[Removed: Secure Browser Websites redirection, replaced by Secure all browsers protection]

For years we have been telling clients "ESET is protecting you by opening your bank's website in a Secure Browser", has this protection gone away?

[Removed: Secure Browser Websites redirection, replaced by Secure all browsers protection]

The v11 changelog reports: Removed: Secure Browser Websites redirection, replaced by Secure all browsers protection

I am not sure what this means, I suspect the net result is that the Secure Browser is going away. Please tell us more about its replacement and provide some background. Thank you.

[ESET Internet Security Updates]

I am getting a 404  error when clicking on this link.

[Protect server crash]

I see, so if we revoke, will it hurt anything? Will they be removed from /era/webconsole/#id=CERTIFICATES ?

 

[Protect server crash]

Two of our certificates are unused, is there any reason not to delete unused certs?

 

[Protect server crash]

@Marcos, can the certificate export be done via command line to facilitate an automated batch process?

The "different IP address" is confusing me, we use a fqdn to connect to the Protect server, if the IP address changes, but the fqdn stays the same, does that count as an IP address change? 

[Protect server crash]

Thanks - what folders should be backed-up? Is there a knowledgebase article documenting the backup & restore procedures?

[Protect server crash]

We backup our database daily. If the Protect server crashes is a database restore all that is needed to get our endpoints back on-line.

Our old server is a Server 2012 running SQL server 2014, would a restore onto a Server 2022 running SQL 2022 work, or would we need to go back in time?

[Outlook Attachment issues]

Tuesday afternoon, several of our end-users are reporting issues with Outlook attachment handling when ESET Endpoint Security v 10.0.2045.0 is installed. Outlook locks up when attempting to save, preview or view attachments. We have tested PDF & XLSX attachments, both file types have the same issue.

We have tried many things, the only certain resolution is uninstalling ESET Endpoint Security.

The affected computers are running these versions of office.
Microsoft 365 / Outlook v2301 16.0.16026.20238
Microsoft 365 / Outlook v2303 16.0.16227.20280
Microsoft 365 Apps for business / Outlook v2304 16.0.16327.20214

Some users are on W10 others are on W11

What settings can we change to make this a better situation for our end-users.

[Protected browser doesn't follow original url]

OK - thank you.

Is there another solution?

[Protected browser doesn't follow original url]

We are using Endpoint Protection v9.0.232.6 managed by Protect v9.0.1144.0, I don't see a "Secure all browsers" setting, where is it hiding?

[Protected browser doesn't follow original url]

Chrome is my default browser, if I create a bookmark to https://company.screenconnect.com/Host#Access/All Machines by Company/<computername> and define company.screenconnect.com as a secure site, the protected browser opens to https://company.screenconnect.com is there a way to persuade the protected browser to open the originally specified url?

[URL Address Management]

We use EES v9.0.2032.6 to protect our Windows systems. On-premise Protect v9.0.1144.0 manages our policies. We block executable file downloads using URL Address Management:
Edit Policy | Settings | Web and Email | Web access Protection | URL Address Management | Address list | Edit | Add to List of blocked addresses: *?.exe

From time to time, we add addresses to the allow list, for example: *.lscsoft.com/*

Today, an accountant needed access to Glance a remote desktop application. I don't want all users to have this added to their allow list. So I setup a new policy and applied it to my computer for testing.
Edit Policy | Settings | Web and Email | Web access Protection | URL Address Management | Address list | Edit | Add to List of allowed addresses: *.glancecdn.net/screenshare/*

 

No joy, I am still blocked. If I add glance to the main policy everything works.

How do I have multiple allow lists? One for the general population, then others for those with special needs?

[ESET Secure Browser - works one day, not the next]

When we go to banking sites, our fleet of computers are supposed to be redirected to ESET Secure Browser. This will work for a month or so, then quit working. The last time it quit working, support corrected the problem by toggling the policy settings off, waiting a bit, then toggling back on. Previously, the problem affected all browsers, now it seems to only be Chrome.  Anyone have a reliable method of making this behavior reliable?

Product versions: 

• ESET Management Agent 9.0.1141.0
• ESET Endpoint Security    9.0.2032.2
• Detection Engine    24433 (20211210)

We are using these policy settings in Protect:

 

 

[Website Certificate Revoked]

When going to https://christyco.com we are getting a "Website Certificate Revoked" notice. 

SSL Checker says all is well. https://www.sslshopper.com/ssl-checker.html#hostname=https://christyco.com/

Anyone know what's going on?

[ERR_BAD_SSL_CLIENT_AUTH_CERT]

Support helped me with this. We added "s3.amazonaws.com" to the list of known certificates to be ignored via Advanced Setup | Web and Email | SSL/TLS | List of Known Certificates

 

We then exported my local workstation's configuration, imported it as a policy in Protect and applied the policy to our client workstations.

[ERR_BAD_SSL_CLIENT_AUTH_CERT]

On workstations with Endpoint Protection, I am getting: ERR_BAD_SSL_CLIENT_AUTH_CERT
when trying to access these urls:
https://white_label.s3.us-east-1.amazonaws.com/UFW/logo-ufw-white.png
https://white_label.s3.us-east-1.amazonaws.com/UFW/Favicon-UFW-blue.png?v=2

Without endpoint protection, Chrome tells me the corticates are fine. Any idea what's going on and how to clear the issue?

[Website Blocked Notifications]

Thank Marcos, what is the best way to make the email notification a successful feature request?

Our block list looks like this:

# {"product":"endpoint","version":"8.1.0","path":"plugins.01000200.settings.stProtocolFiltering.stUrlLists.2.strAddresses"}
*?.exe
*.*.exe
*.docm
*.xlsm
*.pptm
*.vbs
*.bat
*.wsf
*.rar
*.winzip.com

[Website Blocked Notifications]

I want an email when a client attempts to download an executable. We are using URL Address Management in Web & Email via /era/webconsole/#id=POLICIES to block executable downloads. I have tried configuring notifications via /era/webconsole/#id=NOTIFICATIONS, but haven't stumbled on the correct solution.

We block the download, the client sees:

Website blocked
	The web page is on the list of blocked websites specified by the user.
	Access to it has been blocked.

 

Please help

[ESET Secure Browser as daily driver]

Is using the secure browser for all browsing - shopping / social media / search etc a bad idea?

My initial reaction was "Yes, it's a bad idea, you will end up with a polluted  sandbox", but now I am not so sure.

[Public facing ESMC - port 2222]

I like the proxy idea, in particular, if we are able to use CloudFlare to proxy the traffic, we would pick up quite a few benefits. For example CloudFlare will block known bad actors, significantly reduce the likelihood of DoS attacks and allow us to easily restrict access to known networks based on ASN &/or geography. The ASN issue is quite helpful, we see some adversaries come in via local Internet providers, however the vast majority attack from overseas or via data centers such as Azure, DIgital Ocean etc.

Is there a step by step recipe for this use case?

[Public facing ESMC - port 2222]

We self-host ESET Security Management Center, forwarding only port 2222 to the ESMC box, all other activities are restricted to the local LAN.

Anyone care to describe how safe we are from the evil-doers of the world? We are considering putting ESMC on a VPN, but would like some assurance that this isn't necessary.

Looking at /era/webconsole/#id=DETECTIONS, it is clear evil-doers are trying to penetrate our beloved security system.

 

[ESET Secure Browser - sometimes it is spawned other times it isn't]

Thanks itman.  This morning, my Chrome results concur with your Firefox results. Unfortunately, that isn't always the case, and it begs the question - why isn't one of the largest financial institutions opening in ESB ?

[ESET Secure Browser - sometimes it is spawned other times it isn't]

PNC, Citi, USBank, Chase are four of the 10 largest US Banks, it seems these should be included.

[ESET Secure Browser - sometimes it is spawned other times it isn't]

I never know if the ESET Secure Browser (ESB) will be spawned. For example this morning it was spawned when I went to pnc.com, but not citi.com. Other times citi.com will trigger ESB, but not usbank.com. Still other times usbank.com, but not chase.com.

How can we make sure ESB is triggered 100% of the time? It doesn't inspire confidence in the ESET stack.

ESET Endpoint Security 8.1.2031.0 managed via ESET Management Agent 7.2.1266.0, Chrome Version 91.0.4472.164 (Official Build) (64-bit), Microsoft Windows [Version 10.0.19043.1110]