bbahes

@MartinK - Is it possible to make change internal logging sistem in EES/EEA regarding HIPS in future? In this situation it will make action but since global logging is disabled it will not log action like Events or Detected threats do "on fly". I have noticed this on my clients that have been using CAD system that uses file system heavily on file save and sometimes it gives them errors, after turning off HIPS or adding app to HIPS exception list it no longer gives error messages.

Thanks for this info! v7 is getting more and more compelling...Hope to have thread with new features listed

It does not make sense do make PDF out of Online help. Maybe CHM? For so complex product like ERA I would expect to have Guide that would explain product in such way, that, for someone who is new to ESET products, and ready document is able to understand every aspect of usage. From UI to internal working. Especially new v6 product line. Any if you plan to have v7 heading in same direction with same code base, that is something to consider while doing documentation for new market. I have many times wondered where is complete explanation of policy settings? It could be something like in "ESET FILE SECURITY Installation Manual and User Guide - 4.10 eShell" where commands are explained in detail. Sure, there are many settings involved in your security products but having this structure explained in documentation is vital for someone wanting to better understand policy configuration. In this situation customers could potentionaly have external security consultant that would be able to study this policy guide and make XML policy for them just to import and be ready to use. I think investing in good documentation will only enhance your product and many problems and questions on forum will be matter of past.

Last few days I've tried to read you administration guide for ERA v6.5 from start to end. However I have found inconsistency in first 50 pages that I must ask is this document done by internal team or outsourced? Let me give you example, try reading 3.3 Computers (page 35) and then try to understand how did 3.3.2 got into topic (and how do you get to that Import page) and how it is related to 3.3.1. If its corporate secret and you can't answer I just want to say you need to rewrite entire document and explain topics with correct screenshots. It seems like document is written for someone who already has used ERA and want's to catch up and is reading only single topic not trying to understand greater picture of product. Or maybe your guides are ment to be read topic by topic just as quick startup, reference guide? Do you have any plan to revamp documentation or just continue to update it?

Could it be that it didn't pick up status because I performed update via Webmin?

However I wonder is this by design or maybe you need to fix this in VA deployment?

So after I did restart of agent service everything is ok:

I see that agent service is running on ERA:

Hi! I did clean deployment of ERA 6.5 VA and through Webmin i did operating system update. However in ERA I see that last connected in updated regulary but status says Operating system is not up to date: Is there something more I need to be doing to refresh this status? Do I have to install agent on ERA VA manually? Regards!

I wonder how long does it keep in cache by default?

I think this feature will bi available in ERA 6.5

I had feature request for firewall policy to be able to be exported to PDF on ERAC. ERA v6 policy PDF export Maybe this feature could be used in same situation? @Marcos Exporting configuration/policy/rules to PDF/CSV/... could be next mayor jump for ERAC?

The story about moving to 64bit only architecture is very old. I'm sure at some point most of software will be 64bit only. However at the moment situation is not that bright from developer side. In our situation we are forced to use 32bit app that loads 64bit plugin on 64bit Windows. This situation forces CPU to convert 32bit instructions to 64bit and that takes additional CPU time. Not to mention 32bit memory address space limit...

I just wonder would it make difference in performance? Why are you then moving to 64bit architecture? For example we have 32bit application that loads 64bit plugin. Performance is horrible...

One more reason to wait for v7 Thanks for this info!

Will it have linux virtual appliance deployment option? Would love to hear some licensing options if possible I ask because we have been approached by company that offers similar thing but if you have this ready soon I will have to test it and talk with managers to hold purchase for this 3rd party product. I will send you PM who is this 3rd party vendor I'd like to hear your comment.

So more like HIPS...I'm trying to understand where product fits Do you have any documentation ready?

Something like Sysinspector?

Is this separate product or feature that will be integrated in ERA+EEA/EES ?

@MichalJ will you provide v7 feature in some list?

I love when you throw this kind of information. Thanks!

I think Web Access Protection uses av signatures to check HTTP/HTTPS. On the other hand Web Control uses only categories to block or allow.

Maybe this helps? hxxp://help.eset.com/ees/6/en-US/idh_config_epfw_scan_http_address_list.htm

If you are reffering to "Zones" tab inside "Zone and rules setup" I was able to use it only with "Using ESET Authentication Server" in v5. With option "By local network configuration" I had so many problems. I still wait for answer will they port ESET Authentication Server to their virtual appliance.

@MichalJ We are still on v5 I use ERA v5 Console for real-time tracking of client status. Such as latest antivirus database update, windows security update (we don't have any update management. I'm investigating v6 features on this, so I can force client to check update and start update). Also I get notified of any infection. We don't have many since UTM blocks most problematic content from internet, but some do get beyond UTM. Lately I tried to execute script on all clients to change local admin password, but that is just nearly impossible on v5. This is one nice feature of v6. Next, I have enabled logging on some web control, hips, firewall rules, so having them in realtime helps me track some situations. I don't like stuff they did in v6 regarding dashboard, it destroys my expirience in real-time tracking, but they don't plan to change it so... Device control is something I tested in v5 and will need to use it (this feature is great potential, they say people don't use it and that they stopped investments in that module), but this waits for v6.5 or maybe v7, it depends how v6.5 is good and how easy is to upgrade from 6.5 to 7. I don't want to export any settings from v5 to v6, we wan't fresh start. While we used pop3/smtp server it helped alot with antispam and antivirus on e-mail protection. However since we migrated to Office 365 I am not sure does it still scan mail since now we use MAPI over HTTP. But I see it enabled as add-on in Outlook so I'm guessing it scans e-mail when they show up in OST file. I expect us to move to v6.5 or v7 just because of features like executing commands on client (no we don't have domain), merging firewall policies and they says it's better in defending against ransomware, which I am still little bit sceptical. What I still don't like in v6 is what they have done to update management, or better yet lack of it, but as with story on dashboard it's something they don't plan to change so...One thing I'd like to see at least in v7 is scheduling when policy is applied to client. You know the old story about user using notebook at work then moving it to home....currently I'm preventing users doing stupid stuff on notebook at home with web control but I'd love if I could be even more restrictive I forgot to mention one more reason I consider jumping to 6.5 before 7. Services can be used in firewall rules. This is very important to me since now I can say, ok let only Windows Update have full access to internet on clients that should not have internet access. And when you think about scheduling in this case...that would be...awesome is small word