
bbahes
Members-
Content Count
516 -
Joined
-
Last visited
-
Days Won
5
Everything posted by bbahes
-
ESET Endpoint Protection constantly disabled - why?
bbahes replied to HugoKornelis's topic in ESET Endpoint Products
We did not try to reproduce problem. I will ask user to repeat same process and give you feedback. -
ESET Endpoint Protection constantly disabled - why?
bbahes replied to HugoKornelis's topic in ESET Endpoint Products
What user did in the end is restarted machine. After that alerts went away. We talked to user and he told us that he did not shutdown notebook in Start > Shutdown way but he just closed lid. After he resumed notebook from sleep state this alert started. -
ESET Endpoint Protection constantly disabled - why?
bbahes replied to HugoKornelis's topic in ESET Endpoint Products
Maybe related....but I have one client (Endpoint v7) that has this alert in ESMC: -
HI! We got today a event in THREATS: However, I see action as Detected. If we wanted to change action for this types of threats, which specific policy/rule would we need to modify? Thanks!
-
This is what I see in /var/log/httpd/error_log file: [Mon May 06 09:16:32.930991 2019] [proxy_http:error] [pid 29607] (70007)The timeout specified has expired: [client 192.168.224.8:49679] AH01102: error reading status line from remote server update.eset.com:80 [Mon May 06 09:16:32.931042 2019] [proxy:error] [pid 29607] [client 192.168.224.8:49679] AH00898: Error reading from remote server returned by hxxp://update.eset.com/ep7-dll-rel-lb/mod_049_horusdb_4350/em049_64_l0.dll.nup [Mon May 06 09:29:08.351585 2019] [proxy_http:error] [pid 4953] (70007)The timeout specified has exp
-
Detection Engine out of Date (EEA 7.X) global
bbahes replied to HSW's topic in ESET Endpoint Products
Still...I would be nice to know what really happened. Maybe you could anonymize trace file with https://www.tracewrangler.com/ and share it... -
This was only on one new client. After I logged in as Administrator it downloaded module updates correctly. Proxy policy is same for all clients in company. All others working fine.
-
Detection Engine out of Date (EEA 7.X) global
bbahes replied to HSW's topic in ESET Endpoint Products
I had similar problem minutes ago. Maybe it's similar problem? -
I don't know does this matter, but I've logged in as administrator on client PC and started module update manually:
-
Hi! Deploying EES 7.1 further to new clients. On latest we have problem: Agent is connecting to ESMC:
-
Threat reported via notification, not in ESMC Threats page
bbahes replied to bbahes's topic in Remote Management
You are right! Default filter is to filter resolved threats. In this case, JS/AdWare.Agent.AF was resolved on client by connection termination so it did not show up in Threats page. Thanks @MartinK -
Hi! After deploying EES 7.1 to 50 clients we have one reporting (notification to e-mail for Malicious file detected (trojan / worm / virus / application) enabled in Notifications) "Malicious file JS/Adware.Agent.AF was detected on computer ..." However, I don't see threat reported in THREATS page in ESMC, but neither on client details > alerts page. We are using default policies and have only 3 that Append firewall rules: Is there something else we need to configure ?
-
Did you apply both Proxy policy for Agent and Product?
-
Duplicate IP addresses on network cause by VPN and RDP
bbahes replied to Zurd's topic in ESET Endpoint Products
Not siding with ESET support, however, this is basic networking knowledge, not ESET endpoint problem. -
If I do this now, what steps would I need to take in order for current clients to communicate correctly with ESMC? Second question, why is this not on by default? Maybe you could make checkbox in initial wizard to ask during deployment for protocol TLS 1.0, TLS 1.1 or TLS 1.2 ?
-
I see there is column REMOTE HOST that shows VPN IP's. I will try and use information from that column.
-
Hi! I think this was posted before, but I can't find post. We are deploying EES 7.1 clients and we have problem with IP address column in ESMC . It displays IP address of network adapter that is connected to LAN. However, some of our clients use VPN connections. In ERA v5 we got updated with this information as this is address that client uses to communicate on Layer 3. Is there a option to show/update all IP addresses from clients in ESMC interface?
-
Hi! We are deploying ESMC 7.x and EES 7.1 to our environment. I have created static group MyGroup under main static group All. I have assigned some default policies to MyGroup. Below MyGroup I have created first department group MyDepartment. Under Policies of MyDepartment I don't see policies I have assigned to MyGroup. Do I have to check some option in order for static group inherit policies from parent group? Thanks!
-
ESET Endpoint Security v7.1.2045.5 released???
bbahes replied to Jamie-TM's topic in ESET Endpoint Products
@Marcos Does Endpoint 7.1 align with ESMC 7.0 policies? I am about to deploy ESMC 7.0.72.0 and EES 7.1 and just wanted to check if features like Audit log and Security report are already supported by ESMC 7.0 or there is ESMC 7.1 about to be released that will support new client features? Thanks in advance! -
ESET Dynamic Threat Defense really necessary?
bbahes replied to cmit's topic in ESET Endpoint Products
I was thinking more of using EEI feature: "Easily suppress false alarms by adjusting the sensitivity of detection rules for different computer groups or users. Combine criteria such as file name / path / hash / command line / signer to fine-tune the trigger conditions. ". So critical system files/ updates that have correct signature and hash would be excluded from checking. -
ESET Dynamic Threat Defense really necessary?
bbahes replied to cmit's topic in ESET Endpoint Products
Looks to me that you could use EEI technology here. Maybe merge two products?