bbahes
-
Posts
521 -
Joined
-
Last visited
-
Days Won
5
Posts posted by bbahes
-
-
Hi!
We are deploying ESMC 7.x and EES 7.1 to our environment.
I have created static group MyGroup under main static group All. I have assigned some default policies to MyGroup.
Below MyGroup I have created first department group MyDepartment. Under Policies of MyDepartment I don't see policies I have assigned to MyGroup.
Do I have to check some option in order for static group inherit policies from parent group?
Thanks!
-
On 4/12/2019 at 2:53 PM, Marcos said:
Most likely the person responsible for posting announcements is currently on his way to the US. An announcement about the availability of the new version of Endpoint 7.1 will be posted as soon as possible.
Does Endpoint 7.1 align with ESMC 7.0 policies?
I am about to deploy ESMC 7.0.72.0 and EES 7.1 and just wanted to check if features like Audit log and Security report are already supported by ESMC 7.0 or there is ESMC 7.1 about to be released that will support new client features?
Thanks in advance!
-
31 minutes ago, Marcos said:
EEI and EDTD are completely different products for different purposes so merging them just doesn't make sense. EDTD can be used by users who don't have EEI and vice-versa.
I was thinking more of using EEI feature: "Easily suppress false alarms by adjusting the sensitivity of detection rules for different
computer groups or users. Combine criteria such as file name / path / hash / command line / signer to fine-tune the trigger
conditions. ".So critical system files/ updates that have correct signature and hash would be excluded from checking.
-
13 hours ago, Marcos said:
I'm not sure if that would have adverse effect on system stability. Imagine that application or system updates would be blocked by ESET for several minutes; something that applications or the OS would not likely count with and which might result even in severe issues. I'm sure that it won't be enabled unless we are 100% sure such issues won't happen.
Looks to me that you could use EEI technology here. Maybe merge two products?
-
59 minutes ago, MichalJ said:
With regards to what Marcos said, let me add that we are currently discussing an option to block new files before the result from EDTD is obtained.
I was about to post question when do you plan to change this behavior...
-
42 minutes ago, Marcos said:
Do you or your ISP use a Fortinet firewall or IPS? They are known to corrupt bigger update files.
Can you provide Fortinet FortiOS version, IPS rule that does this? We have Fortigate on multiple location but I have never noticed any corruption. Does this effect v5 or v6 and v7 also?
-
On 3/13/2019 at 6:49 AM, Quimax said:
We're trialing ESet, looking to move from Kaspersky. In setting up the server, I went "Oooo Virtual Appliance, that should be easy!" However it seems most of the instructions are for the Windows Server based install.
Our user base is scattered far & wide. In country here we have pathetic internet (1.5Mb down VSAT for the entire office) for a couple of remote offices, slightly better for our main office, and random other users in about 6 countries world-wide.
Before we get more than 5 PC's in it, I'd like to hear opinions and experiences that others have between using the two, supposedly feature identical, installation types.
We used Kaspersky before we switched to ESET v5. We had so many problems with performance and also, at the time, some of our clients used Home versions of Windows clients, that Kasperky does not support. Currently we are at ERA v5 + EES v5 and planning to jump to ESMC v7 + EES v7.
With ERA v5 we had to use Windows as server. With ESMC v7 we are considering only Linux virtual appliance. I wish in future, ESET move all products to Linux VA's.
There are several factors that drove me as project leader to Linux. Performance, Patch Management, Security, Licensing.
Initially I was not happy with v6, but as time is moving, v7 seems logical step in endpoint security management. If you don't like on-premise solutions as I, and your business allows moving solutions to cloud, you might wanna check cloud version and never bother with Patch Management and Security of virtual appliance.
Update: There are sometimes problems with major version upgrades on client and server side, but this is all handled either by guys on this forum or by your local support team.
-
16 hours ago, MichalJ said:
Hello @karlisi this will be resolved in the upcoming ESMC 7.1.
I can't send you private message. Do you have rough time frame of release?
-
7 minutes ago, MichalJ said:
@bbahes Upon renewal (if the renewal was done within the expiration period), it should update the license status automatically. Do you change also the license key during renewal, or just extend the expiration of the same license (did the license key change)? If not, it indicates a problem in either your setup / our licensing functionality, and should be looked at from the technical support perspective.
@SysEPr With regards to the live installer - noted, our devs confirms that, but it might happen that this won´t be done (as it´s really a niche scenario). With regards to the focus on 2FA, I will let it report to our devs, so it´s reported. I do agree and fully support it.
License key and Public ID are same as last year. It should be noted that this is test system and both ESMC and client are in virtual machines which where in saved state. It could be that ESMC did not sync with EBA. For me, confirmation that this is automatic process is solution.
Thanks for response!
-
Description: Automatic product activation on license renewal
Detail: I can't find option in ESMC for endpoint automatic license activation after renewal. I only find option on client "Activate this product if you already have a renewal key or a new license." It would be most welcome to have this feature automated. For example, when license is synced with EBA account, automatic activation of endpoint would be triggered either by endpoint like with updates, if you can't access activation server via proxy, then go directly to ESET servers.On my test system I had to create client task to send activation on test client to renew license. Maybe I had to wait a little bit more time before client receives new license?
-
1 hour ago, Marcos said:
Since we are about to release a previously not planned service build of Endpoint (7.1) soon, the new email plug-in will be included in Endpoint v7.2 in H2/2019.
How soon? 😎
-
23 hours ago, MartinK said:
Unfortunately it is not very clear from release statement, but only MDM components has been updated in this release.
That is why we decided to not release updated appliance - MDM component can be easily upgraded in existing version. ISO image with updated MDM installers (and all-in-one) installers should be already available. It contains ESMC components from release 7.0.72.0 with updated all-in-one installer (OpenJDK support, 7.0.72.1) and updated MDM component installers (bugfix, 7.0.72.2).
Thanks!
-
Hi!
After releasing All-in-one installer version 7.0.72.2 when do you have plan to release virtual appliance version?
Also, how long after releasing new version do you need time to build new ISO? I'm asking because we want to jump to most stable release, preferably to 7.1 if not before.Thanks!
-
Hi @TomasP !
Can you confirm beta status for 7.1 is still active?
Does ESET have any release date in mind for 7.1? We use 5.x and will jump to 7 in near future, but would rather wait for this major release than to go through upgrade process which from my perspective is still unpolished and prone to errors. -
Just tested with nslookup -type=TXT rs.dns-oarc.net. seems everything is ok:
Non-authoritative answer:
rs.dns-oarc.net canonical name = rst.x4090.rs.dns-oarc.net
rst.x4090.rs.dns-oarc.net canonical name = rst.x4058.x4090.rs.dns-oarc.net
rst.x4058.x4090.rs.dns-oarc.net canonical name = rst.x4064.x4058.x4090.rs.dns-oarc.net
rst.x4064.x4058.x4090.rs.dns-oarc.net text ="212.91.113.208 DNS reply size limit is at least 4090"
rst.x4064.x4058.x4090.rs.dns-oarc.net text ="212.91.113.208 sent EDNS buffer size 4096"
rst.x4064.x4058.x4090.rs.dns-oarc.net text ="Tested at 2019-01-26 16:15:01 UTC"
-
Hi!
Looking at DNS flag day (https://dnsflagday.net), I wonder, does EES firewall support EDNS in v5 product line?
Or is this something of no concern for end client?
Thanks!
-
2 hours ago, Marcos said:
Whole on-demand scan logs are not transferred to the ESMC server. However, if a threat has been detected it's logged with the warning or critical severity if cleaning failed and these records appear in the Threats pane in the ESMC console.
@Marcos What method would you suggest for firewall logging in ESMC v7?
For example, we install new application that needs to access various network resources. We don't get clear specification from vendor on ports, so we need to use various forms for network capture. What would be best method to get logs from client to ESMC for specific application network usage?
-
Just now, ludolf said:
Description: ability to add process path containing environment variable:
Detail: in ESMC policy, add process exclusion
%systemroot%\System32\Vmms.exe doesn't accept, "Invalid value"
c:\windows\System32\Vmms.exe this worksI was able to add this path to Firewall rule. Where are you adding this rules?
-
8 hours ago, RangerZ said:
I am unclear under what circumstances a topic becomes archived, but the issue persists
https://forum.eset.com/topic/16463-ms-outlook-2016-sync-issues-and-confilcts/?_fromLogin=1
I have now upgraded to 7.0.2 and I guess still waiting for 7.1. (???? date ????)
I have been updating my client PCs the last few weeks and deleting as many as 23000 items in the "Sync Issues" folders.
Don't disable integration with Outlook. Try playing with options in Email client protection.
First make sure Disable checking upon inbox content change is checked. We use O365 and EES v5. We had similar problem and after turning this option on it went away.
-
8 minutes ago, Daniel26 said:
Hello,
thanks for your answer.
So I have to change firewall settings even if we don't have a ESET firewall installed? We only have Nod32 Antivirus.
Regards
Daniel
Actually it's not firewall, rather feature that is located in this location in policy.
Here is client side:
-
44 minutes ago, Daniel26 said:
Hallo,
we are using Eset Nod32 Antivirus 5.0. For managing, a instance of Remote Management Server 5 is installed.
Atm. we try to migrate to Antivirus 7 and and Security Management server. Therefore we try to roll out the AV Client. But the Antivirus 5 is blocking the URL to our package management system, so we can't provide the package (Object: hxxp://url_to_our_package Threat: Blocked Object Action: Disconnect)
How can I tell globally via the Remote Management that Antivirus should nod block this URL?
Regards
Daniel
As I understand, ESET Endpoint Antivirus v5 is blocking access?
If that is true, than in ERA v5 you need to edit policy that is applied to all clients and go to: Windows Desktop v5 > Personal firewall > Settings > Web access protection > HTTP address management: See dialog (and select Edit in right pane of Window).
There you have three lists:
1. List of addresses excluded from filtering
2. List of blocked addresses/masks
3. List of allowed addressesEnter your URL to 1 and 3.
If you have enabled Web Control, then under Windows Desktop v5 > Web Control > Rules: See dialog (and select Edit in right pane of Window) add your url in Rule Editor to URL-based Action with Action set to Allow.
-
2 minutes ago, Nono said:
Is there any way to upvote this feature on the wish list ?
As far as I know, no. I asked them long time ago, will they offer https://www.uservoice.com/ but I did not get answer.
-
-
On 1/3/2019 at 5:25 PM, Marcos said:
You understand it correctly.
If I understand correctly. Only Agent is communicating with Update servers, Live grid, ESMC and Security product is talking only to Agent?
Multihomed host - ESMC 7.x
in ESET PROTECT On-prem (Remote Management)
Posted · Edited by bbahes
Hi!
I think this was posted before, but I can't find post.
We are deploying EES 7.1 clients and we have problem with IP address column in ESMC . It displays IP address of network adapter that is connected to LAN. However, some of our clients use VPN connections. In ERA v5 we got updated with this information as this is address that client uses to communicate on Layer 3.
Is there a option to show/update all IP addresses from clients in ESMC interface?