this or can link to documentation on the process.
  14. Thanks @Marcos, I know you can override local exclusions by "replacing" them with policy. But if you ever remove that enforcement the local policy comes back into play. Is there a way to delete the local exclusions with policy?
×
×
  • Create New...