Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by j-gray

  1. @Marcos The other issue is the proxy/VPN component. We're also finding that even when the service is inactive, it gets reactivated after an OS update and causes issues again.
  2. @Marcos Any updates on this, or a possible timeline? Our hardware orders are all coming in now, and of course new hardware is coming with Big Sur installed, so our problems are increasing rapidly. Thank you.
  3. Thanks for the information --I appreciate it.
  4. We're currently running ESET Protect on-prem with Windows and OS X licenses for EEA. I'm referencing the EEI Help documentation, but a little unclear on some details. Could someone please walk me through what it would look like to add Enterprise Inspector so we have full EDR? I gather we would run up a new/separate server for EEI in addition to our existing EP server. Install EP agent on EEI server, then deploy EEI server via EP console. I also gather that clients will need two agents (one for EP and one for EEI)? I don't entirely understand deployment and management from there. Can I use a single web console to deploy both agents and manage all policies? Or do I need to deploy EP agents from the EP console and EEI agents from the EEI console? Is all information aggregated into a single console? Appreciate any pointers or clarification. TIA
  5. Out of curiosity, the EP Antivirus and EP Security feature matrix shows that EP Security has "Component-based installation". Does this mean that we can choose to not install components that are not needed as we're discussing here?
  6. ARD might be a suitable workaround for smaller organizations. Unfortunately, it requires too much manual intervention and constant babysitting to be viable in a larger environment. We need a solution that is both reliable and can be automated.
  7. We use JAMF to deploy the agent, then ESMC installs the client automatically once the agent is installed.
  8. Yes, it's very problematic. On our clients, once the proxy piece is installed on any Big Sur system, it breaks the internet connection. Even though it's supposed to be disabled. If a client chooses not to allow it, the internet connection works, but the ESET icon shows an error state. Even though it's supposed to be disabled. If a client allows it, the internet connection does not work. The service has to be set to inactive in order for everything to work. This is an issue that really needs some attention and thought. For those of us with a large client base, manual interaction and intervention on a regular basis is not feasible.
  9. Unfortunately this isn't a viable option for us given we have 600+ OS X endpoints. As @karlmikaeloskar indicated, it would be awesome to have the ability to build and deploy packages without specific components.
  10. Thanks for the reply. We use web mail, which already has malware, phishing, spam, etc. protection. My understanding is that ESET mail protection is specific to IMAP and/or POP, which we do not use nor allow. We have dedicated appliances that handle web filtering and malware. Regardless, the proxy piece causes pop-ups for the end users that require interaction, causing confusion and support calls. Even with JAMF we haven't been able to allow and/or suppress these. It's quite an annoyance for a feature that we don't need or want.
  11. We don't use the email and web components of the client and have them completely disabled. However, the network proxy piece still gets installed and causes issues for our end-users Is there a policy setting that disables or removes the proxy? Alternatively is there a way to uninstall this piece or have it not install in the first place? TIA
  12. I need to find all OS X workstations that are missing a specific app and need to know the assigned user so that they can be contacted. Also need to include the OS version, so that we can work with the specific user to update/replace the device as needed.
  13. @MartinK; thank you -somehow I missed that. I'm not very familiar with reports. It seems like once I pick a Table Column or two in the Data section, the remaining data columns to select become quite limited. So for example, I'm able to choose 'logged users', 'computer name', and 'IP address', but then I don't have the option to choose connection time, OS version, or some other required info. Is this by design?
  14. Also, looking over the report options, I don't see a way to pull a report of systems in a Dynamic group, only Static groups. If I could do that, I could get at the info I need based on the Dynamic group I created that is missing the specific software.
  15. I need to generate a report that shows all computers without a specific piece of software installed that also includes the 'assigned user'. I can create a dynamic group that shows systems without a specific app installed (using the 'nor' function). I can export this to csv with the required details, except there's no way I can see to include the user info. Reports don't seem to have an equivalent 'nor' function like the dynamic groups do so while I can pull user info, I'm unable to pull systems without specific software. Am I missing something obvious? Any help appreciated.
  16. @MichalJ Thanks for the explanation, makes sense. It's just annoying to have to use a second product with a second account to manage the primary product. I didn't look closely enough to determine if hardware fingerprints were an issue for us. It was primarily that systems had been out of contact for 1,000 to 2,000+ days, but had not been automatically removed from the console. So long as that piece gets fixed, we should be good.
  17. Thanks for the clarification. I found it to be quite confusing. In part, because now I have to manage on-prem (ESET Protect) licenses in the cloud. And my password for ELA did not work, so I had to go to EBA to reset the password to be able to log into ELA. It feels like a step backwards to have to use a second/additional product (cloud) to manage licenses the for primary product (on-prem). And even a further step backwards when the second product is not working reliably. In the meantime, I've manually deactivated those machines that haven't been online in over 1,000 days. Thank you.
  18. @Marcos Thanks for the reply. Yes, I contacted support and learned that I had to use Cloud Protect to manage these. I then had to migrate from ESET License Administrator to Protect Cloud. Just got that completed. However, new question: the settings are configured to deactivate after 365 days. However, I have a number that are >1,000 days. I'm not sure why these aren't getting removed. Is there a way to force this cleanup, or do I have to do it manually?
  19. ESMC shows license count at 1584/1600. The console shows a total of 1334 clients and 184 of those show 'no status', so we only have 1150 installed clients. So we should have 434 licenses free. The License Management section shows successful recent synchronizations. I thought there used to be a setting to release licenses when clients are removed (after 90 days of inactivity) from the console. How can I release these licenses that aren't in use?
  20. Yes, ideally we would like to build a package that excludes the components that we don't use (e.g. Media Control, Device Control, Personal Firewall) and have a leaner client. I doesn't look like there's a way to do this en-masse, only when performing a local/manual installation.
  21. Yes, statuses are disabled by policy for these components. Clients do not see a warning about them being disabled. It's in the case of the Big Sur clients where they see the error state pertaining to the system extension for Web and Email protection. From what I gather, even though web and email protection are not enabled by policy, the web and email system extension still needs to be allowed. This is unfortunate, as it appears the only way to resolve this is with a third-party application (MDM).
  22. @Matus If I understand correctly, the only way to allow system extensions and full disk access is via MDM? It's not possible via ssh/terminal? Regarding components, we disable all 'Web and Email' components via policy. In the GUI they show as disabled/grayed out, so should not be causing errors or warnings. We do this for several reasons.
  23. @Matus is there a way to approve this via terminal command? On the client, the GUI shows 'Security Risk'; "Web and Email protection is non-functional" Of course, we do not enable these two components, so we wouldn't expect to see the error. Nonetheless, users see the error status and error messages.
  24. On two systems showing this error, I uninstalled the AV and then reinstalled it. I still get the same error messages in the console for each client. Any suggestions on how to clear this error status?
  • Create New...