Jump to content

rmdir32

Members
  • Posts

    4
  • Joined

  • Days Won

    1

Kudos

  1. Upvote
    rmdir32 gave kudos to Robertos in ESET block Gradle after latest update   
    macOS has a non standard way of processing localhost filtering through product network filter. We’ve identified a fix for this issue, which will be included in an upcoming hotfix. However, turning off the firewall in the product settings won’t resolve the problem; you’ll need to reinstall the product without the firewall component. To do this, rerun the onboarding wizard and deselect the firewall option in the component installation. Once the hot-fix is released, you can reinstall the firewall by following the same steps.
  2. Upvote
    rmdir32 gave kudos to Ivan Ganchev in Configure LDAPS on new Rocky Linux appliance   
    Same here.
    I follow the intructions for upgrade/migration from centos to rocky.
    After pull database from old server , next step is to configure the appliance via web interface.
    In this interface no option to join in the domain. Only to type domain name and domain controller ip/host. There's no fields to set username and password credentials for the domain.
    This is not serious...
    Whatever, after finishing setup and reboot, in the VA screen appears instructions how to finish domain join procedure.
    From MORE->Settings->Advanced settings->Active directory.
    I follow this instructions and nothing happens too. I do'n know what to do more....
    Please, fix this asap!
  3. Upvote
    rmdir32 gave kudos to serpher in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: More templates
    Detail: New options to choose from in dynamic templates such as: Computer name, tags, IP address and etc. Pretty much all available columns from Computers section.
  4. Upvote
    rmdir32 gave kudos to ewong in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description:  Bundled-configuration/file/certificates for migration to new server.
     
    Detail: Currently migrating to a new server is a confusing mess.  Perhaps future ESET PROTECT servers can have an option to gather all necessary configurations/files/certificates into one bundle that can be imported into the new server.  This of course means that the old server and the new server must be running the same version (or binary compatible) of ESET PROTECT.  (i.e.  cannot migrate from ESMC to ESET PROTECT)
     
     
     
  5. Upvote
    rmdir32 gave kudos to SteD in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: Show all module infos from agents in ESET Protect
    Detail: We need the possibility to see all versions of all modules of all ESET Products on  connected agents (clients/servers), e.g. the HIPS support module. 
     
    Description: possibility to enforce communication from agent
    Detail: We need a possibility to enforce the communication from the agent to the ESET Protect console from the agent. A wake-up call via EPNS will not work, as we are not allowing the clients to be connected to the internet.  
  6. Upvote
    rmdir32 received kudos from BlueBear in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: ESET Protect Cloud ability to store and view changes made to policies in Audit Log.
    Detail:
    Customer is in the healthcare industry and has to abide by many high level certifications and audits which many deal with logging changes in their operating environment. Currently attempting to use the "Show object details" when viewing Audit log of a particular policy; however this only shows the current policy settings and does not display a log of changes made.
    ESET products play a key role in their protection and having this ability to track specific changes within the many policies that they have plays into this area of logging important changes. 
    Without having a native ESET log that shows specific changes from one edit to the next, they are lacking in this area when it comes time to present to auditors and other certification bodies. 
    This would be a huge benefit to their company in particular and also serves as a great feature to include in ESET overall. 
     
     
  7. Upvote
    rmdir32 received kudos from SunnyJ in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: Allow ESET Bridge Policy to edit/change Log Directory.
    Detail: ESET Bridge v.3.0.1.0. Changing the Cache Directory is a great feature, however at the moment there is no way to change the Log Directory. Editing the pkgid file as a workaround will revert back to default C drive once the service is restarted, policy is refreshed or server rebooted. Another feasible option could be to change the installation directory for ESET Bridge. This is particularly useful in the event that the primary drive is not as large as other storage drives or is running low on space.
     
    Kind regards,
  8. Upvote
    rmdir32 received kudos from LeonC in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: Allow ESET Bridge Policy to edit/change Log Directory.
    Detail: ESET Bridge v.3.0.1.0. Changing the Cache Directory is a great feature, however at the moment there is no way to change the Log Directory. Editing the pkgid file as a workaround will revert back to default C drive once the service is restarted, policy is refreshed or server rebooted. Another feasible option could be to change the installation directory for ESET Bridge. This is particularly useful in the event that the primary drive is not as large as other storage drives or is running low on space.
     
    Kind regards,
  9. Upvote
    rmdir32 gave kudos to FerdinandG in Change Rogue Detection to Detect Computers Only   
    I think all of us have the same problem. I can add the MAC address prefix filter to exclude devices that I don't want to be included in the rogue computers list, but there are so many MAC address prefix that I need to add. Printers, switches, NAS, are included in the list and the make the number even bigger, although there is no need to do anything with those devices regarding with ESET. Still waiting for a way to list "computer" only in "rogue computers" list
  10. Upvote
    rmdir32 gave kudos to j-gray in Error when upgrading - User was Blocked   
    Well.... I just found the issue. The upgrade process populates the EI admin logon and password. It just so happens that it was populating the admin account in a case-sensitive manner, as the account exists in the EP console (e.g. CAPAdmin).
    When I used the login id capitalized as it exists in EP console, the user is blocked. When I enter the login id in all lower case, the upgrade was able to complete.
    I confirmed the same logging into the EI console; account as configured in EP is CAPAdmin. Log into EI console with CAPAdmin = user is blocked. Log into EP console as capadmin = successful login.
  11. Upvote
    rmdir32 gave kudos to LeonC in Web Control Rules display SID's and not User Names.   
    In version 7.2 the rules placed the user name in the field in a useful way with like
    ESET Security Management Center (Server), Version 7.2 (7.2.1278.0)
    ESET Security Management Center (Web Console), Version 7.2 (7.2.230.0)
    With a policy rule. When I put an objectSID into the box to add security identifier and click OK.

     
    After clicking OK in the web console the objectSID would magically turn into a human readable format.  Creating the list item with the objectSID in the title attribute and places the human readable format into the inner text of the list item.

     
    Which looks like it is been that way by design since version 6.5
     
    https://forum.eset.com/topic/10117-web-control-user-list-populates-sids/

    We are installing the Virtual appliance
    ESET PROTECT (Server), Version 10.0 (10.0.2133.0)
    ESET PROTECT (Web Console), Version 10.0 (10.0.132.0)
    Same deal in 10 add the objectSID click OK
     

     
    The web console does not place the human readable format into the inner text of the list item as it did in a prior version. 
    Between these two forms when entering the objectSID and clicking OK is where the issue is.  And why I’m wondering what this relies on to function properly.
     

     
    It appears that I’m not the only one having this issue.
    https://forum.eset.com/topic/33941-web-control-rules-filter-by-user/
     

    With ESET Appliance v10.0.2133.0 only the SID is displayed.  Will ESET bring back the User name again in future releases? 
  12. Upvote
    rmdir32 gave kudos to Jean M in Onprem Security Management Center - Audit Logging   
    Exactly, I was looking for a setting to configure that interval but couldn't find it. With your description I was able to find it and it was in fact set to 1min! Probably by mistake..
    One suggestion. We noticed that run commands logged in this audit report are not showing what command is being executed (a detail information from the command), at least from what we know. This is an important audit information as you should understand. We'd say that this should show at least in the audit events related to when we change the run command user task configuration (that's when that information is set). Certainly it could imply changes in the amount of information stored in the audit.
    Thanks!
  13. Upvote
    rmdir32 gave kudos to Jean M in Onprem Security Management Center - Audit Logging   
    I was looking for other ways of getting this information (knowing what commands were run by a certain user of SMC Console), do you have any suggestion?
    The audit provides runTask logs and change task logs, but no information on the command. Looking at specific computer details, we see a list of events but for the run task we can only see the most recent command assigned to the task.
    Thanks.
  14. Upvote
    rmdir32 gave kudos to MichalJ in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    @ludolf In ESMC V7 you can configure "monitored static group" as a part of the notification. So if the alert happens in the Group1 and Group1 is configured as monitored, only the recipients set in this notification will get it.  Concerning the auditlog issue, we are tracking improvement for a more granular filtering (it was actually existent before). 
  15. Upvote
    rmdir32 gave kudos to ludolf in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    MichalJ, thanks for the answer.
    Audit log filter: for example somebody changed a server setting and broke a feature by doing this. I know what has been changed, but currently I cannot filter to it. If I could to filter, I would know who changed it, and ask him why did it. 
  16. Upvote
    rmdir32 gave kudos to ludolf in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: more details in audit log
    Detail: Reports/Audit log. If somebody modifies a policy, only one event added to the Audit log: "Modifying policy xxx"
    it would be nice to know more. What settings have been modified and before and after values.
  17. Upvote
    rmdir32 gave kudos to ludolf in Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)   
    Description: more granulate audit log filter 
    Detail: Reports/Audit log. If I would like to search for a specific setting ("who changed it"), I have to scroll down from page to page, or use CTRL-F
    Please add possiblity to filter string in "Action detail" column. 
×
×
  • Create New...