Jump to content


  • Content Count

  • Joined

  • Last visited

Profile Information

  • Location

Recent Profile Visitors

748 profile views
  1. During testing of deploying the latest version of ESET Endpoint Security over older 6.2 version, we find the firewall is non-function, even after a reboot following the upgrade. However, a second reboot then seems to clear the problem, this means we need to find a way to run two reboots in the deployment which is tricky for SCCM (we deploy this way so as to give the users some choice in when they apply the update as per their schedule). Seems to be a recent problem, normally one reboot is sufficient, I suspect it's a recent Windows Update that's changed this, or maybe something in th
  2. Description: Remove old Active Directory users from Mapped Domain Security Groups in Access Rights. Detail: We use Mapped Domain Security Group from Active Directory to grant permission sets to users, Administrators, Read Only Administrators, Service Desk Users, Reporting Users, etc. However, when those users leave the business, and their AD accounts are disabled and deleted, they're still listed in the Domain Users tab for Mapped Domain Security Groups. Although those accounts can no longer login to ERA, to keep it tidy and security/auditors happy, we would like to be able to r
  3. Thanks @MichalJ so hopefully pretty soon for v7, not months away/end of year or next year kind of thing, granted things can slip of course for variety of reasons. "is one of" or the current "in" works to allow multiple matches of one criteria, the options being pre-existing. But for combining a multiple separate conditions, the only way currently is to get fancy with regex (if that's an option on the particular field), which I've had trouble in the past with ESET accepting the regex syntax when trying to do bit more complex (yes to these, no to those words/letters/symbols/etc.). Nest
  4. Description: Nested OR and AND in Dynamic Groups / Virtual Machines Detail: Nested OR and AND in Dynamic Groups creation, so you can have two or more sets of OR under an AND, or two or more sets of OR under an AND, or any combination. Example Virtual Machine or not (Physical) so we can split these two types apart, some advice here for how to determine it, will likely require nested criteria:https://blogs.technet.microsoft.com/kevinholman/2014/10/16/faq-how-can-i-tell-which-servers-are-physical-or-virtual-in-scom/ PS. What's the rough expected release date for ESMC V7 at the mome
  5. Description: Dynamic Group Filters - Computer Type Detail: This is a request going back to 2015: As in that post, we want to be able to create Dynamic groups of Laptops, Desktops and Virtual Machines (and by contrast Physical Machines), some may want to get as granular as the different kinds of Desktops and Laptops, but I doubt anyone needs/wants that level. At the moment we either have to use a name mask, or there is checking for the "Not Presence" of a battery, although I wonder if some UPS setups may skew the results. As I said back then, please read from the SystemEnclosure
  6. Hi @MichalJ I've tried some variations, and it doesn't appear wildcards (*) are accepted, it's 6.5 and 6.6 versions. %USERprofile%\Downloads\putty.exe as a test does work, so that's interesting, will see what we can do with that.
  7. Description: Firewall rule, Local Application wildcard support Detail: Currently it's possible to make Firewall rules using a condition based on the local Application, however you must input a full executable file path, such as: C:\Program Files (x86)\PuTTY\putty.exe We would like to be able to use wildcards, so we can instead enter either of these: C:\Program Files (x86)\*putty.exe *putty.exe This allows us to open the rule up to either any executable with that name within subfolders of a folder location, or any on the computer. This would come in handy for
  8. @MichalJ Thank you. Point 1 - The most urgent requirement is to print Firewall rules in a readable format (CSV / TSV / XLSX / DOCX / PDF) to review, or record for auditing, really need something ASAP for this. However, I expect this will extend to all "Lists" within ESET, zones, IDS exceptions, app modification web and device control, and other exclusion lists, anything similar. I do see an "Import" option on Exclusions popup, but only when viewing the top level Antivirus, Files and folders to be excluded from scanning, not on real-time, on-demand, etc. file extensions exclusions pop
  9. Description: Individual firewall rule hit count. Detail: Similar to hardware firewalls, it would be nice to see a hit count, packets matched, kind of information per individual firewall rule in Endpoint protection, also for that information (similar to above requests) to be visible in ERA, and total of the hits across all clients with the same rule. So we can generate reports, this makes it easier to find rules no longer being used and can be removed safely.
  10. Description: See Endpoint client logs within ERA. Detail: We would like to be able to see the logs from a client (Detected threats, Events, Computer scan, Blocked files, HIPS, Firewall, Filtered websites, Antispam protection, Web control and Device control) within the client entry in ESET Remote Administrator. While some threats and problems are highlighted in ERA, not everything is. A Filtered website blocked by Anti-Phising blacklist for example doesn't seem to appear in ERA, can only view it on the client's log.
  11. Description: Export list of firewall rules (zones, exclusions and any other configurable lists) Detail: IT Security would like to regularly review the list of firewall rules, zones, exclusions, basically any configurable list within ESET on a regular basis. There doesn't appear to be an easy way of doing this, from an ESET client you can export settings to an XML file, but this isn't readable for management staff.
  12. Excellent, pity it can't be hot-fixed in the current 6.5 release, but glad to know it will be corrected in V7. We don't currently use "users", but have noticed it there and intrigued for the possibilities you mention, user variables in policies sounds interesting. Two issues we have that I wondered if this would help with, is a desire to include the current/last logon user detail from AD (username, Full Name/Display name, email, telephone, etc.) in reports, the Service Desk/Deskside support want user information as presumably they track down the user, and then from there the c
  13. Description: Export list of computers from Dynamic or Static Group / Additional reporting filter options Detail: Rather than having to create a report, it would be useful to just be able to export a Group's (Static or Dynamic) list of computers out to CSV, TSV, PDF, etc. Especially as Reporting filtering is more limited than Dynamic Group filtering. Would be nice to have additional reporting filter options, such as "does not contain", "does not equal regex", "not in", "not prefix/postfix", etc. etc. As well as being able to set two (or more) criteria for a single field, e.g. "OS
  14. Description: Remote Administrator Console Login accept username in UPN format. Detail: When logging into the ESET Remote Administrator console, if using an AD login, you need to specify the username as "DOMAIN\username", however if you try to use the UPN format (common due to increased cloud usage) "username@fully.qualified.domain" then it's not recognised. Also, if you don't include a domain then it's also not recognised. Please support the UPN format and have the server default to a domain (if ERA installed on Windows, default to the domain the server is joined to), or allow an opt
  15. Description: Static Group Synchronization using "Objects to Synchronize" set to "Computers Only" will sync all computers from AD Domain. Detail: After creating a Server Task of Static Group Synchronization for a Active Directory domain, the "Objects to Synchronize" was set to "Computers Only" (we do not require the entire AD OU structure synchronized to ESET Remote Administrator, we use Dynamic Groups and assign policies there), and the "Distinguished Name" under Synchronization settings is black or set to the highest level "DC=test,DC=domain,DC=com", no computers are synchronized or exis
  • Create New...