-
Posts
19 -
Joined
-
Last visited
About product_manager_8
-
Rank
Newbie
Contact Methods
-
Website URL
eset.com
Profile Information
-
Gender
Male
-
Location
Slovakia
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
Cloud Office Security Detections
product_manager_8 replied to jeifabdi's topic in ESET Cloud Office Security
Hi @jeifabdi, it is possible that someone is impersonating the "support" email but the real "from" address is actually different. If you have these emails in quarantine, go there, click on any one of them that says it´s coming from "support", and once you´re in the email´s detail page, you will see a link that says "show headers". If you click that, you will see the email headers and you can compare whether the "sender" field and "return path" fields are the same. If they are completely different, even on a different domain, it is likely that somebody is trying to impersonate the support sender. -
Peter Randziak reacted to a post in a topic: Ecos does not scan .tar attachments
-
Ecos does not scan .tar attachments
product_manager_8 replied to mathisbilgi's topic in ESET Cloud Office Security
Hi @mathisbilgi , ECOS scans .tar archives so it is surprising it would not scan this one. If you have logging of clean objects turned on in your policy, you can go into Scan Logs and see the detail of the log and it should say what the result and the reason was. There may be cases when it would not be scanned, such as if the archive is password protected. But it would be helpful in diagnosing the problem if you could let us know what the detail says. thank you -
Peter Randziak reacted to a post in a topic: Questions about ECOS
-
New Insallation of Cloud Office - Auto-protected Users
product_manager_8 replied to MDE's topic in ESET Cloud Office Security
Hi @MDE, if you enable protection for the entire tenant or a group, it will automatically protect new users added to that tenant or the group. To do this, please navigate to License Management page from the side menu, pick a site with available licenses and click on it, then on the next screen you will see button saying "Protect" which when clicked will pop up a dialog where you will see the list of tenants and groups. You can check the tenant or a group you want to auto-protect and then click on "Protect" and the auto-protection is going to activate. I hope this helps. -
product_manager_8 started following ESET Cloud Office Security
-
product_manager_8 started following Questions about ECOS
-
There are pros and cons to everything If there is a gateway in front of the mailbox, and the gateway is out of order for whatever reason, the email may not get delivered at all as it could remain stuck at the gateway and would not be forwarded to the mailbox. On the flipside, with API security solutions, if that solution goes down, the email gets delivered, but it wouldn´t be scanned. Of course this is an edge case, but still something to think about. I don´t know about our competitors but when we onboard a new tenant (which is extremely easy and short), we only request minimal permissions necessary for ECOS to work. And you can also revoke them at any time if you want. I am not trying to convince you to choose ESET for your mail security, but I want to make sure you make an informed choice. If you decide to go with a competitor, and we end up releasing a gateway in the future, I hope we can win you back as our customer
-
Hi @ShaneDT, my apologies for the delay, I usually get automatic notifications for new threads but did not this time for some reason. To answer your questions, you are correct, ECOS is licensed per user. Shared mailbox is still seen as a user so you will need a license to cover it. But if you purchase ECOS as part of a bundle, you will get 10% extra licensed seats which should cover these cases. Distribution groups cannot be protected as they do not have their own mailbox. However, if your distribution group has 5 members and all of them are protected, the emails sent to them will be scanned as they land in each user´s mailbox. You are correct about the architecture of ECOS, that it gets GraphAPI notifications after the email is received. In 99% cases, this happens within 1-2 seconds and then the email gets scanned. We also check for missed notifications because as you mentioned, we are relying on MS to send the notifications. We are currently evaluating all options, including addition of a secure email gateway, similar to what our ESET Mail Security for Exchange is for on-prem. The market however is moving away from these kinds of traditional solutions but that does not mean you won´t see one from us in the future. I will use your valuable input in our discussions about future improvements/products.
-
Peter Randziak reacted to a post in a topic: The User disappears after changing its status.
-
The User disappears after changing its status.
product_manager_8 replied to Saado's topic in ESET Cloud Office Security
Hi @Saado , there is a toggle switch on the Settings page (see screenshot below) that toggles visibility between all users vs. users that have a valid M365 license. If this user was protected before but his M365 license was suspended, yet ECOS protection was still active, they would still show up in the interface. But once you unprotect them, the filter is applied and they are not displayed anymore. Try turning this toggle switch off and see if the interface displays this user in your list again. Thank you for your business -
Mail Quarantine Report - Entire Tenant
product_manager_8 replied to JasonT's topic in ESET Cloud Office Security
you are very welcome @JasonT, I can confirm we are now working on this, so it should be fixed in one of the upcoming releases. -
Mail Quarantine Report - Entire Tenant
product_manager_8 replied to JasonT's topic in ESET Cloud Office Security
Hi @JasonT, we did some investigation and you are correct, it is not possible to apply this to the entire tenant right now. I am adding this as an improvement to our ECOS roadmap. Thank you for bringing this up. -
Mail Quarantine Report - Entire Tenant
product_manager_8 replied to JasonT's topic in ESET Cloud Office Security
Hi @JasonT, I will look into it and let you know. -
User unable to release email from quarentine
product_manager_8 replied to Daryl's topic in ESET Cloud Office Security
Hi Daryl, could you please check audit log and see if the email has been previously released by any chance? Thank you -
ECOS SLOW - BIG TENANT O365
product_manager_8 replied to vanroy's topic in ESET Cloud Office Security
Hi @vanroy thank you for your reply, this is helping us to narrow down the issue and we are currently looking at what might be causing this behavior for you and how to solve it. Thank you for your patience and I may follow up with another message asking for more information if needed. -
ECOS SLOW - BIG TENANT O365
product_manager_8 replied to vanroy's topic in ESET Cloud Office Security
Hello @vanroy can you please describe where do you feel it is slow? Slow loading pages, or slow to protect users? We want to understand exactly what the problem is so that we can help you. -
Quarantine malware reports
product_manager_8 replied to SLeger's topic in ESET Cloud Office Security
Hi @SLeger, we looked into this and I have some follow-up questions to make sure I understand your workflow correctly. Currently, when setting up the mail quarantine report source, you also select the report recipients in one step. So each user you select when setting up the reports, gets notified about the e-mails in their own mail quarantine (only). If I understand this correctly, you would like to have an option for admins to receive one report for all users´ emails currently waiting in the quarantine and so that you can release them sooner, without the user having to do it themselves? Do I understand this right? Thank you -
Peter Randziak reacted to a post in a topic: ESET Cloud Office Security vs ECP
-
ESET Cloud Office Security vs ECP
product_manager_8 replied to Vitor's topic in ESET Cloud Office Security
Hi and thank you for posting your question. You are correct, there are some policies that may overlap. Office 365 protection cannot be completely disabled, so you are always partially dependent on the setup in the Office 365 admin panel. In regards to knowing what policy is applied, think of it in two stages - Firstly, the O365 policy is applied and ECOS comes in after. For instance, if the O365 policy is set up to delete spam right away, ECOS will not even see this email and it can´t therefore even apply any policy and perform specified action. On the other hand, if O365 is set up to let everything pass through, then ECOS will apply policies to emails it receives. Because of Office 365´s design, ECOS acts as a second layer of defense. I hope this answers your question -
Peter Randziak reacted to a post in a topic: How to optimize spam and phishing detections on ECOS
-
Quarantine malware reports
product_manager_8 replied to SLeger's topic in ESET Cloud Office Security
Hi and thank you for your feedback, I will talk it over with the development team and get back to you.