PuterCare
-
Posts
107 -
Joined
-
Last visited
Posts posted by PuterCare
-
-
Thanks, my account manager has raised this with technical for me.
-
I see the below, only the bottom entry is available for EES, all the others are for EEA but usually I have several entries for EES.
-
Hi all, I used ESMC (virtual appliance, versions below) a couple of days ago and Eset Endpoint Security had several versions available the newest being 8.1.x. Today I have tried to upgrade another client and I only have one version of EES available, 8.0.2039.0.
I tried to select that version and install onto a new system via the agent and I receive an error "Package not found in repository". In the Help menu, the button to check for updates is missing. I have restarted my VA but still the same.
Is there an issue with the repo at the moment? Not sure why versions seem to be missing (usually there is around 5 versions of EES for Windows to choose from) and there are failures when trying to push the version that is shown.
ESET Security Management Center (Server), Version 7.2 (7.2.2236.0)
ESET Security Management Center (Web Console), Version 7.2 (7.2.230.0)Thanks
-
Rather than start a new thread, do you know how I can add "OS Name" to the report? If I create a new report I can select that in the Data section but I cannot add it to a report where the first data entry is Application Name and if I create a new report and select OS Name first, I cannot then select Application Name too.
-
1 hour ago, Marcos said:
You can edit the report template and make sure that you don't have any non-default filter set up:
Thanks but I already edited the template to look for filters and even created my own template from scratch in case there was a hidden filter on the default template. I just found out what the problem is, I had added a column "Group by (Repository operating systems)" because I wanted to separate macOS from Windows and as that field only refers to Eset repos it essentially filters my list.
Thanks for the reply, this explains why it did work for me but I didn't realise it stopped after that edit
-
I am not sure why I can't get this working. I have already enabled the option in the policy to report non-Eset apps and in the details section of the computers I can see a full list of installed applications. I run the "Installed Applications" report and that only shows me Eset software, I noticed the description days it would do this by default so I designed my own report but it still only shows Eset applications. I have no filters on the report.
Oddly enough, I did at one point get it to work but this wasn't by changing a setting, it worked one time and never again since.
Any ideas what I am doing wrong?
Thanks
-
Dos anyone know if there is a way to clone the firewall rules between profiles in ESMC policies i.e. Public, Home and Work? It's annoying to have to switch profile and set up the same rules again manually.
-
48 minutes ago, GregA said:
This is my Dynamic Group rule.
Thanks, I was trying to avoid having to set specific versions but if that's my only option then so be it. I think I will use "does not contain" and then use the latest package version and for the OS name I will use "contains" "Windows" and I will set the software name to EES as I only use EES (Mac/Windows) and EFS for servers.
-
14 minutes ago, Peter Randziak said:
Hello @PuterCare,
1. Prepare the Word plugin to a state before the activation
2. ESET's Advanced settings -> Tools -> Diagnostics -> Enable Protocol filtering advanced logging ; confirm by OK
3. Start the Word plugin that communicates with a remote server to activate itself
4. Disable the logging from the step #2
5. collect the logs by ESET Log Collector
6. upload the logs to a safe location and send the download details to me and @TomasP to check.
OR
The dev team implemented multiple fixes to attempt to resolve the issues reported and built a new Internet protection module 1413 in case you would like to try how it behaves, sent a private message to me and @TomasPwith a reference to this topic and we will share it with you so you can check how it behaves.
Peter
Thanks @Peter Randziak @TomasP, I have PM'd you the link to logs.
-
I noticed there are some resent threads but they seem to concern emails/web browsing and SSL so not sure if this is related. I had a call from a client who have EES managed by us via ESMC. They have a Word plugin that communicates with a remote server to activate itself, it has always worked fine with Eset but now there is an error "The secure connection to the activation servers failed due to a TLS or certificate error".
If I change the Word application filter action from "Auto" to "Ask" and open Word then I see the Eset message, if I click ignore then it will activate fine, if I click scan then it will block. I can set up an exception but I need to work out if the issue is Eset or the certificate as this plugin is used by a lot of their clients who I do not manage so I can't add exceptions for them.
The certificate is trusted and valid. Do you know which logs I need to inspect to get more info about what is causing this? The option for corrupt certificates is set to block but I don't know how to check for a corrupt certificate.
Thanks
-
3 hours ago, Miami said:
Using "not regex (7.3).*" could work.
This seems to work, thanks.
EDIT: Actually, it just shows macOS clients as they are on pre v7, when I get some more time will look into this and see if I need to alter my filters or it might just be only showing non-v7 clients.
-
1 minute ago, Marcos said:
Without thinking how to accomplish that, what about sending an ESMC component upgrade task to all machines? If the machines have the latest version of agent, nothing will be done. On machines where agent is not up to date, it will be updated.
Thanks, that is what I do already but I just wondered if there was a way to use a dynamic group so I can set up an automatic task just like I do for when an unactivated client joins to auto-activate it. I wasn't sure if running this task to all clients would use resources on the ESMC server or clients unnecessarily.
It seems if we were able to filter the Computers section like we are able to in the reports section then this is easily achievable and also I could use the "does not contain" filter on the software version with a value of "7.3." to list devices that need the urgent update. At the moment I sort my computers list by version and then manually select any that need an update. I know I can filter using specific versions but at the moment my priority is reaching at least 7.3 so we are ready for the various issues on the horizon.
-
Just now, INDUS_MH said:
You currently cannot Update agents via the dashboard, only the Security Software.
To update the agents you have to create a upgrade security management center components task and run that on the outdated machines.
Thanks, this is what I do already but my issue is I can't find a way to create a dynamic group so I can apply the task to only computers running outdated agents. Do you know how to create a dynamic group that only lists outdated agents?
-
Hi all, I am trying to solve a problem I have. On the dashboard of ESMC I can see that there are some outdated agents, if I click the bar chart and select Update Installed Eset Products it says "No ESET products that can be updated automatically have been found". I can generate a report and filter by the outdated status but I can't then run a task based on the report and to do this manually would take too long.
I tried to create a new dynamic group using Application Name filter but then it does not list the Version Check Status filter so I can't then only add devices which are outdated.
Has anyone got a workaround for this or is there another method I am missing? Is there also a way to use filters to show when a product is less than i.e. < 7.3.* ?
Thanks
-
13 hours ago, Ashkaan said:
This does not work. Users are still have constant dropped Teams calls. With the Firewall completely off, it's perfect.
Since I deployed these rules using ESMC I have not had any reports of Teams issues so I'm not sure what is going on for you but if you take the logs and send to Eset hopefully they can help?
-
I just had a reply from Eset tech support and they suggested adding rules for the following, I already had the first two so hopefully the third rule will be what resolves for me. I don't have the systems available to me right now to test.
/Applications/Microsoft Teams.app
/Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app
/Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app/Contents/MacOS/Microsoft Teams Helper
-
2 hours ago, TomPark said:
Hi @PuterCare,
To help us investigate this issue please can you make sure you are running the latest version of ESET Endpoint Security / Antivirus for Mac or ESET Cyber Security / Cyber Security Pro.
ESET Endpoint Security Mac - https://www.eset.com/int/business/endpoint-security-mac/download/
ESET Cyber Security Pro - https://www.eset.com/int/home/cyber-security-pro/download/Once you are running the latest version (if not already) please can you capture logs as per the instructions in the following KB - https://support.eset.com/kb3404
Please submit these logs to your Local ESET Office and they will be able to advise on next steps and investigate the issue for you.
Regards,
Hi Tom, I had updated Eset ES on the systems before trying any of the above so I will try to capture that info now and send to my Eset rep. Thanks
-
On 9/10/2020 at 2:03 PM, Marcos said:
The firewall logic has not changed over years. We assume that Teams has been updated and now works in the way that a connection is initialized by the server. In automatic mode, all outbound communication is allowed and all non-initiated inbound communication blocked, hence a rule for Teams may need to be created. It is beyond us to have a list of all 3rd party applications where the communication is initiated from outside and maintain the rules for them.
I appreciate that it is not possible to track all third party apps but given the popularity or Office 365 and the current need for Teams is there a way to request that the engineering team can track this one?
I am having the same issue here, I have tried setting rules for:
/Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app
TCP&UDP, all ports, all IPs, both directions
/Applications/Microsoft Teams.app
TCP&UDP, all ports, all IPs, both directions
But still Teams will not work properly, as soon as I disable EES firewall it works perfectly. I switched to interactive mode and allowed each connection but they seem to be never ending so the call fails before I can allow them all, there is also no option to remember the action as a rule like on Windows, just "apply action" or "temporarily remember". Is this right?
Thanks
-
I just noticed on a sign-in to ESMC there is a reset token button so I guess this might resend the SMS link to my number so I can add to the app again. Does anyone know if this is the case? Otherwise I will just test it myself but didn't want to cause a probem.
-
Hi all,
In the past when I changed my phone I have been locked out of my Eset accounts that have 2FA enabled as during the phone backup and migration the Secure Authentication entries were not moved over. It's a shame I cannot choose my own auth app as I hate having multiple apps for one task, but I understand Eset are pushing their own product. In the case where I got locked out I had to get help from Eset support which took a bit of time to do.
I have just re-enabled 2FA on ESMC as it is accessible from the WAN and if anyone got in they could cause chaos. During this setup I was not given any backup codes though, does anyone know if Eset will use my mobile number on record to text me a backup code so I can add 2FA to the app on my new phone if I ever get locked out? Just want to make sure that if I am locked out I can get back in quickly.
Thanks
-
3 hours ago, TomTomTom said:
@PuterCare: Hi, where exactly did you make the settings in the portal? Thanks
Try the few "risky" areas on the left pane here:
https://portal.azure.com/#blade/Microsoft_AAD_IAM/SecurityMenuBlade/RiskyUsers
-
-
3 hours ago, John.From.VT said:
An easy fix that worked for me is right-clicking the Detected Items folder that crashes Outlook and deleting it (then deleting the folder in Deleted Items as well).
Not sure why a user or two had duplicates but this corrected it for them.
Outlook 2016 MSI using cached Exchange mode and EES 7.2.2055
I had deleted the duplicate folder in OWA but when loading Outlook again they reappeared but I just looked and at the moment I only have one Detected Items folder in Outlook so perhaps whatever was causing this is now resolved!
-
I updated to 7.2 (was on 7.1), closed Outlook, disabled both those options, applied, opened Outlook and when selecting one of the Detected Items folders it was fine but when selecting the other it crashed Outlook again. I can't say if the flashing has been fixed as I only had a few minutes spare to test this for you.
ESMC - EES versions missing, Package not found in repository error, no update option
in ESET PROTECT On-prem (Remote Management)
Posted
My issue resolved itself after a few hours but the techs advised I move to ESET Protect so I am setting up the new VA and pulling the DB across today.