Jump to content

Bob Gunn

Members
  • Posts

    7
  • Joined

  • Last visited

About Bob Gunn

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA
  1. We have deployed ESET Endpoint Security to our endpoints worldwide, including MacOS, Windows, and Linux devices. Most of our endpoints are Windows devices, however, we have a growing subset of users with MacOS devices. For one region, we have deployed the Palo Alto Networks GlobalProtect VPN solution. Upon installing both ESET and GlobalProtect, we are finding that MacOS devices are unable to establish a connection to the VPN gateway. The issue appears to be related to the Protocol filtering proxy ESET is required to set up for Web and Email filtering. The issue we are having is that we can disable the proxy in System Preferences and regain the ability to connect to the VPN, but we then lose the protocol filtering. Other members of my team have tried removing the proxy, but it returns with a restart of the system, which is expected. Is there a way we can build a policy that this proxy is not affecting the connection with GlobalProtect, or do we have to lose out on protocol filtering all together? Please let me know if you need further information. For testing purposes, the device I am using is running MacOS 11.5.2, EES 6.10.900.0, GlobalProtect 5.1.6-16 on a 13-inch MacBook Pro 2019.
  2. Were I in control of the policy of its use internally, sure. But the team that has been using this tool for a decade is requiring its use for the time being.
  3. Apologies, logs are attached now. ees_logs.zip
  4. Marcos, I have sent you logs in a message.
  5. I have created exceptions for the path and file hash within the remote management center. I can also see these exceptions on affected endpoints, however when I restore the file or reinstall the program, ESET ES still cleans the file by deletion.
  6. We have an internal program that uses crypt.exe to decrypt a downloaded access database file. This exe has hash 2E3B1CA1E54C7E3ADFD5D2205F6F54E93792B9CF and has just recently been flagged by the detection engine with the following Win32/Codeode.A. This file is essential for functioning of our tools. VirusTotal notes that this is only reported as malicious by ESET's detection engine at this time.
×
×
  • Create New...